1 file.entity.inc public File::access($op, $account = NULL)

Overrides Entity::access().

Parameters

string $op: The operation to be performed on the file. Possible values are:

  • create
  • view
  • download
  • update
  • delete

User|AnonymousUser|object $account: (optional) The user to check for. Leave it to NULL to check for the global user.

Return value

bool: TRUE if access is granted, FALSE otherwise.

Overrides Entity::access

File

core/modules/file/file.entity.inc, line 203
Entity controller and class for files.

Class

File
Defines the file entity class.

Code

public function access($op, $account = NULL) {
  $rights = &backdrop_static('file_access', array());

  if ($op == 'create') {
    return self::createAccess($this->bundle(), $account);
  }
  elseif (!in_array($op, array('view', 'update', 'delete', 'download'), TRUE)) {
    // If the $op was not one of the supported ones, we return access denied.
    return FALSE;
  }

  // If no user object is supplied, the access check is for the current user.
  if (empty($account)) {
    $account = $GLOBALS['user'];
  }

  $cid = $this->id();

  // If we've already checked access for this file, user and op, return from
  // cache.
  if (isset($rights[$account->uid][$cid][$op])) {
    return $rights[$account->uid][$cid][$op];
  }

  if (user_access('bypass file access', $account)) {
    return $rights[$account->uid][$cid][$op] = TRUE;
  }

  // We grant access to the file if both of the following conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  $access = module_invoke_all('file_access', $op, $this, $account);
  if (in_array(FILE_ACCESS_DENY, $access, TRUE)) {
    return $rights[$account->uid][$cid][$op] = FALSE;
  }
  elseif (in_array(FILE_ACCESS_ALLOW, $access, TRUE)) {
    return $rights[$account->uid][$cid][$op] = TRUE;
  }

  // Fall back to default behaviors on view.
  if ($op == 'view') {
    $scheme = file_uri_scheme($this->uri);
    $wrapper = file_get_stream_wrapper($scheme);

    if (!empty($wrapper['private'])) {
      // For private files, users can view private files if the
      // user has the 'view private files' permission.
      if (user_access('view private files', $account)) {
        return $rights[$account->uid][$cid][$op] = TRUE;
      }

      // For private files, users can view their own private files if the
      // user is not anonymous, and has the 'view own private files'
      // permission.
      if (!empty($account->uid) && $this->uid == $account->uid && user_access('view own private files', $account)) {
        return $rights[$account->uid][$cid][$op] = TRUE;
      }
    }
    elseif ($this->status == FILE_STATUS_PERMANENT && $this->uid == $account->uid && user_access('view own files', $account)) {
      // For non-private files, allow to see if user owns the file.
      return $rights[$account->uid][$cid][$op] = TRUE;
    }
    elseif ($this->status == FILE_STATUS_PERMANENT && user_access('view files', $account)) {
      // For non-private files, users can view if they have the 'view files'
      // permission.
      return $rights[$account->uid][$cid][$op] = TRUE;
    }
  }

  return FALSE;
}