Dismiss Notice

Register now to be one of the first members of this SharePoint Community! Click here it just takes seconds!

Dismiss Notice
Welcome Guest from Country Flag

Are Views applied before Permissions/Authorization?

Discussion in 'Official Microsoft News' started by Microsoft SharePoint, Dec 9, 2015.

Thread Status:
Not open for further replies.
  1. Microsoft SharePoint

    Microsoft SharePoint Guest

    Blog Posts:
    0
    0
    0
    0
    I am very familiar with the issues of Item Level Permissions (ILP). However we are having an internal discussion of the combination Views, and ILP.

    For simplicity sake, there are two views each applies a filter. There are very limited number of items in the Approvedview.

    Approved Obsolete

    The list has unique permissions, and I'm confident that this forces each item to have ILP, even if the item is the same as the parent. SharePoint still has to run the check. Is this correct?

    The overall question is. If users only will ever access The list in the Approved view... Is the problem with ILP mitigated? They can see that there is an Obsolete view, but would be told to never clicked on it, using search would still circumvent this.

    Or! For security reasons, is permissions/authorization checked first?

    submitted by ChronoChris
    [link] [10 comments]

    Continue reading...
     
Thread Status:
Not open for further replies.

Share This Page

LiveZilla Live Chat Software