aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-server
diff options
context:
space:
mode:
Diffstat (limited to 'sonar-server')
-rw-r--r--sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb
index e492dcf8b29..8404e2a6eb2 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb
@@ -52,7 +52,11 @@ class ReviewsController < ApplicationController
def show
@review = Review.find(params[:id], :include => ['project'])
- render :partial => 'reviews/show'
+ if has_role?(:user, @review.project)
+ render :partial => 'reviews/show'
+ else
+ render :text => "access denied"
+ end
end
# GET
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 10:59:19 +0000