SAP contribution: fix unsafe navigation from non existing space to org (

#2396) * Fix unsafe navigation from non-existing space to org Fixes #2335
cloudfoundry · Jul 19, 2021 · 9930ef5 · 9930ef5
1 parent 9c3aaf5
commit 9930ef5
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/lib/cloud_controller/permissions.rb b/lib/cloud_controller/permissions.rb
@@ -104,7 +104,9 @@ def readable_org_guids_for_domains
 
       # Getting readable orgs for space-scoped roles
       space_guids = membership.space_guids_for_roles(SPACE_ROLES_INCLUDING_SUPPORTERS)
-      org_guids_from_space_guids = space_guids.map { |guid| VCAP::CloudController::Space.find(guid: guid).organization.guid }
+      org_guids_from_space_guids = space_guids.filter_map do |guid|
+        VCAP::CloudController::Space.find(guid: guid)&.organization&.guid
+      end
 
       (org_guids + org_guids_from_space_guids).uniq
     end