Yii Role Based Acces Controle
Question from quite newbie. I generated entity and model, then a CRUD for it using Gii. Default acces rules say that delete action can do just users with admin role. By default we have 2 users defined in UserIdentity.php: admin/admin and demo/demo. Demo is common user and admin is admin user. Authenticating with demo i have "403 forbiden" on delete page. So question is where is set role for these default users???
This is not default users but default roles. You should read about RBAC
It depends on how deep you plan to go with your site security. If you are just trying grant access to specific users from that default users array, you can just configure them through the accessRules method and use the users configuration.
Otherwise, if you actually want a comprehensive role system, you will want to look into RBAC as @oroshnivskyy suggested.
In your access rules array, you need to specify users not roles. Until you start using the RBAC module, you will have no roles assigned. The tutorial for RBAC shows how to define your roles and assign them to users. What it doesn't tell you is where to populate the files. read up about data migrations. That is where I populated my files.