Sharing doesn't seem to make private datasets accesible

[hexylena]

This seems to be a regression

And the menu shows 'make private' (which further makes me think it's public) but clicking on that is a NOP since it's all private already

I've reproduced this on .org by manually setting a single dataset to have private permissions and then sharing by link again. It doesn't make that dataset public which is unexpected. For .org it's fine since they're all public anyway, but for EU where datasets are private by default it's impossible (unless users change datasets one by one)

https://usegalaxy.org/u/helena-rasche/h/unnamed-history-1

[hexylena]

In attempting to work around this issue I also apparently am disallowed from accessing their datasets in the API, despite being an admin user.

So I need to resort to database access to fix history permissions it seems. Or get an API key for this user and impersonate them to fix their datasets.

[hexylena]

I think if we tested with 'make datasets private by default' on by default, we might've caught this

[hexylena]

I'm attempting to fix it via API but /api/datasets/.../permissions doesn't seem to work for me.

Admin API key:

$ python test.py
https://usegalaxy.eu/api/whoami {'Content-Type': 'application/json', 'x-api-key': 'REDACTED'}
{'id': '311460b4264135c1', 'username': 'helena-rasche', 'email': 'REDACTED', 'active': True, 'deleted': False, 'last_password_change': '2018-02-26T15:40:54.845130', 'model_class': 'User'}
https://usegalaxy.eu/api/datasets/11ac94870d0bb33a9349d61c0b6aa501/permissions {'Content-Type': 'application/json', 'x-api-key': 'REDACTED'}
Traceback (most recent call last):
  File "test.py", line 4, in <module>
    x = gi.datasets.update_permissions('11ac94870d0bb33a9349d61c0b6aa501', access_ids=['a1d93b45123eca20'], manage_ids=['a1d93b45123eca20'], modify_ids=[])
  File "/home/hxr/arbeit/galaxy/parsec/.venv/lib/python3.8/site-packages/bioblend/galaxy/datasets/__init__.py", line 356, in update_permissions
    self.gi.datasets._put(url=url, payload=payload)
  File "/home/hxr/arbeit/galaxy/parsec/.venv/lib/python3.8/site-packages/bioblend/galaxy/client.py", line 192, in _put
    return self.gi.make_put_request(url, payload=payload, params=params)
  File "/home/hxr/arbeit/galaxy/parsec/.venv/lib/python3.8/site-packages/bioblend/galaxyclient.py", line 222, in make_put_request
    raise ConnectionError(
bioblend.ConnectionError: Unexpected HTTP status code: 400: {"err_msg": "You are not allowed to access this dataset", "err_code": 0}

$ python test.py
https://usegalaxy.eu/api/whoami {'Content-Type': 'application/json', 'x-api-key': 'REDACTED'}
{'id': 'a1d93b45123eca20', 'username': 'THE-Correct-User', 'email': 'REDACTED', 'active': True, 'deleted': False, 'last_password_change': '2021-11-28T16:47:27.184291', 'model_class': 'User'}
https://usegalaxy.eu/api/datasets/11ac94870d0bb33a9349d61c0b6aa501/permissions {'Content-Type': 'application/json', 'x-api-key': 'REDACTED'}
Traceback (most recent call last):
  File "test.py", line 5, in <module>
    x = gi.datasets.update_permissions('11ac94870d0bb33a9349d61c0b6aa501', access_ids=['a1d93b45123eca20'], manage_ids=['a1d93b45123eca20'], modify_ids=[])
  File "/home/hxr/arbeit/galaxy/parsec/.venv/lib/python3.8/site-packages/bioblend/galaxy/datasets/__init__.py", line 356, in update_permissions
    self.gi.datasets._put(url=url, payload=payload)
  File "/home/hxr/arbeit/galaxy/parsec/.venv/lib/python3.8/site-packages/bioblend/galaxy/client.py", line 192, in _put
    return self.gi.make_put_request(url, payload=payload, params=params)
  File "/home/hxr/arbeit/galaxy/parsec/.venv/lib/python3.8/site-packages/bioblend/galaxyclient.py", line 222, in make_put_request
    raise ConnectionError(
bioblend.ConnectionError: Unexpected HTTP status code: 400: {"err_msg": "You are not allowed to access this dataset", "err_code": 0}

[hexylena]

gxadmin query for any other admins needing to fix individual histories one-by-one galaxyproject/gxadmin@804a133

[davelopez]

Hi @hexylena, sorry this is broken 😞 I'm happy to try and fix all those issues but I have some questions on how to proceed:

• Make history accessible or Publish will make all private datasets public, since this is a switch, should we show a confirmation modal dialog to make sure the user is aware of the change in permissions? or somewhat make it more obvious that once you flip the switch all datasets will be public and the only way back is to make them private again using the history menu option.
• I think the Make private history action in the menu is a one-way action and doesn't check if the datasets are already private. So I'm not sure what can be changed or improved here...
• Fixing /api/datasets/.../permissions to always allow admins to change permissions should be an easy fix, I wonder why this has been like this for so long (ever?) or if there is a reason we may ignore to not allow admins on this 🤔

[hexylena]

since this is a switch, should we show a confirmation modal dialog to make sure the user is aware of the change in permissions? or somewhat make it more obvious that once you flip the switch all datasets will be public and the only way back is to make them private again using the history menu option.

Until now there was not a confirmation modal just various UIs for it, I think a switch is fine (people aren't clicking publish without wanting it to be public, I honestly think <1% of our users understand that datasets have their own privacy settings and I would love to see that further hidden or removed completely someday.)

Since it's one way, would it make sense that if you unshare a history, that it triggers that history menu item and makes the datasets private? (or, resets them to the default history privacy setting for that history?) But in the short term I think just help text that would clarify the history menu option should be used is a great suggestion!

I think the Make private history action in the menu is a one-way action and doesn't check if the datasets are already private. So I'm not sure what can be changed or improved here...

No, nothing to improve there, I thought I remembered it being more of a toggle, that if the datasets were private there would be a make public option but I'm probably mis-remembering and that option really makes more sense in the publish/share menu.

I wonder why this has been like this for so long (ever?)

There's quite a few APIs like this, I think we just haven't found them all yet or so? I have the feeling we were extremely conservative with API permissions to start with (e.g. the workflow json view API which requires an API key to view a public workflow.)

[hexylena]

Also: thank you for having time to look into this! It's really helpful

[hexylena]

Fixed in #13056

[hexylena]

Is there a test case we can set up for the future? I think not a lot of tests are run with default_dataset_privacy, would it be interesting to do that a portion of the time?

[mvdbeek]

Beyond the test that is included in https://github.com/galaxyproject/galaxy/pull/13056/files ?

[hexylena]

Missed that, nope. that's perf.