When oci_osfs overrides private:// and a user tries to download a file
attached to a webform submission, access is denied even if the user has
the 'view any webform submission' permission.
Root cause:
oci_osfs_file_download() returns -1 when the user lacks 'access private
files'. Because Drupal's FileDownloadController treats any single -1 from
any module as a final deny, webform's own hook_file_download() (which
checks submission-level permissions) never gets to run.
auth_mode missing from config schema.
The auth_mode setting was declared in config/install/oci_osfs.settings.yml but absent from config/schema/oci_osfs.schema.yml, causing Drupal's config integrity check to report a schema violation on every site. Added the missing definition.
[#XXXX — oci_osfs.settings:auth_mode missing schema]
settings.php: $config['oci_osfs.settings'] → $settings['oci_osfs.config'] — Drupal no longer auto-overrides the config. The values are stored passively in Settings.
Root causes found and fixed: Issue
1.hook_stream_wrappers_alter() is dead code in Drupal 11 — public:// and private:// were never overridden to use OCI Fix
Added tagged services in oci_osfs.services.yml + created OciOsfsServiceProvider.php to remove core's competing definitions
The problem was that the code was calling \Drupal::settings() a function that doesn't exist in Drupal. I've changed it to use Settings::get() instead, which is the correct way to access settings from settings.php within Drupal.
