Closed (works as designed)
Project:
File Entity Permissions
Version:
7.x-2.x-dev
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
14 Jul 2013 at 13:23 UTC
Updated:
18 Jul 2013 at 12:04 UTC
Title says it all.
I cannot get this module to work.
Setup:
Drupal 7.22 (standard install)
file_entity: 7.x-2.0-unstable7+88-dev
file_entity_perms: 7.x-2.x-dev
public file method = default
private files are above the root: ../private-files
Once I enable the by-role access restriction, it results in "Access Denied" on any file that it is enabled on when viewed at its direct link (ie. system/files/PATH/TO/FILE.pdf)
However, if I do not select role access restriction, and I have the patch applied here: https://drupal.org/node/2031919 - set the anonymous permission to "View private files" - the files are accessible. This of course, does not provide any protection if the user has the direct link.
This module, when I can make it work, provides the exact file protection I need to restrict file access per-file, per-role. I feel like I am missing something obvious or there would be more people complaining.
Comments
Comment #1
Ravenight commentedTurns out this is related to Varnish settings and if you cache the file types in the .vcl settings it causes the issue above to occur. To fix: remove the file type from the .vcl settings file or use the default .vcl config file and everything will work.