Users and Groups
Every user on SUMO Access Manager has a unique username, and is a member of at least one group with minimum "1" as access level.
A user can also be a member of one or more other groups.
Only a user that is member of group "sumo" with access level longer than "5" can manage (add, modify, delete, etc.) other groups. This user, independently from access level, can access to all resources of other groups (like root group on Unix-like systems).
This table resume access levels used for Sumo framework, it's recommended to use these levels as standard for your applications:
| Access Level | Grant | Description |
| 1 | Unused | |
| 2 | Unused | |
| 3 | View | User can only view a resource |
| 4 | Edit | User can view and modify a resource |
| 5 | Add | User can view, modify and add a resource |
| 6 | Unused | Unused, but user can view, modify and add a resource |
| 7 | All | All permissions (view, edit, create and delete) to all resources in the group |
Access Points
An Access Point is a "point" where an user, a group, or groups of users, is obliged to authenticate itself to
SUMO Access Manager before accessing the application.
Every defined Access Point belong to at least one group.
Only the group membership is required to access to an access point, the "access level" is unused in this case.
If you want manage different level of authorization within a group, you must use a special function in your code described here.
If you want manage different level of authorization within a group, you must use a special function in your code described here.
