Backdrop 1.24.0 changes the return values for the File::access() method. Earlier versions of Backdrop core did not support all potential access operations, such as "view" and "download", when using File::access(). Backdrop 1.24.0 and higher now expands the capability of File:access() to match that of the procedural function file_access().

Prior to version 1.24.0:

$file = file_load(10);

// $access would ALWAYS return FALSE for the "view" operation:
$access = $file->access('view'); 

// Instead the procedural version would be needed:
$access = file_access('view', $file);

In version 1.24.0 and higher, these two approaches always return exactly the same value, since the file_access() method now wraps around File::access(). Either approach can be used.

Other changes were also made to the "create", "update", and "delete" operations of the File::access() method. In versions prior to 1.24.0, only user accounts that had the "manage files" permission were given the ability to update files when checking with File::access(). In Backdrop 1.24.0 and later, this permission is checked in addition to those provided by hook_file_access(), expanding access based on other configuration. The procedural function file_access() has always behaved in this way; this is only bringing consistency to procedural and object-oriented approaches.

 

Introduced in branch: 
1.x
Introduced in version: 
1.24.0
Impacts: 
Module developers