예제 #1
0
 /**
  * @inheritdoc
  */
 public function checkAccess($action, $model = null, $params = [])
 {
     parent::checkAccess($action, $model, $params);
     if (in_array($action, ['update', 'delete']) && $model->author_id != \Yii::$app->user->identity->id) {
         throw new ForbiddenHttpException();
     }
 }