RBAC and visibility of pages

Hello,

There is something I am not understanding in the RBAC tutorial, it says to add ‘matchCallback’ => function ($rule, $action) {

return User::isUserAdmin(Yii::$app->user->identity->username);

But at the moment both the user and the admin can see the about page




   return [

       'access' => [

           'class' => AccessControl::className(),

           'only' => ['logout', 'signup', 'about'],

           'rules' => [

               [

                   'actions' => ['signup'],

                   'allow' => true,

                   'roles' => ['?'],

               ],

               [

                   'actions' => ['logout'],

                   'allow' => true,

                   'roles' => ['@'],

               ],

               [

                   'actions' => ['about'],

                   'allow' => true,

                   'roles' => ['@'],

                   'matchCallback' => function ($rule, $action) {

                       return User::isUserAdmin(Yii::$app->user->identity->username);

                   }

               ],

           ],

       ],



and here is the main.php:




        <?php

            NavBar::begin([

                'brandLabel' => 'Kollox Forum',

                'brandUrl' => Yii::$app->homeUrl,

                'options' => [

                    'class' => 'navbar navbar-fixed-top',

                ],

            ]);

            $menuItems = [

                ['label' => 'Home', 'url' => ['/site/index']],

                ['label' => 'About', 'url' => ['/site/about']],

                ['label' => 'Contact', 'url' => ['/site/contact']],

            ];

            if (Yii::$app->user->isGuest) {

                $menuItems[] = ['label' => 'Signup', 'url' => ['/site/signup']];

                $menuItems[] = ['label' => 'Login', 'url' => ['/site/login']];

            } else {

                $menuItems[] = [

                    'label' => 'Logout (' . Yii::$app->user->identity->username . ')',

                    'url' => ['/site/logout'],

                    'linkOptions' => ['data-method' => 'post']

                ];

                $menuItems[] = ['label' => 'Add Book', 'url' => ['/book']];

            }

            echo Nav::widget([

                'options' => ['class' => 'navbar-nav navbar-right'],

                'items' => $menuItems,

            ]);

            NavBar::end();

        ?>



Why can we put the role name in the ‘roles’ => [’@’], like this:

‘roles’ => [‘admin’],

or

‘roles’ => [‘user’], as defined in the constants:

const ROLE_USER = 10;

const ROLE_ADMIN = 20;

Thank you,

Ben