Using RBAC for forum moderators

I have the ForumModerator permission which is applied to make a user a moderator in a particular forum.

This means I need to have a business rule in the ForumModerator permission which accepts a $forum_id parameter and checks to make sure this user is a moderator in $forum_id.

My question is how is this implemented? When the user is given the ForumModerator permission do I need to add the $forum_id in the data column of the assignment? If so, how does the business rule access the data? What I mean is:

$bizRule=‘return ??data==$params[“forum”]->id;’;

How do I access the data column of the assignment in the business rule?

Perhaps I need a new table to hold the connection between forum moderators and forums?

I’m not sure which is the correct approach. Help, anyone?

Data is a PHP variable passed to bizRule from Yii::app()->user->checkAccess(‘deletePost’, $data).

http://www.yiiframework.com/doc/api/1.1/CWebUser/#checkAccess-detail

So in your case it will be something like:


if(!Yii::app()->user->checkAccess('moderate_forum', array('forum_id' => $forumId))

In bizRule forum_id will be accessible like the following:


$data['forum_id']