Non-public datasets accessed using a token do honor default settings

[rschwanhold]

In this scenario the user is not logged in but using a sharing token (for those routes that allow sharing tokens as a parameter. GET /api/dataSetConfigurations/:dataSetName does not have the option to add a sharing token). Because of that userDataSetConfigurationDAO.findOneForUserAndDataset obviously will not find anything. The problem was that .orElse(dataSetDAO.findOneByName(dataSetName).flatMap(_.defaultConfiguration)) also failed because of missing permission

Steps to test:

• Configure a default position for a non-public dataset
• Copy the Sharing Link for that dataset (should include a token, because the dataset is not public)
• Log out and access the dataset using the copied link
• You should be at the configured default position

Issues:

• fixes Non-public datasets accessed using a token do not honor default settings #3240

---

• [ ] Updated changelog
• [ ] Updated migration guide if applicable
• [ ] Updated documentation if applicable
• [ ] Needs datastore update after deployment
• Ready for review

[rschwanhold]

@jstriebel do you think it is ok to add the globalAccessContext at this point? This means that everyone could see the default configuration of this dataset. The alternative would be to add the sharingToken to this route.