1 file.api.php hook_file_download_access($field, $entity_type, $entity)

Control download access to files.

The hook is typically implemented to limit access based on the entity the file is referenced, e.g., only users with access to a node should be allowed to download files attached to that node.


$field: The field to which the file belongs.

$entity_type: The type of $entity; for example, 'node' or 'user'.

$entity: The $entity to which $file is referenced.

Return value

TRUE is access should be allowed by this entity or FALSE if denied. Note: that denial may be overridden by another entity controller, making this grant permissive rather than restrictive.

See also



core/modules/file/file.api.php, line 28
Hooks for file module.


function hook_file_download_access($field, $entity_type, $entity) {
  if ($entity_type == 'node') {
    return node_access('view', $entity);