$params is passed from Yii::app()->user->checkAccess(‘role’, $params);
They are not linked to controllers and actions. You can use Yii::app()->user->checkAccess if you want bizRules or access filter if you are just checking roles. It’s the same for modules.
Ok I see… that is kinda clear for me now… but what is still confusing to me is the difference between tasks and operation… they almost look the same to me now.
$auth->createOperation('createPost','create a post');
$auth->createOperation('readPost','read a post');
$auth->createOperation('updatePost','update a post');
$auth->createOperation('deletePost','delete a post');
$bizRule='return Yii::app()->user->id==$params["post"]->authID;';
$task=$auth->createTask('updateOwnPost','update a post by author himself',$bizRule);
$task->addChild('updatePost');
The example creates a operation update a post… and a task update own post, these should be the same thing right? A task update with a bizRule and on a operation manage posts?
But many of the modules do not offer a way to add operations to tasks… So can anybody please explain how these are different as we can make a bizRule on a taks too
A little bit late, but may be this reply will be useful for somebody )
As wiki (http://en.wikipedia.org/wiki/Role-based_access_control) says, RBAC has only 2 concepts: Roles (Yii "Roles") and Permissions (Yii "Operations"). So concept "Tasks" in Yii is just a way to make more clear and flexible hierarchy of authorization items.
You can easy build your access rules without Tasks at all. A bizRule works the same way in Operations, Tasks and Roles.