I’ve started using RBAC for access control and it works beautifully.
In my system I have 3 levels of administrators: 1) Admin, 2) SuperMod and 3) Mod.
Each administrator type should have the ability to delete any registered user, but only administrators that are of a lower level then him. So for example an Admin can delete SuperMods and Mods, SuperMod can delete Mod and Mod can only delete registered users.
How would I go about implementing this with RBAC?
ATM I am simply doing the check Yii::app()->user->checkAccess(‘deleteUser’) which allows Admins to delete other Admins, Mods to delete Admins, etc.