-
Vivek Das Mohapatra authored
When a user tries to view a project's meta config, the rails application actually recreates the XML from the database contents using the project model. It does this with the user id set in its context and applies normal ACL rules. This means that any data relating to a project the user does not have at least read access to is missing from the model's internal data structures, so <path…> elements that refer to unreadable projects result in a method call on nil and a 500 error in the web UI. This patch ameliorates that by checking that the relevant object actually exists in the model before calling an accessor method on it, and substituting 'HIDDEN' for the project's name if it does not. This does mean that the user SHOULD NOT try and save said meta config but that restriction is not enforced here.
e220e271