Leaving all files with access "public", when restricting access via categories?

phunsoft · Post by **phunsoft** » 20 Aug 2025, 20:54

This is about an environment where only administrators in the backend prepare files for donwload by registered users of the site.

"Access" (not "Access rights") is a setting for categories and files.

I understand that "Access" for top level categories is always checked first. Only users in specified (Joomla) group will potentially have access to subcategories or files under that category. Each level of subcategory will be checked for correct group, in order, before file level "Access" is even checked. Finally, file level "Access" is checked for correct group.

Is this correct?

If so, file level "Access" may be left wit default group "Public" with no risk. If any of the categories down the path to the file denies access, there is no way to download the file. Not even by the unique download link.

Still correct?