I had a problem with the cache of CWebUser::checkAccess(), I made my own AuthManager in which I have overwritten the CheckAccess() method.
On each call to CWebUser::checkAccess() I pass a parameter (in the $params array) called ‘accessLevel’, which can be ‘read’, ‘write’, etc. Now when a user has ‘read’ access but no ‘write’ access, it goes wrong:
if I first check if the user had read access and then check if he/she has write access: both return true
if I do it in opposite direction: both return false.
This is because the cache only checks the $itemName and $userId parameters, but not the $params array. So according to the cache the call CWebUser::checkAccess(‘itemX’, ‘1’, array(‘accessLevel’ => ‘read’)); is the same as CWebUser::checkAccess(‘itemX’, ‘1’, array(‘accessLevel’ => ‘write’));
My question: why is the $params array not important in caching? Is this intentional (and/or am I doing something wrong?) or is this a bug?
P.S. my problem is fixed by turning caching off and implementing my own caching, so don’t worry about that