From bd424d858d1b6227c60e9c1bcbf42e14e400d2f2 Mon Sep 17 00:00:00 2001
From: Tobias Munk <schmunk@usrbin.de>
Date: Wed, 16 Dec 2015 03:36:20 +0100
Subject: [PATCH] added accessRoles param to configure access control

---
 Module.php                        |  7 ++++++-
 controllers/DefaultController.php | 10 ++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/Module.php b/Module.php
index 8e682bd..754a62b 100755
--- a/Module.php
+++ b/Module.php
@@ -25,7 +25,12 @@ class Module extends \yii\base\Module
      * @var string source language for translation 
      */
     public $sourceLanguage = 'en-US';
-    
+
+    /**
+     * @var null|array The roles which have access to module controllers, eg. ['admin']. If set to `null`, there is no accessFilter applied
+     */
+    public $accessRoles = null;
+
     /**
      * Init module
      */
diff --git a/controllers/DefaultController.php b/controllers/DefaultController.php
index 94ccf69..de62c11 100644
--- a/controllers/DefaultController.php
+++ b/controllers/DefaultController.php
@@ -12,6 +12,7 @@
 use pheme\settings\models\Setting;
 use pheme\settings\models\SettingSearch;
 use pheme\grid\actions\ToggleAction;
+use yii\filters\AccessControl;
 use yii\web\Controller;
 use yii\web\NotFoundHttpException;
 use yii\filters\VerbFilter;
@@ -36,6 +37,15 @@ public function behaviors()
                     'delete' => ['post'],
                 ],
             ],
+            'access' => [
+                'class' => AccessControl::className(),
+                'rules' => [
+                    [
+                        'allow' => true,
+                        'roles' => $this->module->accessRoles,
+                    ],
+                ],
+            ],
         ];
     }