Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By philingle on
Hi
How do I ensure that uploaded files have the same permission as the content that they are uploaded with, or is this done automatically?
For example, say I have a club website, and there is a 'committee page' content type, that is set to only be created, edited and viewed by users within the 'committee members' role. then I am confident that this is private within the committee members.
However if someone then attaches a file to one of these pages then that file has a url and if that url is given to anyone, regardless of their role, they can see the file.
How can it be set up so that the permissions of file attachements is the same as for the pages that they are attached to?
Thanks
Phil
Comments
Hi Phil, there's the siimple
Hi Phil,
there's the siimple access module - http://drupal.org/project/simple_access
that will allow only certain users access to particular nodes. I'm not sure about attachments though.
I just came across this module if it's any help? - http://drupal.org/project/download_access
I've not tried it but might help you out
Good luck!