All core entities except File implement a createAccess() override. As the default return value of Entity::access is TRUE, this leads to the problem that the value for File is always TRUE - ignoring "create files" permission.
Our assumption is currently, that not creating that override when adding entity_access in #3011 was an oversight.
I'm not sure if this is a bug or a feature request. Feedback is welcome.
Also related: #4975 - TRUE is a dangerous default value, anyway.
GitHub Issue #:
5479
Recent comments
Hi ian, so, in your case all the other admin pages work fine, including the status page, only admin/reports/updates fails? But you can access admin/reports? Weird... I...
Update Report thows "Access denied You are not authorized to access this page."
The File (Field) Paths module should be able to move existing files. I've not tested it, but the module description says: Retroactive updates - rename and/or move...
Moving from /files into subdirectories
Yes indeed. We are exploring a few other more costly options, but as we are a low-resource start-up, we could save a lot of money by integrating Backdrop, CiviCRM and Ubercart for our membership...
UberPOS for Backdrop?