If we apply policy to deny
acccess to the list or library, users will get error when he/she try to access
the list or library.
One example is to deny
acccess to the following list http://xnetsbx-sp/corp/Firethorn/IT/Lists/Harry/AllItems.aspx with two items.
Users will get the error if try to acccess the list from UI.
However, if the users try to access the list through RSS
feeds using the following URL http://xnetsbx-sp/corp/Firethorn/IT/_layouts/listfeed.aspx?List={E3056893-AA99-4A89-9465-1D27DBADA90D}&Source=http%3A%2F%2Fxnetsbx-sp%2Fcorp%2FFirethorn%2FIT%2FLists%2FHarry%2FAllItems.aspx,
users are NOT blocked.
It does not seem that NextLabs will apply security policy to the RSS feeds. We had same issue that security polciy could not be applied to SOAP, REST, or server side API as we discovered.
No comments:
Post a Comment