Problems With Rbac Business Rules

Hi all,

I am relatively new to Yii and am currently developing my first proper application using the framework. I have been using the Agile Yii book as a reference for part of my project - since the functionality I need is very similar. Largely things are working OK, however I have run into a problem with checkAccess. When I try to check a users role from a view file my view doesn’t render beyond the call to check Access, only things before this are rendered - there are no error messages & nothing is logged to application.log.

This is an example of my call to check access

$params =array("project"=>$model);


    echo 'hello?';


I have configured RBAC using the standard tables & populated the tables with my operations, tasks & roles.

I have another table ‘projectTeam’ Which holds userId, projectId & role.

When I assign a user to a role I am applying the following business rule

$auth = Yii::app()->authManager;      

$bizRule = 'return isset($params["project"])&&$params["project"]->isUserInRole("'.$model->role.'");';

$auth->assign($model->role,$user->id, $bizRule);

The business rule uses this isUserInRole($role) method in the Project model

public function isUserInRole($role){

            Yii::log('into isUserInRole model method');

            $sql = "SELECT role FROM projectTeam WHERE projectId =:pid AND userId=:uId AND role=:role";

            $command = Yii::app()->db->createCommand($sql);



            $command->bindValue(":role", $role,PDO::PARAM_STRING);

            return $command->execute()==1 ? true : false;


I believe the problem is with this function as I have tried executing the function without calling checkAccess and get a similar problem.

If anyone can offer some help I would really appreciate it - this is a project for my degree and my deadline is approaching rapidly! I really need to get this fixed ASAP so I can get on with the other features I need to implement!

Thanks in advance

I seem to have solved part of this problem - using AR methods instead of raw SQL I can now use the isUserInRole function properly, however the business rule is still not evaluating as true.

The new function for isUserInRole is this:

public function isUserInRole($role){

            $user = Yii::app()->user->id;

            $params = array(":pid"=>$this->id, ":uid"=>$user, ":role"=>$role);

            $finder = ProjectTeam::model()->find('projectId = :pid and userId = :uid and role = :role', $params);

            if ($finder != null){

                return true;


                return false;



Any clues why this business rule always evaluates to false?

return isset($params["project"])&&$params["project"]->isUserInRole("owner");

What happens if you run your code above in eval yourself? Bizrules can get a bit tricky sometimes …