Skip to content

RBAC whitelist in config does not allow POST #36

Description

@crimson-med

Hello,

I have added this in config/web.php

'as access' => [
    'class' => yii2mod\rbac\filters\AccessControl::class,
    'allowActions' => [
        'site/*',
        'admin/*',
        'note/*',
    ]
 ],

If I make an AJAX POST request to my controller action.
controllers/NoteController.php

public function actionDelete() {
    echo "hello world";
    die();
}

I will get access denied however if I make a AJAX GET request I have no issue.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions