Idea #13146
closed
[API] Endpoint to get projects shared with me
Description
To get "projects shared with me" efficiently requires a new API endpoint. The way arv-mount currently determines what to list in "shared" currently requires looking at all projects and finding the ones where owner_uuid is not another project which is visible to us (meaning: users, non-project groups, or shared subprojects where the parent is not visible). This is expensive to compute on
the client, but can probably be accomplished with a single query on the API server.
Proposed endpoint: /arvados/v1/groups/shared
Return in "items" a list of toplevel projects and collections which are shared with me. Toplevel projects are ones which are either owned by a user, owned by a non-project group, or owned by a group which the user cannot read.
Support "includes" to return the set of owner objects as well (users, groups).
Possible query (abbreviated):
- select groups that are readable by current user AND
- the owner_uuid is a user (not a group) OR
- the owner_uuid is a group is not a project or is not readable by the current user
select uuid from groups where exists(select 1 from materialized_permission_view where user_uuid='2tlax-tpzed-51vcbmac4uv6bpb' and target_uuid=groups.uuid) and (groups.owner_uuid in (select uuid from users) or not exists(select 1 from materialized_permission_view where user_uuid='2tlax-tpzed-51vcbmac4uv6bpb' and target_uuid=groups.owner_uuid)) and owner_uuid != '2tlax-tpzed-51vcbmac4uv6bpb';
Updated by 
Updated by Tom Morris 
Updated by 
Updated by