Rbac Permissions

Need help understanding the permissions.

I have a test app setup along the guidelines of the Trackstar app.

Data

The roles are owner, member, reader and admin

ProjectUserForm.php via function assign() adds the bizRule to the tbl_auth_assignment to get the following data

itemname, userid, bizrule, data

‘admin’, ‘8’, NULL, ‘N;’

‘member’, ‘10’, ‘return isset($params[\“project\”]) && $params[\“project\”]->allowCurrentUser(\“member\”);’, ‘N;’

‘owner’, ‘9’, ‘return isset($params[\“project\”]) && $params[\“project\”]->allowCurrentUser(\“owner\”);’, ‘N;’

‘reader’, ‘11’, ‘return isset($params[\“project\”]) && $params[\“project\”]->allowCurrentUser(\“reader\”);’, ‘N;’

In the tbl_auth_item_child I have

owner createProject

admin owner

Problem

When I am in the context of a project

The following code in project/view.php works fine.

    if(Yii::app()->user->checkAccess('readProject',array('project'=>$model)))


    {


        $this->menu[] = array('label'=>'List Project', 'url'=>array('index'));


    }

But if I’m in project/index.php, the following code doesn’t work as expected.

    if(Yii::app()->user->checkAccess('createProject'))


    {


        $this->menu[] = array('label'=>'Create Project - Auth', 'url'=>array('create'));


    }

how to get this to work as there is no project in context.

The only role that shows this menu is ‘admin’ I would expect owner to as well.