Shares

Files in Onedata can be shared i.e. made available for unauthenticated users in read-only mode.

It's achieved using Shares — semi-public links that can be passed to desired recipients. Anyone on the Internet with a Share link can read the data, but the link is impossible to guess (hence the semi-public nature of Shares). Shares may have an optional description in Markdown format to improve their comprehension and usability for the target audience.

Both directories and files can be shared, and multiple Shares may be created for the same file/directory. It is possible to share a whole Space.

See the documentation here.

Exercise

Sharing a directory and enabling anonymous access

1. Navigate to the directory created for your username.

2. Open the context menu for FirstDataset and choose Share / Publish.

   

3. In the SHARE/PUBLISH DIRECTORY modal, change the name of the Share to <YourUsername> public files (eg. Jakub public files).

4. Click on the Create button.

   

   After the Share is created, the Directory details panel with the Shares tab should open.

You can see the list of Shares created for the directory in the panel (currently a single Share). Users can copy the Share link at this point, but before that, we will change the Share description.

5. Click on the Show details link next to the Share.

   

   You should be navigated to the share management view. The active tab is Files in which you can see the shared files browser as can be seen by anonymous users.

6. Click on the Description tab, which is placed on the left side of the active Files tab.

7. Click on the Create description button.

   

8. Copy the following Markdown text into the text editor below the Markdown editor title:

   # Share example
   
   This is the introduction.
   
   ## Tour de France
   
   ![](https://upload.wikimedia.org/wikipedia/fr/thumb/f/f2/Tour_de_France_logo_2019.svg/langfr-225px-Tour_de_France_logo_2019.svg.png)
   
   The Tour de France (French pronunciation: [tuʁ də fʁɑ̃s]; English: _Tour of France_) is an
   annual men's multiple-stage bicycle race held primarily in
   [France](https://en.wikipedia.org/wiki/France). It is the oldest of the three Grand Tours
   (the Tour, the Giro d'Italia, and the Vuelta a España) and is generally considered the
   most prestigious.
   
   ## Tour de Pologne
   
   ![](https://upload.wikimedia.org/wikipedia/fr/thumb/6/64/Logo_Tour_de_Pologne.jpg/270px-Logo_Tour_de_Pologne.jpg)
   
   The **Tour de Pologne** (Polish: _Wyścig Dookoła Polski_; English: _Tour of Poland_),
   officially abbreviated **TdP**, is an annual, professional men's multiple-stage bicycle
   race primarily held in [Poland](https://en.wikipedia.org/wiki/Poland). It consists of
   seven or eight stages and is usually around 1,200 km in length. The race was first held in
   1928 and is considered the oldest and most important bicycle race in Poland.
   

9. Click on the Save button in the upper-right corner of the description editor.

   The description should be saved and you should see the preview of the rendered description. You can go back to editing the Markdown source using the Edit Markdown / Open preview buttons.

10. Copy the Share link from the Share link row in the upper part of the view.

11. Pass the link to the colleague on your right.

12. Open the link received from the colleague on your left in the web browser, in incognito / private browsing mode.

    You should see the web page with the Description of your colleague's Share.

13. Click on the Files tab.
14. Enter the FirstDataset / Photos directory and try to:
    • download one of the files,
    • check out the metadata of files,
    • open the file information panel, and note the API tab which contains curl commands for unauthenticated users.

Restricting access to the files in Shares

Shares make directories and all their subdirectories available anonymously using a link, but the owner of a Share may want to restrict access to some files inside, without reorganizing the files tree. It can be done by changing file permissions.

Exercise: denying access to files in a Share

1. Enter the FirstDataset / Photos path inside the directory created for your username in the Onedata web file browser.

2. Open the context menu for the first file on the list and choose Permissions.

   A File details panel should be opened with the Permissions tab selected.

