Example: I want to allow someone to update only specific blog posts.
I would think the rules would be laid out like this, but it doesn’t work:
$auth->createOperation('update_post_category', '', 'return ( $params["category"] == $data["category"] );');
$role = $auth->createRole('PostEditor');
$role->addChild('update_post_category');
$auth->assign('PostEditor', 'username', null, array('category' => 7));
Looking at the Yii code I understand why. But how would I go about implementing this? I could go about adding a bizrule for every assignment, but I think that’s rather bloated; there must be a better way, right?