Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Amend WEBDav KBI with caveats on sharing via public links #127

Merged
merged 2 commits into from
Jul 16, 2024
Merged

Amend WEBDav KBI with caveats on sharing via public links #127

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bbf1d62
Amend WEBDav KBI with caveats on sharing via public links
adswa Jul 16, 2024
3d1d697
make push explicit
adswa Jul 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions kbi/0028/index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,3 +219,36 @@ If a share link is not password protected, the webdav access via
``public.php/webdav`` can still be used. However, this requires
creating a DataLad credential with the token as username, and a
nonempty password (e.g. a single space or ``xyz``) that would not be used.


Caveats of sharing via public link
----------------------------------

When sharing datasets via the ``public.php/webdav`` path, data *providers* need to ensure write permissions on the share:

.. image:: ./share-permissions.png
:width: 50%

Otherwise, data *consumers* will fail to ``clone`` the dataset, as git-annex requires a brief, temporary edit when interacting with the special remote.

In order to clone, *consumers* need to use the public link and password instead of their own webdav credentials:

.. code-block::

export WEBDAV_USERNAME='<LAST-PART-OF-PUBLIC-LINK>'
export WEBDAV_PASSWORD='<SHARE-PASSWORD>'


For example, if the public link is ``https://my-webdav-instance.com/s/fKTtnEIqFNP5Eia``, the ``WEBDAV_USERNAME`` variable should be set to ``fKTtnEIqFNP5Eia``.

Finally, as storage siblings to WEBDav services are not autoenabled, either the *consumer* or the *producer* should take care to enable it.
However, as the URL behind the storage sibling created by the producer (following the pattern ``/remote.php/dav/files/<USERNAME>``) is different from the public URL the dataset is shared with (following the pattern ``.../public.php/webdav``), enabling this special remote and file retrieval would fail for a consumer (unless they had the producer's credentials).
To circumvent this, a second special remote with the public URL but otherwise identical properties needs to be initialized:

.. code-block::

git annex initremote sciebo-storage-public --sameas sciebo-storage type=webdav exporttree=yes encryption=none url=https://fz-juelich.sciebo.de/public.php/webdav


In the above call, ``webdav-storage-public`` is a new special remote, set up ``sameas`` the previous ``webdav-storage`` special remote that was created with the producer's initial ```create-sibling-webdav`` call.
After this has been set up (and pushed), the special remote ``webdav-storage-public`` can be enabled after cloning with the credentials from the public link.
Binary file added kbi/0028/share-permissions.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading