http://www.yiiframework.com/doc-2.0/gui ... llers.html
Код: Выделить всё
public function checkAccess($action, $model = null, $params = [])
{
if ($action === 'update' or $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException('You can only '.$action.' articles that you\'ve created.');
}
}