7.x file.api.php hook_file_download_access($file_item, $entity_type, $entity)

Control download access to files.

The hook is typically implemented to limit access based on the entity the file is referenced, e.g., only users with access to a node should be allowed to download files attached to that node.


array $file_item: The array of information about the file to check access for.

$entity_type: The type of $entity; for example, 'node' or 'user'.

$entity: The $entity to which $file is referenced.

Return value

TRUE is access should be allowed by this entity or FALSE if denied. Note that denial may be overridden by another entity controller, making this grant permissive rather than restrictive.

See also


3 functions implement hook_file_download_access()

Note: this list is generated by pattern matching, so it may include some functions that are not actually implementations of this hook.

comment_file_download_access in modules/comment/comment.module
Implements hook_file_download_access().
node_file_download_access in modules/node/node.module
Implements hook_file_download_access().
user_file_download_access in modules/user/user.module
Implements hook_file_download_access().


modules/file/file.api.php, line 29
Hooks for file module.


function hook_file_download_access($file_item, $entity_type, $entity) {
  if ($entity_type == 'node') {
    return node_access('view', $entity);


jonhattan’s picture