Added documentation to AccessControl.

framework/yii/web/AccessControl.php

@@ -13,6 +13,39 @@ use yii\base\ActionFilter;
 use yii\base\HttpException;
 
 /**
+ * AccessControl provides simple access control based on a set of rules.
+ *
+ * AccessControl is an action filter. It will check its [[rules]] to find
+ * the first rule that matches the current context variables (such as user IP address, user role).
+ * The matching rule will dictate whether to allow or deny the access to the requested controller
+ * action.
+ *
+ * To use AccessControl, declare it in the `behaviors()` method of your controller class.
+ * For example, the following declarations will allow authenticated users to access the "create"
+ * and "update" actions and deny all other users from accessing these two actions.
+ *
+ * ~~~
+ * public function behaviors()
+ * {
+ *     return array(
+ *         'access' => array(
+ *             'class' => \yii\web\AccessControl::className(),
+ *             'only' => array('create', 'update'),
+ *             'rules' => array(
+ *                 // allow authenticated users
+ *                 array(
+ *                     'allow' => true,
+ *                     'roles' => array('@'),
+ *                 ),
+ *                 // deny all
+ *                 array(
+ *                     'allow' => false,
+ *                 ),
+ *             ),
+ *         ),
+ *     );
+ * }
+ * ~~~
  *
  * @author Qiang Xue <qiang.xue@gmail.com>
  * @since 2.0