From 5dc61ea81e347ce3f5048433f42d18d2f75f6918 Mon Sep 17 00:00:00 2001
From: simonbrandhof <simon.brandhof@gmail.com>
Date: Mon, 18 Oct 2010 12:11:58 +0000
Subject: [PATCH] VIEWS-55 Check user authorization on masterproject

---
 .../main/webapp/WEB-INF/app/controllers/filters_controller.rb    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/filters_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/filters_controller.rb
index e888fcd4930..7396fbb9d5b 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/filters_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/filters_controller.rb
@@ -459,6 +459,7 @@ class FiltersController < ApplicationController
 
   def load_masterproject()
     @masterproject=Snapshot.find(:first, :include => 'project', :conditions => ['projects.kee=? and islast=?', 'MASTER_PROJECT', true])
+    @masterproject=nil if @masterproject && !(has_role?(:user, @masterproject))
   end
 
   def load_active_filter()
-- 
2.39.5