tl_form_field::checkPermission PHP Метод

    public function checkPermission()
    {
        if ($this->User->isAdmin) {
            return;
        }
        // Set root IDs
        if (!is_array($this->User->forms) || empty($this->User->forms)) {
            $root = array(0);
        } else {
            $root = $this->User->forms;
        }
        $id = strlen(Input::get('id')) ? Input::get('id') : CURRENT_ID;
        // Check current action
        switch (Input::get('act')) {
            case 'paste':
                // Allow
                break;
            case 'create':
            case 'select':
                if (!strlen(Input::get('id')) || !in_array(Input::get('id'), $root)) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to access form ID ' . Input::get('id') . '.');
                }
                break;
            case 'cut':
            case 'copy':
                $pid = Input::get('pid');
                // Get form ID
                if (Input::get('mode') == 1) {
                    $objField = $this->Database->prepare("SELECT pid FROM tl_form_field WHERE id=?")->limit(1)->execute(Input::get('pid'));
                    if ($objField->numRows < 1) {
                        throw new Contao\CoreBundle\Exception\AccessDeniedException('Invalid form field ID ' . Input::get('pid') . '.');
                    }
                    $pid = $objField->pid;
                }
                if (!in_array($pid, $root)) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to ' . Input::get('act') . ' form field ID ' . $id . ' to form ID ' . $pid . '.');
                }
                // NO BREAK STATEMENT HERE
            // NO BREAK STATEMENT HERE
            case 'edit':
            case 'show':
            case 'delete':
            case 'toggle':
                $objField = $this->Database->prepare("SELECT pid FROM tl_form_field WHERE id=?")->limit(1)->execute($id);
                if ($objField->numRows < 1) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Invalid form field ID ' . $id . '.');
                }
                if (!in_array($objField->pid, $root)) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to ' . Input::get('act') . ' form field ID ' . $id . ' of form ID ' . $objField->pid . '.');
                }
                break;
            case 'editAll':
            case 'deleteAll':
            case 'overrideAll':
            case 'cutAll':
            case 'copyAll':
                if (!in_array($id, $root)) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to access form ID ' . $id . '.');
                }
                $objForm = $this->Database->prepare("SELECT id FROM tl_form_field WHERE pid=?")->execute($id);
                if ($objForm->numRows < 1) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Invalid form ID ' . $id . '.');
                }
                /** @var Symfony\Component\HttpFoundation\Session\SessionInterface $objSession */
                $objSession = System::getContainer()->get('session');
                $session = $objSession->all();
                $session['CURRENT']['IDS'] = array_intersect($session['CURRENT']['IDS'], $objForm->fetchEach('id'));
                $objSession->replace($session);
                break;
            default:
                if (strlen(Input::get('act'))) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Invalid command "' . Input::get('act') . '".');
                } elseif (!in_array($id, $root)) {
                    throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to access form ID ' . $id . '.');
                }
                break;
        }
    }