add role checking to controllers

backend/controllers/DiscountController.php

@@ -14,6 +14,30 @@ use yii\filters\VerbFilter;
  */
 class DiscountController  extends \backend\controllers\BackendController
 {
+	
+	public function behaviors()
+	{
+		return [
+			'access' => [
+				'class' => \yii\filters\AccessControl::className(),
+				'rules' => [
+					// allow authenticated users
+					[
+					'actions' => [ 'index','view' ],
+					'allow' => true,
+					'roles' => ['admin','employee','reception'],
+					],
+					[
+					'actions' => ['create','update'],
+					'allow' => true,
+					'roles' => ['admin'  ],
+					],
+					// everything else is denied
+			],
+			],
+		];
+	}
+	
 
     /**
      * Lists all Discount models.