Upgrade from Yii 2.0.11

Hello. I have a question conserning the Upgrade from Yii 2.0.11

yii\filters\AccessControl now can be used without user component.

In this case yii\filters\AccessControl::denyAccess() throws yii\web\ForbiddenHttpException and using AccessRule matching a role throws yii\base\InvalidConfigException

As there is only one method mentioned (denyAccess) i do assume that this mentioned method potentially throws the ForbiddenHttpException and ForbiddenHttpException. As far as the phpdoc does not show any possibility of a InvalidConfigException and i can’t find any source within the denyAccess-method which would throw this exception aswell.

I might be missunderstanding this upgrade-notice or it is in fact unclear. Could someone enlighten me if possible?

AccessControl does not throw InvalidConfigException it is Yii::createObject that throws this error, I am assuming your config for accesscontrol filter is messed up, can you paste your code here for your filters.