3. Uncheck the Read permission from the Other (anonymous) column in the POSIX permissions table.

   

Note that only the Other — Read and Execute POSIX permission are applicable for the anonymous users using the Share. Write is always unavailable for unauthenticated users.

4. Click on the Save button.

5. Open the Share link previously received from the colleague on your left (or refresh the file list if you have it still opened).

6. Note that the first file has the No access badge.

7. Try to download the first file from the FirstDataset / Photos directory — it should fail.

   

8. In the web browser window with the authenticated session, navigate to the FirstDataset / Nested1 path inside the directory created for your username.

9. Open the permissions panel for the Nested2 directory, uncheck the Other — Read and Other — Execute permissions, and click on the Save button.

10. Switch to the web browser window with the Share of your colleague on the left. Navigate to the FirstDataset / Nested1 / Nested2 path. You should see the PERMISSION DENIED message on the screen.

Notes on ACL permissions in Shares

If a Share maintainer wants to use ACL permissions instead of POSIX, they should use the special ANONYMOUS user class.

Like in the POSIX permissions, the ACL does not affect the ability to write files by anonymous users — shared files are always read-only for anonymous users.

Managing Shares

There are three ways of opening the Share management view.

1. Opening the Share list of a file or directory — as presented before, using the Share item of the file context menu, or by clicking on a Shared badge that appears on the item row in the Onedata web file browser.

   

2. Opening DATA > Space name > Shares, Public Data sidebar item, which lists all Shares available in the space.

   

3. Opening the SHARES sidebar with the Share icon in the main menu on the left, which lists all the Shares across all the available spaces.

   

Public Data

Public Data collections refer to data records that are available to the public without authentication, yet may be associated with varying licenses and usage restrictions.

In Onedata, a Public Data collection is an extended Share that has been assigned a (publicly accessible) PID/DOI identifier and descriptive metadata. The metadata includes a license; if it's open, the collection can be classified as Open Data.

See the documentation here.

Exercise: exposing the Share as Public Data

1. Open the management view of the previously created Share.

2. Click on the Expose as Public Data tab placed on the right side of the Files tab.

3. Choose the proper handle service from the selector at the bottom and click on the Proceed button.

   

A Dublin Core Metadata form should be opened — this is a standard for structured metadata when describing such collections.

Besides using the form, users can modify the raw XML metadata using the Visual / XML toggle buttons in the upper-right corner of the editor.

4. Fill in the form, using not only default fields in the form but also adding more elements from the selector at the bottom.

5. Click on the Expose as Public Data button at the bottom of the form.

Upon successful publication, you can see a preview of the metadata as will be presented for anonymous users of the Share. Note that the publication process created a public handle for the Share.

6. Copy the Public handle link that is now presented in the place of the previous Share link above the Share management tabs.

   Note that the previous Share link is still available — you can choose the type of link from the selector below the path.

   

7. Pass the Public handle link to the colleague on your right.

8. Open the Public handle link received from the colleague on your left in the web browser — preferably in incognito mode.

   You should be redirected to the Share URL hosted on the Onezone domain to view the Share.

   There should be 3 tabs in the view:

   • Public Data — containing the Dublin Core Metadata,
   • Description — with the description rendered from Markdown,
   • Files — browsable contents of the Share.

4. Give a <YourUsername> other share (eg. Jakub other share) name to the Share and click the Create button.

   The new Share should appear at the top of the Share list.

5. Copy the URL below the <YourUsername> other share name and pass it to the colleague sitting on your right.

6. Open the link received from the colleague on your left in the web browser.

   Observe that this is the Share with FirstDataset directory, but without the Dublin Core Metadata and description of the Share created in previous exercises.

11. Open (or refresh the browser window if it is still opened) with the second Share created by the colleague from your left.

    After the refresh, you should see the SHARE NOT FOUND message on the screen.

    

Shares-related privileges

The Manage Share privilege of space in the Data management section can be used to grant or deny the right to create, edit, and remove Share.