What does this Pull Request do?

Check for file access before adding items to be rendered to which the user may not have access, preventing the display of broken elements.

What's new?

File access checks with more cache maintenance (#41 makes it even better; otherwise, caching should pretty much be disabled for these elements due to adding something which doesn't implement the interface as a "cacheable dependency"... but this is better in terms of cache maintenance) performed such that items are better invalidated.

Does this change require documentation to be updated? Unknown... probably not?
Does this change add any new dependencies? No.
Does this change require any other modifications to be made to the repository (i.e. Regeneration activity, etc.)? No.
Could this change impact execution of existing code? Should not.

How should this be tested?

Use some mechanism (e.g., embargoes to apply file access controls, and ensure that single page viewers should follow suit (multi-page handled in https://github.com/Islandora/islandora/pull/884).

For testing, adding a small hook_file_access() blurb to your code somewhere is probably easiest, such as:

function islandora_file_access($entity, $op) {
  if ($op == 'view') {
    if (in_array($entity->id(), [
      # These are file IDs to test being restricted: change as necessary to target the files
      # being shown in your environment. May also have to clear cache when changed?
      1,
      2,
      3,
    ])) {
      return AccessResult::forbidden('No touchy.')->addCacheableDependency($entity);
    }
  }
  return AccessResult::neutral()->addCacheableDependency($entity);
}