Createoperation concept not clear (RBAC)

Question

i just read about creating operation for defining the authorization rules...there was a code in the book which is as follows

# protected/controllers/SiteController.php::actionSetup()
$auth = Yii::app()->authManager;
$auth->createOperation('createPage',"create a new page");
$auth->createOperation('updatePage',"update a page");

The first argument is the identifier that specifies the operation uniquely...second is the description of the operation....

NOW my QUESTION is

where is the ACTION attached to the operation..it just consists of the name and the description...?? Even if i assign this operation to a user....how will the rule identify that which action has been assigned to it???

Answer 1

You use the auth manager assign function to give users access to an auth item. See http://www.yiiframework.com/doc/api/1.1/IAuthManager#assign-detail

E.g.

Yii::app()->authManager->assign('createPage', $idOfMyUser);

You can then use the access rules in a controller to control who can perform an action

Like:

   public function accessRules()
   {
         array('allow',
            'actions' => array('create'),
            'roles' => array('createPage')),        
         array('deny'),
      );
   }

Note that Roles, Operations and Tasks are essentially the same thing, they are just a ways of seperating or groping auth items