1 file.api.php hook_file_download_access($field, $entity_type, $entity)

Control download access to files.

The hook is typically implemented to limit access based on the entity the file is referenced, e.g., only users with access to a node should be allowed to download files attached to that node.


$field: The field to which the file belongs.

$entity_type: The type of $entity; for example, 'node' or 'user'.

$entity: The $entity to which $file is referenced.

Return value

TRUE is access should be allowed by this entity or FALSE if denied. Note that denial may be overridden by another entity controller, making this grant permissive rather than restrictive.

See also



core/modules/file/file.api.php, line 29
Hooks for file module.


function hook_file_download_access($field, $entity_type, $entity) {
  if ($entity_type == 'node') {
    return node_access('view', $entity);