How to combine ghost-access with custom permissions

[ariefbayu]

I have controllers that has ghost-access already configured, how do I add another action with certain permission that is not controlled by action?

Example, I have CommandController.php and ghost-access has if ( User::canRoute($route) ) checking. But, I need to have another permission, eg: 'has feature xyz' that allowed user to open actionTools.

How do I configure my controller?

I set this in behaviours(), but still, ghost-access disallowed me to access.

'access' => [
    'class' => AccessControl::className(),
    'only' => ['has feature xyz'],
    'rules' => [
        [
            'actions' => [
                'tools'
            ],
            'allow' => true,
            'roles' => ['@'],
        ],
    ],

],