Typically, the script is set within some business logic, and not based on user rights. I mean, your problem is that you are trying to do 3 different use cases in one action. At the very least, this is not correct.

If you really need support for multiple scenarios in one form, then IMHO it will be easier to add support for such a feature in the desired model (or base class).
In essence, you need to override the method getValidators()and add methods to form an array of scripts.

And do not want to look towards the Rights module for the implementation of RBAC in Yii .

Just today I more or less figured out RBAC in Yii. Please tell me what should I do in this situation. There is a Users model that has Username, Password, Email, Rating, Banned, RealName, About fields.
To edit the user profile, the same form is used, some fields of which are hidden depending on the user's rights. The user himself can only change his Password, Email, RealName and About. A user with moderator rights can change all the same fields + banned for any user in the system. Well, a user with administrator rights can change any fields of any user at all.
Everything would be fine, but the number of user groups and their privileges may change. For example, a super-moderator may appear, which can change everything the same as the moderator + Rating.
When submitting data from a form, the AR model saves only the data that is specified in the rules of the model itself. What is not spelled out is ignored. Those. you can’t just hide the fields, because forging any POST request is easy. Here you need to conjure with scripts, but do something like

if (Yii::app()->user->checkAccess('changeUsername') && Yii::app()->user->checkAccess('changeRating')) $model->setScenario('changeUsernameRating');
if (Yii::app()->user->checkAccess('changeUsername') && Yii::app()->user->checkAccess('changeBanned')) $model->setScenario('changeUsernameBanned');