过滤器

public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::className(),
                'rules' => [
                    [
                        //当前rule将针对这里设置的action起作用，如果action不设置，默认当前控制器所有操作
                        'actions' => ['login','index', 'view', 'create','delete', 'signup'],
                        //设置action的操作是允许还是拒绝访问
                        'allow' => true,
                        //@认证过的用户都可以访问，？任何人都可以访问
                        'roles' => ['@'],
                    ],
                        //只有post才可以访问
//                        [
//                            'action' => ['index'],
//                            'allow' => true,
//                            //只允许操作action
//                            'verbs' => ['POST'],
//                        ],
                        //只有test1用户才能访问update操作
                    [
                        'actions' => ['update'],
                        'matchCallback' => function ($rule,$action) {
                            return Yii::$app->user->id == 1;
                        },
                        'allow' => true,
                    ],
                ],
            ],
            'verbs' => [
                'class' => VerbFilter::className(),
                'actions' => [
                    'delete' => ['POST'],
                ],
            ],
        ];
    }