All core entities except File implement a createAccess() override. As the default return value of Entity::access is TRUE, this leads to the problem that the value for File is always TRUE - ignoring "create files" permission.
Our assumption is currently, that not creating that override when adding entity_access in #3011 was an oversight.
I'm not sure if this is a bug or a feature request. Feedback is welcome.
Also related: #4975 - TRUE is a dangerous default value, anyway.
GitHub Issue #:
5479
Recent comments
nice find! the links for the most recently updated issues in the core and contrib queues are a great way to stay on top of things—especially now that the feature freeze is just around the corner...
Seeing what issues are new
A simple way — use Field Group to create a container for fields https://backdropcms.org/project/field_group and CSS Flex оr Grid to alignment. You can also create Fieldsets to...
Layout also for /node/add/ forms?
Yes. The are several ways to do this: Install Mail System and select "Testing" for delivery in admin/config/system/mailsystem Install Maillog / Mail developer...
Prevent Backdrop from sending emails