Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I want to restrict access to files that are served by Storage API.
I noticed that Storage API v1.2 defines functions for access control, although currently they end up returning true always. Is this because the access control is not implemented yet and these are mainly placeholders or is it is something that is already doable and I just need to configure permissions? (Couldn't find how).
Ideally, I want to be able to restrict files depending on the role of the user.
I am currently using the database container.
Comments
Comment #1
jdjeet CreditAttribution: jdjeet commentedSame issue here, I don't see an option to control access to specific files for a certain user as mentioned in module page.
Will post here if I found something. expecting same from the community.
Comment #2
jrao CreditAttribution: jrao commentedI think this is already fixed, at least in 1.5. Storage class's access() method will invoke hook_storage_access to perform access check, storage_core_bridge implements hook_storage_access check by loading the node containing the file, and run node_access('view') on it.