Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This is an issue to follow up on the good point that micbar brought up in #1227706: Add a file entity access API.
micbar
In version 7.x-2.0-unstable4 the file_delete function has been replaced with the api function file_delete_multiple, which avoids unwanted validation and usage checking.
If a user has the permission to delete files, we cannot restrain him from deleting files used in nodes. He only gets a notice "(in use)" from the delete confirm form.Couldn't we add another permission, e.g. "delete files in use" and check file_usage_list if a user doesn't have this permission?
Comments
Comment #1
Dave ReidI don't really think this makes sense?
Comment #2
Steven Jones CreditAttribution: Steven Jones at ComputerMinds commentedWhich bit doesn't make sense?
Comment #3
joseph.olstadPatch?
this seems to be related: