public function checkPermissions(array $options = array()) { $result = parent::checkPermissions($options); if (!$result && in_array(Controller::$action, array('update', 'display'))) { $result = Controller::$parameters[0] == $_SESSION['BackendUser']->id || Controller::$parameters[0] == 0; //TODO This should go into a permission denied hook if (!$result) { $redirect = '?q=' . class_for_url(get_called_class()) . '/' . Controller::$action . '/' . $_SESSION['BackendUser']->id; Controller::redirect($redirect); } } return $result; }