diff --git a/amadeus/permissions.py b/amadeus/permissions.py
index dd9b244..a0aec4b 100644
--- a/amadeus/permissions.py
+++ b/amadeus/permissions.py
@@ -30,10 +30,10 @@ def has_subject_permissions(user, subject):
 	if user.is_staff:
 		return True
 
-	if subject.professor.filter(id = user.id).exists():
+	if subject.professor and subject.professor.filter(id = user.id).exists():
 		return True
 
-	if subject.category.coordinators.filter(id = user.id).exists():
+	if subject.category and subject.category.coordinators.filter(id = user.id).exists():
 		return True
 
 	return False
diff --git a/reports/views.py b/reports/views.py
index 7bd9d1a..9ceafd2 100644
--- a/reports/views.py
+++ b/reports/views.py
@@ -24,11 +24,26 @@ import math
 from io import BytesIO
 import os
 import copy
+from django.shortcuts import render, get_object_or_404, redirect
+
+from amadeus.permissions import has_category_permissions, has_subject_permissions
 
 class ReportView(LoginRequiredMixin, generic.FormView):
     template_name = "reports/create.html"
     form_class = CreateInteractionReportForm
     
+
+    def dispatch(self, request, *args, **kwargs):
+        params = self.request.GET
+        subject = Subject.objects.get(id=params['subject_id'])
+       
+        if not has_subject_permissions(request.user, subject):
+            return redirect(reverse_lazy('subjects:home'))
+
+        
+
+        return super(ReportView, self).dispatch(request, *args, **kwargs)
+
     def get_initial(self):
         """
         Returns the initial data to use for forms on this view.
--
libgit2 0.21.2