Query Sharing (Enterprise)

Query Sharing is a feature introduced in Lab 2.15, allowing users to create a shareable link for their Cypher query, Graph Style Script, and query parameters with a single click. This enables seamless collaboration among team members.

The Lab utilizes remote storage to securely store the shared data, ensuring sensitive information is protected. Additionally, the system tracks which users viewed the query and when, providing comprehensive access logs for enhanced security and accountability.

💡

Enterprise: Query Sharing requires a Memgraph Enterprise license to function. For more information on Memgraph Enterprise and instructions on how to enable it, refer to the enabling Memgraph Enterprise documentation.

💡

Environment: Query Sharing is available exclusively when the Lab is started in a Docker environment.

How it works

Remote Storage

For Query Sharing to function, the Lab requires a remote storage connection where query-sharing information will be saved. Remote storage should be a new Memgraph instance or a new Memgraph database in a multi-tenant environment.

Remote storage is needed to keep all the information, such as the query, parameters, and other details, in the database, which can contain sensitive or private information. Only a share identifier is shared, ensuring data security. Additionally, having remote storage enables users to connect from different browsers to the same instance of Lab to see the shared query.

This setup also allows administrators to connect to Memgraph, which acts as a remote storage, and access all shares, users, and viewing history. Administrators can also perform migrations. It is essential to set up authentication and role-based permissions in Memgraph used as remote storage for the Lab to ensure data security.

User actions

Users can perform three primary actions with Query Sharing:

Create a Query Share

A user can create a query share from the query execution editor. When a query share is created, the Lab stores information about the creator and all necessary details to run the query, including:

  • Cypher query
  • Graph Style Script
  • Cypher query parameters

The creator can select which results view to display, either Data or Graph view. In the case of multiple queries in a share, the creator can also select which query results to show first. This is particularly useful when sharing a multi-query that involves setup queries followed by a graph algorithm whose results are to be displayed first.

Upon creation, the user receives a URL that can be shared with other team members who have access to the same Lab and Memgraph instance.

View Query Share History

Users can view a history of their created query shares, including the number of views each share has received.

The history will display all query shares created on the specific Lab instance. If you have created query shares for multiple Memgraph instances, such as production and staging, you will see both in the query history. To view a query share via share link as a viewer, you must be connected to the Memgraph instance where the share was originally created.

Users can delete any query share from the history. Once deleted, the URL associated with that query share will no longer be valid.

💡

Note: Editing a query share is not supported. To modify a query share, you must create a new one.

Access and View a Query Share

When a recipient clicks on the query share link, they must first connect to Memgraph. All the connection details will be prefilled on the login page, except for authentication data. Once the user is successfully logged in, they can view the shared query and choose to run it or save it to their collection.

Note that you cannot view a query share on a different Memgraph instance from the one where the query share was created.

User Definitions and Permissions

For Query Sharing to function correctly, users should be defined in the Memgraph instance where the shares are created. This is the Memgraph instance that users connect to for running queries, not the remote storage Memgraph that Lab uses. This approach allows tracking of who viewed each query share and enables creators to manage their own shares.

Without user definitions in the Memgraph database, all connections are treated as the same user (Not-Defined user). This means everyone can see all query shares and potentially delete them from the history. Therefore, defining users in the Memgraph instance is essential for maintaining security and proper management of query shares.

How to set it up

To enable the Query Sharing feature in the Lab, you need to set up the remote storage (Memgraph instance) that the Lab will connect to and store query-sharing data. Ensure that this Memgraph instance or Memgraph database (in a multi-tenant environment) is used exclusively by the Lab to avoid data corruption and an inconsistent state.

To set up the remote storage, fill out the following environment variables that the Lab will use:

VariableDescriptionType
STORAGE_MG_HOSTMemgraph host for the Lab remote storagestring
STORAGE_MG_PORTMemgraph port for the Lab remote storagenumber
STORAGE_MG_IS_ENCRYPTEDMemgraph SSL on/off for the Lab remote storageboolean
STORAGE_MG_DATABASE_NAMEMemgraph database name for the Lab remote storagestring
STORAGE_MG_USERNAMEMemgraph username for the Lab remote storagestring
STORAGE_MG_PASSWORDMemgraph password for the Lab remote storagestring

Remote storage functionality requires a valid Memgraph Enterprise license. Ensure that you configure the following environment variables:

VariableDescriptionType
ENTERPRISE_LICENSE_ORG_NAMEEnterprise license organization namestring
ENTERPRISE_LICENSE_KEYEnterprise license keystring

Upon successful configuration, you should see the following log output when starting the Lab:

INFO: [lab] Checking connectivity to remote storage *** with a timeout of *** ms...
INFO: [lab] Enterprise license applied successfully. Enjoy the premium features.
...
INFO: [lab] Remote storage *** successfully connected.