The user interface for selecting files checks permissions on the associated datasets, not individual files. However the download components check permission on the individual files. As the underlying model supports setting permissions directly on files that can potentially lead to inconsistencies for users, they can get part way through the interface but denied later. Perhaps the model should be revisited, if we don't have solid use cases for permissions on files maybe we should just change the model to only assign permissions to datasets, this would lead us to consistency. Otherwise we need to revisit the design/implemenatation to ensure it is consistent. We could implement a LogicalFileAuthorizer for example so we have single strategy for all the different components.