/** * {@inheritdoc} * * If "File entity" module exists, determine access by its provided * permissions otherwise, check if variable is set to allow anonymous users to * upload. Defaults to authenticated user. */ public function access() { // The getAccount method may return an UnauthorizedException when an // authenticated user cannot be found. Since this is called from the access // callback, not from the page callback we need to catch the exception. try { $account = $this->getAccount(); } catch (UnauthorizedException $e) { // If a user is not found then load the anonymous user to check // permissions. $account = drupal_anonymous_user(); } if (module_exists('file_entity')) { return user_access('bypass file access', $account) || user_access('create files', $account); } return (variable_get('restful_file_upload_allow_anonymous_user', FALSE) || $account->uid) && parent::access(); }