For those who feel, the Controller->accessRules() or RBAC (Role-Based Access Control) is too complicated or doesn't want the username(s) to be hard-coded in accessRules(), here is a very simple, easy-to-implement solution.
There are several methods and techniques that come handy in the case you need to call an external resource periodically or if you are waiting for a server push, but I present here an easy and straightforward one using HTML5's Server-Sent Events (SSE).
CButtonColumn in CGridView can be customised to include user built buttons. To learn a great deal about including custom buttons, read this excellent wiki.
This tutorial will show how to call an action from one custom button using AJAX instead of regular GET calls.