Two Different Authorizations With Rbac Possible?

Hello, first I have to say that I’m quite new to YII and PHP in general so maybe this is just a misunderstanding of how RBAC in YII works.

In my project using RBAC I want to define roles describing which the different "members" are allowed to do.

After reading the documentation and teh YII Book I should be able to get this working.

But here is where I don’t know how to proceed:

"Companies" should be able to create profiles where users can join the company (like groups in FB). Additionally they should be able to define their own membership roles and what users of the role are allowed to do.


User Roles: Admin, Registred, Guest;

-> Registred Users are allowed to join companies.

User-A = Registred

Company-A Roles: Admin, Member, Tech-Support;

-> Member is allowed to post comments, and follow company news.

-> Tech-Support is allowed to anweser Support-Tickets.

Company-B Roles: Admin, Member, Marketing, Follower;

-> Member is allowed to post comments, and follow company news.

-> Follower is allowed to follow company news.

User-A joins Company-A and Company-B

User-A - Company-A = Member

User-A - Company-A = Tech-Support

User-A - Company-B = Member

So User-A have to different authorization roles one on the level of the whole page = "Registred" and one only related to a specific company.

So is this possible with RBAC or can you give me slight push in the right direction (maybe I just have to make extensive use of bizrules?)?