form action rules

I want to create a user form and I want to create a rule that a user with the same cmp_id ($user->cmp_id) can edit this user.

I thing I have to use an expression but how can I do this, the id of user is the $_get(‘id’).

The code of edit simiral is as the crud function of Yii is.

$model=	users::model()->findbyPk(intval($_GET['id'])); etc

Maybe I do the test at action?

 public function accessRules()

    {

        return array(


            array('allow',

                'actions'=>array('index','Contact','Login','Logout'),

               'users'=>array('*'),

            ),

            array('allow',

                'actions'=>array('Users','Company'),

                'users'=>array('@'),

            ),

            array('allow',

                'actions'=>array('EditCompany', 'User','EditUser'),

                'users'=>array('@'),

                  'expression'=>$user->type==0

            ),

            array('deny',

                'users'=>array('*'),

            ),

        );

    }

I use this code but it does not work.

I have to validate at function?

 array('allow',

                'actions'=>array('User','EditUser'),

                'users'=>array('@'),

                  'expression'=>($user->type==0 && 


$user->company_id==users::model()->findbyPk(intval($_GET['id']))->cmp_id),

           

            ),

‘expression’ is String

Like:

‘expression’ => ‘$user->id==5’;

I put this and for now it works

 array('allow',

                'actions'=>array('User','EditUser'),

                'users'=>array('@'),

                  'expression'=>"Yii::app()->user->getState('type')==0 && 


Yii::app()->user->getState('company_id')==users::model()->findbyPk(intval(".$_GET['id']."))->cmp_id",

            

            ),