Decision Only allow developers and site administrators access to the default Drupal files listing

accepted

Drupal's built-in files listing at /admin/content/files is a technical tool that has caused editorial confusion and accidental data loss.

Decision

Restrict access to the default Drupal files listing (/admin/content/files) to developers and users with administrator-level permissions. It is primarily a debugging tool, not an editorial interface.

Background

On projects using the Media module — which is the standard on all new projects — files are always managed through media entities. Exposing the raw files listing to editors introduces several problems:

Inaccurate usage counts. The usage counts shown in the files listing are unreliable and have known open issues (e.g. #2821423 and related). Editors acting on this data may draw incorrect conclusions.
Accidental deletion. Editors have deleted files directly from this listing, bypassing the media layer and breaking media entities that still reference those files.
MIME type confusion. The raw MIME types displayed (e.g. image/jpeg, application/pdf) are not meaningful to editors and cause unnecessary confusion.

Consequences

Editors will manage files exclusively through the Media library, which provides an interface designed for editorial use and reflects the actual state of managed content.

Exception

On sites inherited without the Media module, do not rely on the built-in files view. Instead, create a purpose-built view with editorial concerns in mind: hide MIME types, surface meaningful labels, and omit unreliable usage counts. The specific implementation will vary based on the site's legacy or custom requirements.