Query sharing (Enterprise)
Query sharing is a feature introduced in Lab 2.15, allowing users to create a shareable link for their Cypher query, Graph Style Script, and query parameters with a single click. This enables seamless collaboration among team members.
The Lab utilizes remote storage to securely store the shared data, ensuring sensitive information is protected. Additionally, the system tracks which users viewed the query and when, providing comprehensive access logs for enhanced security and accountability.
Enterprise: Query sharing requires a Memgraph Enterprise license to function. For more information on Memgraph Enterprise and instructions on how to enable it, refer to the enabling Memgraph Enterprise documentation.
Environment: Query sharing is available exclusively when the Lab is started in a Docker environment.
How to set it up
To enable the Query sharing feature in the Lab, you need to set up the remote storage (Memgraph instance) that the Lab will connect to and store query-sharing data.
How it works
Remote storage
For Query sharing to function, the Lab requires a remote storage connection where query-sharing information will be saved. Remote storage should be a new Memgraph instance or a new Memgraph database in a multi-tenant environment.
Remote storage is needed to keep all the information, such as the query, parameters, and other details, in the database, which can contain sensitive or private information. Only a share identifier is shared, ensuring data security. Additionally, having remote storage enables users to connect from different browsers to the same instance of Lab to see the shared query.
This setup also allows administrators to connect to Memgraph, which acts as a remote storage, and access all shares, users, and viewing history. Administrators can also perform migrations. It is essential to set up authentication and role-based permissions in Memgraph used as remote storage for the Lab to ensure data security.
User actions
Users can perform three primary actions with Query sharing:
Create a query share
A user can create a query share from the query execution editor. When a query share is created, the Lab stores information about the creator and all necessary details to run the query, including:
- Cypher query
- Graph Style Script
- Cypher query parameters
The creator can select which results view to display, either Data
or Graph view. In the case of multiple queries in a share, the
creator can also select which query results to show first. This is
particularly useful when sharing a multi-query that involves setup
queries followed by a graph algorithm whose results are to be
displayed first.
Upon creation, the user receives a URL that can be shared with other team members who have access to the same Lab and Memgraph instance.
View query share history
Users can view a history of their created query shares, including the number of views each share has received.
The history will display all query shares created on the specific Lab instance. If you have created query shares for multiple Memgraph instances, such as production and staging, you will see both in the query history. To view a query share via share link as a viewer, you must be connected to the Memgraph instance where the share was originally created.
Users can delete any query share from the history. Once deleted, the URL associated with that query share will no longer be valid.
Note: Editing a query share is not supported. To modify a query share, you must create a new one.
Access and view a query share
When a recipient clicks on the query share link, they must first connect to Memgraph. All the connection details will be prefilled on the login page, except for authentication data. Once the user is successfully logged in, they can view the shared query and choose to run it or save it to their collection.
Note that you cannot view a query share on a different Memgraph instance from the one where the query share was created.
User definitions and permissions
For Query sharing to function correctly, users should be defined in the Memgraph instance where the shares are created. This is the Memgraph instance that users connect to for running queries, not the remote storage Memgraph that Lab uses. This approach allows tracking of who viewed each query share and enables creators to manage their own shares.
Without user definitions in the Memgraph database, all connections are treated as the same user (Not-Defined user). This means everyone can see all query shares and potentially delete them from the history. Therefore, defining users in the Memgraph instance is essential for maintaining security and proper management of query shares.