Rbac - separate routes for front and backend

Hi everyone,

new with yii2, I am making web app that has 3 portions, backend, public frontend and "protected" frontend for members.

I’ve setup routes (with help of yii2-admin) that looks something like

"superadmin can all on /*" (i can post detail database entries if that helps)

which means that superadmin can do all on the backend, and it works as expected with login and all.

Now I am creating similar rule for "members", but it would mean that I need to enter same rule for them as well

"member can all on /*" - but only for frontend?

How to separate /* for backend, and /* for frontend?

Or is routes not the best for this setup?

I would use "rules" later for paying and free members, but that I think is straight forward.

How would you make this?


No suggestions?

Is similar procedure perhaps described somewhere already? (i didn’t manage to find similar solution)

Or I must use in each and every controller can() functionality?