I created this ticket so that we remember to take a closer look at some point in the future.

Unfortunately I think there is a problem that will prevent this implementation from currently working. When a user removes the anonymous user permission from the file, the file should then be rendered private. However, while the user-permissions endpoint will correctly state that the file no longer has anonymous access, the url on dav-anon still works. There appears to be some kind of delay between when anonymous permission is removed and when the dav-anon endpoint becomes unreachable (404).

This would cause a lot of confusion in BioViz Connect if we checked dav-anon for a 200 or 404 to determine if the file was public. For example, a user would remove public access to the file, we would then check to see if the dav-anon URL is reachable (it most likely would be, due to the delay) and we would then show the user that the file was still public. So until this delay is removed, this does not appear to be a working improvement.

Also of note, the Community data appears to have been moved or does not follow the same convention as the Home folder for determining the proper URL.

For example, attempting to reach:

https://data.cyverse.org/dav-anon/iplant/home/shared/BioViz/rnaseq/A_thaliana_Jun_2009/SRP220157/reads/SRR10060893.bam

Returns a 301 Moved Permanently instead of a 200. The location of the file apparently is:

https://data.cyverse.org/dav-anon/iplant/projects/BioViz/rnaseq/A_thaliana_Jun_2009/SRP220157/reads/SRR10060893.bam

So if we did try to implement checking the status of the file/folder on dav-anon we would need to either update the URL we are trying to reach for Community data (potentially shared as well, would need to check), or also look for a 301 in addition to a 200.

Thank you for the comment!

The described aspect could also affect usability of the interface if and when users experiment with changing the name of a publicly-accessible file.