/
Shares

Shares

This feature is part of release 25.4

Introduction

Shares allow records to be shared with internal or external recipients, enabling them to view, download previews, and, if permitted, modify metadata or access original files.
A share token can be used to access a share’s objects with the correct permissions, without needing extra parameters. Each share also provides a share link for easy access, see the https://mediahaven.atlassian.net/wiki/spaces/CS/pages/5152964644/Shares#Share-link section below.

Share Link

Each share provides a unique link that directs users to the shared record:

https://integration.mediahaven.com/shares/<shareId>/view

This link can be shared with recipients. Access depends on the share settings:

  • Portal page: if the share does not require a login, users can access the share object directly.

  • MediaHaven 2.0 page: if the share requires a login, users are prompted to authenticate before accessing the share object.

Share Model

The share model lets you manage shared objects. You can:

  • Create a share: create a new share (requires rights, see below).

  • Get a share: retrieve the details of a specific share.

  • Delete a share: remove a share (requires rights, see below).

Requirements (create & delete only)

  • The MANAGE_SHARES function is required.

  • Only records with the structures Data, DataFlat or Intellectual can be shared.

  • Read access to the object is required.

  • If the record is exportable, export rights are also required

Rights Management

The shared object can be accessed by any person with the share link, including:

  • Objects in the record phase Concept, Published or Archived

  • Objects not visible by themselves alone in the portal, because they are not published or they don’t have read rights on the public group, will be visible in the portal when using a share link for that object

When sharing https://mediahaven.atlassian.net/wiki/spaces/CS/pages/4486791184 or selections, only the children to whom the user who created the share has access will be shared. For example, when a collection contains a secret child to whom the sharer has no access, then that secret child will not be part of the share.

When the permissions are restricted on the shared object after the share was created, such that the user who created the share no longer has access, then the share link will no longer be valid.

Events

Premis event

  • When a share is created, a PREMIS event of type RECORDS.SHARE.CREATE is generated on the shared record, with the ShareId included as a custom property.

  • When a share token is provided as the token for the API requests, all generated premis events specify that the event was made in the context of a share:

    • The user who created the share as the second agent in the request, with the role of SHARER

    • A custom property with key = SHARE and value = the share ID

Audit event (advanced)

  • Creating or deleting a share automatically generates an audit event.

Share token

See https://mediahaven.atlassian.net/wiki/spaces/CS/pages/5163155480