RBAC 权限验证问题 [ 求助交流 ]

我配置了，RBAC 和 Yii2-Admin之后，所有的Controller是不是应该自动验证权限？

还是需要我在每个方法里面去验证？

我现在没有对用户设置任何权限，但是都可以访问，没有提示权限不足！

我现在是想实现权限的验证，不知道怎么做，请大神赐教！

我的配置如下：

    'modules' => [
        'admin' => [
            'class' => 'mdm\admin\Module',
            'layout' => 'left-menu',
//            'mainLayout' => '@app/views/layouts/default.php',
        ]
    ],

        'authManager' => [
            'class' => 'yii\rbac\DbManager', // or use 'yii\rbac\PhpManager'
            'defaultRoles' => ['guest'],
            'itemTable' => 'auth_item',
            'assignmentTable' => 'auth_assignment',
            'itemChildTable' => 'auth_item_child',
        ],
        'as access' => [
            'class' => 'mdm\admin\components\AccessControl',
            'allowActions' => [
//                'site/*',
//                'admin/*',
//                'some-controller/some-action',
                // The actions listed here will be allowed to everyone including guests.
                // So, 'admin/*' should not appear here in the production, of course.
                // But in the earlier stages of your development, you may probably want to
                // add a lot of actions here until you finally completed setting up rbac,
                // otherwise you may not even take a first step.
            ]
        ],