As you said there is no automatic way for the operations added using RBAC to map to the action methods of the controller?
Does this mean that the operations created with RBAC will probably only ever be used by calling the check access method something like this Yii::app()->user->checkAccess('updatePost') or am I missing something here?
Like in the example taken from the documentation:
$task=$this->auth->createTask('updateOwnPost','update a post by author himself','return $params["authorID"]==$params["userID"];');
I guess in order to use this task you will need to use the checkaccess method inside of the updatePost action method in the post controller, right?
accessRules() is a simplified way of using RBAC. It was originally designed to be used with access control without RBAC. In its 'roles' option, you can put in roles, tasks and operations, in fact. And yes, you may also call checkAccess() inside actions to do finer access control.