CheckPermission::onBeforeAction

public function onBeforeAction(MainEvent $event)
{
	/** @var MainEngineCurrentUser $user */
	$user = $this->action->getCurrentUser();

	$denied = false;
	$accessMessage = '';
	if (!($user instanceof MainEngineCurrentUser) || !$user->getId())
	{
		$denied = true;
		$accessMessage = Loc::getMessage('TRANSLATE_FILTER_ERROR_ACCESS_DENIED');
	}

	if (!$denied)
	{
		switch ($this->checkLevel)
		{
			case TranslatePermission::SOURCE:
				if (!TranslatePermission::canEditSource($user))
				{
					$denied = true;
					$accessMessage = Loc::getMessage('TRANSLATE_FILTER_ERROR_WRITING_RIGHTS');
				}
				break;

			case TranslatePermission::WRITE:
				if (!TranslatePermission::canEdit($user))
				{
					$denied = true;
					$accessMessage = Loc::getMessage('TRANSLATE_FILTER_ERROR_WRITING_RIGHTS');
				}
				break;

			case TranslatePermission::READ:
				if (!TranslatePermission::canView($user))
				{
					$denied = true;
					$accessMessage = Loc::getMessage('TRANSLATE_FILTER_ERROR_ACCESS_DENIED');
				}
				break;
		}
	}

	if ($denied)
	{
		Context::getCurrent()->getResponse()->setStatus(401);
		$this->errorCollection[] = new MainError($accessMessage, self::ERROR_ACCESS_DENIED);

		return new MainEventResult(MainEventResult::ERROR, null, null, $this);
	}

	return null;
}