Idea #13146
Updated by Peter Amstutz almost 6 years ago
To get "projects shared with me" efficiently requires a new API endpoint. The way arv-mount currently determines what to list in "shared" currently requires looking at all projects and finding the ones where owner_uuid is not another project which is visible to us (meaning: users, non-project groups, or shared subprojects where the parent is not visible). This is expensive to compute on the client, but can probably be accomplished with a single query on the API server. Proposed endpoint: /arvados/v1/groups/shared Return in "items" a list of toplevel projects and collections which are shared with me. Toplevel projects are ones which are either owned by a user, owned by a non-project group, or owned by a group which the user cannot read. Support "includes" to return the set of owner objects as well (users, groups). Possible query Query (abbreviated): * select groups that are readable by current user AND ** the owner_uuid is a user (not a group) OR ** the owner_uuid is a group is not a project or is not readable by the current user <pre> select uuid from groups where exists(select 1 from materialized_permission_view where user_uuid='2tlax-tpzed-51vcbmac4uv6bpb' and target_uuid=groups.uuid) and (groups.owner_uuid in (select uuid from users) or not exists(select 1 from materialized_permission_view where user_uuid='2tlax-tpzed-51vcbmac4uv6bpb' and target_uuid=groups.owner_uuid)) and owner_uuid != '2tlax-tpzed-51vcbmac4uv6bpb'; </pre>