"User 'B2' balongs to 'B' group and can do what group 'B' and can delete news."
User 'B2' can sth more than only that what group 'B' can.
Try something like this:
$auth=Yii::app()->authManager;
// create operations
$auth->createOperation('viewNews','view news');
$auth->createOperation('createNews','create news');
$auth->createOperation('deleteNews','delete news');
// create role B and assign operations
$role=$auth->createRole('B');
$role->addChild('viewNews');
$role->addChild('createNews');
// assign role B to users B1 and B2
$auth->assign('B','B1');
$auth->assign('B','B2');
// add additional operation to user B2
$auth->assign('deleteNews','B2');
For more information please take a look at chapter 7.2.4 of the YII Guide.
"User 'B2' balongs to 'B' group and can do what group 'B' and can delete news."
User 'B2' can sth more than only that what group 'B' can.
Try something like this:
$auth=Yii::app()->authManager;
// create operations
$auth->createOperation('viewNews','view news');
$auth->createOperation('createNews','create news');
$auth->createOperation('deleteNews','delete news');
// create role B and assign operations
$role=$auth->createRole('B');
$role->addChild('viewNews');
$role->addChild('createNews');
// assign role B to users B1 and B2
$auth->assign('B','B1');
$auth->assign('B','B2');
// add additional operation to user B2
$auth->assign('deleteNews','B2');
For more information please take a look at chapter 7.2.4 of the YII Guide.