Problem/Motivation

Since #3387142: PrivateFiles check may fail or give misleading results for alternate stream wrappers, we get this message for the private_files check:

Private files is not enabled.

But we do have $settings['file_private_path'] defined in settings.php.

Steps to reproduce

Add this to settings.php:

$settings['file_private_path'] = '../private/default/';

Run the private_files check.

Proposed resolution

PrivateStream::getUri() seems to always return NULL.
This seems to happen when the stream_wrapper.private is fetched directly from the container.
Using StreamWrapperManager::getViaScheme() instead sets the URI correctly.

Issue fork security_review-3463082

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

prudloff created an issue. See original summary.

prudloff opened merge request !74

prudloff’s picture

prudloff commented
Status: Active » Needs review
smustgrave’s picture

smustgrave commented

May impact https://www.drupal.org/project/security_review/issues/3387142

  • smustgrave committed 3d6c7f5f on 3.0.x 
    Issue #3463082 by prudloff: Private files path is not detected correctly
smustgrave’s picture

smustgrave commented
Status: Needs review » Fixed

Thanks, fixed some phpcs issue but testing it and it still detects for me.

smustgrave closed merge request !74

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.