CAccessControlFilter matches user's name, not ID

Recently I’m using CAccessControlFilter to do access control. When I use the “user” array as the rule, I notice that CAccessControlFilter compares the given strings to the current user’s name attribute (CAccessControlFilter::isUserMatched()), not id or username. The document of CUserIdentity says “name” is “the display name for the identity”, I think it is not an unique identifier. I guess isUserMatched() should compare user ID.

I’m not sure if this is intentional or a bug, therefore post here first. If this is intentional, can someone explain the rationale? Thanks!

isUserMatched() calls getName() -

The description for getName is clear - Returns the unique identifier for the user (e.g. username).

CWebUser::getName() returns the session variable that is created with CWebUser::login(). The name comes from CUserIdentity::getName(). In short, CUserIdentity::name = CWebUser::name. Why their descriptions are different?