Admins/logged-in-users are able to set the current access control when they upload a file. Three types of access are: public, private and logged-in-users:
public: files uploaded can be viewed and accessed by users who are not logged in
private: no one will be able to view the files uploaded except for user and admin
logged-in-users: only logged in users and admins are able to view and access the uploaded file.
Functionality
Files that are uploaded can be viewed and accessed in regards to the access control set by the user.
Hence, when a public user(not logged into account) can view and access the uploaded file which access setting has been set to public, but will not be able to see the files which control access setting has been set to either 'private' or 'logged in user'.
Task
What I would like to do is to change the control access, such that public users (not logged into account), cannot view or access the uploaded file. Hence, even if the user has set the control access setting to public, non-logged in user cannot view and access that uploaded file, therefore, all the public user can see is an empty list.
Therefore, I would like to ask is should I be changing the Elgg framework within the directory /Elgg/views/default/output/access.php to achieve the desired outcome or can I change it within the view of the plugin mod: Elgg/mod/plugin/views/default/object?
Elgg is designed to be plugin-centric, so the proper approach is to create your custom plugin that will override elements you need from core and 3rd party plugins alike. We explain motivation here: http://learn.elgg.org/en/1.12/guides/dont-modify-core.html
What I understand, you wan't to force files to be restricted to logged-in users or more. There is an access level for that already, you just need to enforce it.
We need to change two elements:
Ad. 1 You could override the view forms/file/uploads
and replace call to input/access
with custom version that filters unwanted values. It's better than altering input/access
view that's used all over the place.
Ad. 2 You can either override whole file/upload
action (which is nasty due to copying ton of logic) or just use plugin hook that will do additional control. Here you have the hook that allows you to break action when you detect invalid input value: http://learn.elgg.org/en/1.12/guides/hooks-list.html#action-hooks