- Fix critical and moderate security vulnerabilities reported at 2020-02-26 with

responsible disclosure by [Dejan Zelic](https://twitter.com/dejandayoff), Justin Benjamin and others at [Offensive Security](https://twitter.com/offsectraining), that follow standard 90 days before public disclosure. Thanks to xet7. - Fix webhook error that prevented some card etc deleting from web UI of board. Thanks to xet7. - Add some more Font Awesome icons. Thanks to xet7. - Remove autofocus from many form input boxes so that they would not cause warnings. Thanks to xet7.
author: Lauri Ojansivu <x@xet7.org> 2020-03-01 20:59:53 +0200
committer: Lauri Ojansivu <x@xet7.org> 2020-03-01 20:59:53 +0200
commit: aac7c380c8c389b0683b2bd64e2cc856993f0e30 (patch)
tree: 8d76eeb0202a1ae456e7d96c3ee59b83cfb77094 /models/activities.js
parent: fc35c234a78fb2137f0f78a3a6f353c46734ed72 (diff)
download: wekan-aac7c380c8c389b0683b2bd64e2cc856993f0e30.tar.gz
wekan-aac7c380c8c389b0683b2bd64e2cc856993f0e30.tar.bz2
wekan-aac7c380c8c389b0683b2bd64e2cc856993f0e30.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/models/activities.js b/models/activities.js
index 19e3fb7d..568859a9 100644
--- a/models/activities.js
+++ b/models/activities.js
@@ -108,7 +108,7 @@ if (Meteor.isServer) {
     let participants = [];
     let watchers = [];
     let title = 'act-activity-notify';
-    let board = null;
+    const board = Boards.findOne(activity.boardId);
     const description = `act-${activity.activityType}`;
     const params = {
       activityId: activity._id,
@@ -122,8 +122,11 @@ if (Meteor.isServer) {
       params.userId = activity.userId;
     }
     if (activity.boardId) {
-      board = activity.board();
-      params.board = board.title;
+      if (board.title.length > 0) {
+        params.board = board.title;
+      } else {
+        params.board = '';
+      }
       title = 'act-withBoardTitle';
       params.url = board.absoluteUrl();
       params.boardId = activity.boardId;
author	Lauri Ojansivu <x@xet7.org>	2020-03-01 20:59:53 +0200
committer	Lauri Ojansivu <x@xet7.org>	2020-03-01 20:59:53 +0200
commit	aac7c380c8c389b0683b2bd64e2cc856993f0e30 (patch)
tree	8d76eeb0202a1ae456e7d96c3ee59b83cfb77094 /models/activities.js
parent	fc35c234a78fb2137f0f78a3a6f353c46734ed72 (diff)
download	wekan-aac7c380c8c389b0683b2bd64e2cc856993f0e30.tar.gz wekan-aac7c380c8c389b0683b2bd64e2cc856993f0e30.tar.bz2 wekan-aac7c380c8c389b0683b2bd64e2cc856993f0e30.zip