Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
hook_file_download() should return
If the user does not have permission to access the file, return -1. If the user has permission, return an array with the appropriate headers. If the file is not controlled by the current module, the return value should be NULL.
but Video calls drupal_access_denied.
This leads to a sort of double page and errors like "Warning: Cannot modify header information - headers already sent by ..." in the logging.
Patch attached to change it to return -1 in stead.
Comment | File | Size | Author |
---|---|---|---|
#4 | denied_access_to-1924378-4.patch | 604 bytes | anrkaid |
video-file_download_denied.patch | 670 bytes | JvE | |
Comments
Comment #1
JvE CreditAttribution: JvE commentedComment #2
brycefisherfleig CreditAttribution: brycefisherfleig commentedComment #3
ydahiGreat, was running in to this issue - patch works perfectly fine.
Video 7.x-2.11
Comment #4
anrkaid CreditAttribution: anrkaid commentedActually, user can have access to the converted version (for example, preview) and not have access to the original file.
Therefore, video_file_download() should return NULL in this case instead of '-1', because '-1' value means 'discard other modules overrides & deny access'.
Comment #5
heshanlkComment #6
JvE CreditAttribution: JvE as a volunteer commentedThis issue was fixed in #2320777: Allow other modules to grant or deny access to converted videos.