Login :: Sitemap :: Contacts

 SUMO Homepage > Documentation > Tutorials > Allow/restrict functionality within application
Allow/restrict functionality within application
If you want allow/restrict some functionality in your applications you can use the function sumo_verify_permissions(). This function verify permissions of current user also considering right hierarchy of users and groups (for es. administrators).

Users that are members of group "sumo", independently from access level, can access to all resources of other groups (like root group on Unix-like systems).


sumo_verify_permissions($level, $group, $user)
  • $level    Accept numbers from 1 to 7
  • $group  Accept string or array
  • $user    Accept string
This function return true if all required conditions are satisfied, otherwise return false.

Some examples below:
  • Restrict to a specific level of a group.
    In this example only users of group "group1" with access level >= 3 can execute the restricted functionality:

    if( sumo_verify_permissions(3, "group1") ) 
    {
            # restricted functionality
    }
    


  • Restrict to a specific groups.
    In this example only members of groups: group1, group2 and group3 with any access levels can execute the restricted functionality:

    $groups = array("group1", "group2", "group3");
    
    if( sumo_verify_permissions(FALSE, $groups) ) 
    {
            # restricted functionality
    }
    


  • Restrict to a specific user.
    In this example only user "username" can execute the restricted functionality, no group or access level is required:

    if( sumo_verify_permissions(FALSE, FALSE, "username") )) 
    {
            # restricted functionality
    }
    
Remember that these restrictions are bound from security policies of access points.