Upload files to private area in Synapse

[karawoo]

App should create a folder for the researcher in some staging/cache area in Synapse. This folder should be accessible only to the AMP-AD curation team (and the user themself). Each time the user uploads data to the app, it should upload to this folder behind the scenes (either as a new file or as a new version of an existing file, as appropriate).

This will allow the curation team to keep track of progress/status of pending data. Importantly, this is not the way the user will ultimately upload their data, just a way for us to check progress without keeping files hanging around on the shiny server. When they get the green light, they will still upload using the manifest.

[karawoo]

Currently blocked until I can figure out a way to remove permissions on the folder the app creates (adding permissions is easy; removing them apparently less so). https://sagebionetworks.jira.com/browse/SYNR-1422

[karawoo]

Another option discussed with @larssono: in the place the app uploads to, the AMP-AD curation team will have full permissions, AMP-AD consortium will have write only (not read). Then the app can upload files (either by creating a folder for the user or just uploading with annotations) and the files will be private and visible only to the curation team.

[karawoo]

Will want to ensure that files keep their original names and don't get renamed by shiny (so uploading multiple versions works properly) https://groups.google.com/forum/#!topic/shiny-discuss/hGO4lC7BEI4

[karawoo]

Users must have read access in order to be able to upload files and folders. They will not have download access, but will still be able to see folders and file names in the project. This is not the end of the world but also not ideal; I think if/when the clients are updated to support removing permissions we should return to that approach and remove read access from the rest of the consortium on the files that were uploaded.