I'm not sure if this is due to a clash with another module I have installed, but I'm having major issues when presenting a public file for download, anybody else having this problem?
The file/*/download?token=xxx links often bring up 'Access denied, not authorised' even for uid=1. File settings are all set to public. Sometimes downloads work for anonymous user, sometimes they work after a permissions rebuild and cache flush, sometimes they work for 1 or 2 files on a page and not others, I can't seem to establish any consistency in the behaviour :(
Seems to be same problem here StackExchange problem

CommentFileSizeAuthor
#4 file_entity_download_link_fix.patch695 bytessambfries
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

johnphethean’s picture

johnphethean CreditAttribution: johnphethean commented
Issue summary: View changes
johnphethean’s picture

johnphethean CreditAttribution: johnphethean commented

Here's some bug reporting after a bit of investigation:
Add document existing in library via WYSIWYG (CKEditor 3.6.6.1.7696) - file display: link.
After browser cache refresh, download works for user 1 but not anonymous
After rebuilding permissions and flushing all caches, download works for whichever role accesses it first, anonymous or user 1, for all documents on that page.
However I tried uploading a brand new document to a page with no other downloads, and that's not accessible to anonymous at all even though I made the destination public.
What's going on there?

ericwongcm’s picture

ericwongcm CreditAttribution: ericwongcm commented

Someone posted at fix here.
https://drupal.org/comment/8173505#comment-8173505

Someone please put this into file entity code.

sambfries’s picture

sambfries CreditAttribution: sambfries commented
FileSize
file_entity_download_link_fix.patch695 bytes

Just ran into this bug myself; here's a patch that will prevent this from happening, and also make sure not to duplicate any other values from the handler's options["alter"] field.

As an FYI, the cause of the issue was the download token for the first file in a view was getting forced onto every other download link generated, which is why access was being denied (even for admin); the token was invalid for any file that wasn't the first one in the view.

Dave Reid’s picture

Dave Reid
he/him
Primary language English
Location Nebraska USA
CreditAttribution: Dave Reid commented
Status: Active » Closed (duplicate)
Parent issue: » #2135361: Dowload links generated on views list share same token preventing files from being accessible

This was fixed by #2135361: Dowload links generated on views list share same token preventing files from being accessible.