Describe the bug
The admin user (user with superuser permission) can see all data release files as requested by projects. the issue ere is that not all files are downloadable, the getfile ajax blocks download of files not directly linked to the user in data_release_permissions database table.
To Reproduce
Steps to reproduce the behaviour (attach screenshots if applicable):
I wonder if we should think about creating a File class in LORIS that can map permissions from users to back-end files in a way... because we also just had a similar issue with doc repository.
Like if there was a parent class File.class.inc that has a accessibleBy($user) function. That could always return true for super user, and modules could extend it. DataReleaseFile.class.inc could add custom permissions (e.g. "roles" like this module and issue_tracker have sort of implemented).
It could also be used to enforce certain file extensions. Like you probably shouldn't upload mp4 files to data release.
Anyway, just an idea
i like it
The interface is isAccessibleBy, but yeah, we should. There's already MriFile in the imaging browser.