Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By MattenMad on
Hi!
I am looking for a drupal module. I want to upload files to the system and give access to them. But I want to decide which user gets access to which file. Best thing would be something like this:
1. Upload files
2. Choose users which get access to the file
3. User gets notified or the download gets displayed on the users profile
Does anyone know how I can make this work?
THX!
Comments
As folder specific
As folder specific permissions cannot be set at drupal level because those are OS level restrictions.
I would prefer to create a content type and the page of that node should contain the download link.
--
Qasim Zeeshan
http://qasimzeeshan.com
I've already thought about
I've already thought about that, but then I would have to create a content type for every user and set its access rules. Is there no easier way to get that?
No, just add a content type
No, just add a content type and use edit permission as "Edit his own node"
--
Qasim Zeeshan
http://qasimzeeshan.com
Ok. I'll try that! Thanks so
Ok. I'll try that! Thanks so far!
Use his own node would only
Use his own node would only apply to nodes created by the user correct? Is there s a similar setting for "hide" if not user referenced on the user reference field?
Hide is something not
Hide is something not considered secure. You mean it should be accessible but it should be hidden? Is that what you mean?
--
Qasim Zeeshan
http://qasimzeeshan.com
Regarding hide not being
Regarding hide not being secure, they would ultimately be able to get to the file if they new the path right?
That's what Drupal's private
That's what Drupal's private file system is for.
Contact me to contract me for D7 -> D10/11 migrations.
Correct me if I am wrong but
Correct me if I am wrong but they make it seem like it is supposed to be living hell to switch file permission methods once your site is up and running?
It is - but it hasn't been
It is - but it hasn't been said whether this site is going or not.
Worst case scenario, this module could be built with its own private file system.
Contact me to contract me for D7 -> D10/11 migrations.
Yes. My site is not actually
Yes. My site is not actually in production yet.
I have to build some sort of module anyway though to get the user permissions to work correctly don't I?
If I have to go through this hassle anyway, would it be best to just put the files in a different directory (which they are) and then set the permissions?
You know specifically what causes the switch to be so bad? Does it break all of the links?
Yes, it breaks all links.
Yes, it breaks all links.
Contact me to contract me for D7 -> D10/11 migrations.
So I'm thinking that is not a
So I'm thinking that is not a viable option?
I will need to write a custom module to handle the node access. In the process of doing that, I would have to try and handle the file level permissions with that script?
For instance, hide the nodes and then take away the access for the "internet user" on the directory holding the files? Then use the module to authenticate with a different user that does have access and then bring up the file if the node access permissions are met?
You would have to set up the
You would have to set up the content type to accept references to users, storing their UID. Then you set up hook_node_access_records with a realm of 'View File List' (or whatever - this is arbitrary), and I would suggest setting the GID to the NID of the node.
Then you set up hook_node_grants(). You would first query all the NIDs that the user has permissions to see, then create an array with one index for each NID, setting the GID for each index as the NID.
This is returned to Drupal which will then check if the node being viewed has a reference inside the array returned from hook_node_grants(). If it does, it will grant access.
Contact me to contract me for D7 -> D10/11 migrations.
Well, this seems a bit over
Well, this seems a bit over my head but everything does the first time.
I will chew on this...
What do you think about
What do you think about Bitcache combined with FileFramework ?
http://drupal.org/project/bitcache
http://drupal.org/project/fileframework
It's possible, to store files as binary BLOB in a database or "hide" files stored on filesystem behind hashed URLs.
It's very unlikely that someone may just "guess" the hashed path of a certain file, so it's somewhat more secure than direct mapping.
Maybe that's a good starting point for developing a custom module?
_
I didn't read through all the replies, but based on what you described in your op, this shouldn't nearly as complicated as this many comments would suggest: