Yii

Yii2 - RBAC. Default Roles and Access Control. Doesn't work as it should?

The problem is that AccessControl does not work the same way for standard user groups ('?' and '@') and those defined via PhpManager
Here are the roles defined in the rbac.php file ($authFile)

3 => [
    'type' => Item::TYPE_ROLE,
    'description' => 'Гость',
     ],
2 => [
    'type' => Item::TYPE_ROLE,
    'description' => 'Пользователь',
    'ruleName' => 'UserRule',
    'children' => [
        3,
    ],
],
1 => [
    'type' => Item::TYPE_ROLE,
    'description' => 'Админ',
    'ruleName' => 'AdminRule',
    'children' => [
        2,
    ],
],

Authorization manager settings: by default, all users are assigned role 3 (Guest). Roles 1 and 2 are assigned based on the rules.

'authManager' => [
            'class' => 'common\components\rbac\PhpManager',
            'defaultRoles' => [1,2,3], 
        ],

and, in fact, the controller settings in behaviors

'access' => [
                'class' => AccessControl::className(),
                'only' => ['logout', 'signup','test'],
                'rules' => [
                    [
                        'actions' => ['test'],
                        'allow' => true,
                        'roles' => [2], // Разрешить только для пользователей с ролью "2".
                    ],
                ],
            ],

And now the most interesting and incomprehensible. If I access the Test action as an admin (role 3 ), then I am redirected to the Forbidden page (#403), as it should be, because access is allowed only to group 2 .
But if he accesses the same action as an unauthorized user, i.e. a user with role 3, which is assigned automatically, then Yii issues an empty white page, although the yii\web\User::loginRequired() method should be called . But, if you change the restriction to the action from 2 to '@', then everything works as it should again.
PS You can, of course, refine yourself by adding

'denyCallback' => function (){throw new ForbiddenHttpException(Yii::t('yii', 'Login Required'));}

in behaviors. But this function will always be called, on any error. For example, I did not understand how to display the text of the error through it, and its content, which is necessary for further actions.