Permission gate

The permission gate always runs. It checks that the viewer has permission to download from the category, and that the download is in a state they are allowed to see (visible, not deleted, not awaiting approval).

What it checks

The viewer's Download files permission for the category.
The download is visible (not soft-deleted, not awaiting approval).
The download has been published.

Bypass

Moderator permissions automatically pass:

View any deleted lets a moderator see soft-deleted rows.
View any moderated lets a moderator see rows awaiting approval.

This gate cannot be turned off. To allow a user group through, grant them the relevant permission instead of trying to disable the gate.

What the add-on does when this gate triggers

When the gate fails, the request is short-circuited before any file bytes are streamed. Members get the standard "You do not have permission to view this content" error page (HTTP 403). Guests get a log-in prompt redirect. No row is written to xf_mc_dm_download_log.

Audit log

This gate does not write its own audit log entries. The download view page handles its own access denials at the page level.

What it checks​

Bypass​

What the add-on does when this gate triggers​

Audit log​

What it checks

Bypass

What the add-on does when this gate triggers

Audit log