If we don't have access to the form but are showing it anyway, ensure that the form is safe and cannot be changed from user input.
This is only called by child objects if specified in the buildOptionsForm(), so it will not always be used.
protected function checkAccess(&$form, $option_name) {
if (!$this
->access()) {
$form[$option_name]['#disabled'] = TRUE;
$form[$option_name]['#value'] = $form[$this->option_name]['#default_value'];
$form[$option_name]['#description'] .= ' <strong>' . t('Note: you do not have permission to modify this. If you change the default filter type, this setting will be lost and you will NOT be able to get it back.') . '</strong>';
}
}