I have issues with ACF ‘only’ options because if actions name are incorrect, the actions are allowed.
I have actionTesta, actionTestb
class SiteController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['testa', 'testbb'],
'rules' => [
[
'allow' => true,
'actions' => ['testa'],
'roles' => ['?'],
],
[
'allow' => true,
'actions' => ['testbb'],
'roles' => ['@'],
],
],
],
];
}
// ...
}
Because I accidentally typed wrong action name, now the actionTestb is accessed by all users. Is there a way to fix this issue ?