/** * Checks the access based on the default roles as declared in {@link defaultRoles}. * @param string the name of the operation that need access check * @param array name-value pairs that would be passed to biz rules associated * with the tasks and roles assigned to the user. * @return boolean whether the operations can be performed by the user according to the default roles. * @since 1.0.3 */ protected function checkDefaultRoles($itemName, $params) { $names = array(); foreach ($this->defaultRoles as $role) { if (is_string($role)) { $names[] = $this->db->quoteValue($role); } else { $names[] = $role; } } if (count($names) < 4) { $condition = 'name=' . implode(' OR name=', $names); } else { $condition = 'name IN (' . implode(', ', $names) . ')'; } $sql = "SELECT name, type, description, bizrule, data, cond FROM {$this->itemTable} WHERE {$condition}"; $command = $this->db->createCommand($sql); $rows = $command->queryAll(); foreach ($rows as $row) { Yii::trace('Checking default role "' . $row['name'] . '"', 'system.web.auth.CDbAuthManager'); $item = new CAuthItem($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], unserialize($row['data']), $row['cond']); if ($item->checkAccess($itemName, $params)) { return true; } } return false; }