Security Fix 7: AttachmentMigrationBleed.

Thanks to [Joshua Rogers](https://joshua.hu) of [Aisle Research](https://aisle.com) and xet7.

server/attachmentMigration.js

@@ -208,6 +208,19 @@ Meteor.methods({
       throw new Meteor.Error('not-authorized');
     }
     
+    const board = ReactiveCache.getBoard(boardId);
+    if (!board) {
+      throw new Meteor.Error('board-not-found');
+    }
+    
+    const user = ReactiveCache.getUser(this.userId);
+    const isBoardAdmin = board.hasAdmin(this.userId);
+    const isInstanceAdmin = user && user.isAdmin;
+    
+    if (!isBoardAdmin && !isInstanceAdmin) {
+      throw new Meteor.Error('not-authorized', 'You must be a board admin or instance admin to perform this action.');
+    }
+
     return await attachmentMigrationService.migrateBoardAttachments(boardId);
   },
 
@@ -218,6 +231,11 @@ Meteor.methods({
       throw new Meteor.Error('not-authorized');
     }
     
+    const board = ReactiveCache.getBoard(boardId);
+    if (!board || !board.isVisibleBy({ _id: this.userId })) {
+      throw new Meteor.Error('not-authorized', 'You do not have access to this board.');
+    }
+
     return attachmentMigrationService.getMigrationProgress(boardId);
   },
 
@@ -228,6 +246,11 @@ Meteor.methods({
       throw new Meteor.Error('not-authorized');
     }
     
+    const board = ReactiveCache.getBoard(boardId);
+    if (!board || !board.isVisibleBy({ _id: this.userId })) {
+      throw new Meteor.Error('not-authorized', 'You do not have access to this board.');
+    }
+
     return attachmentMigrationService.getUnconvertedAttachments(boardId);
   },
 
@@ -238,6 +261,11 @@ Meteor.methods({
       throw new Meteor.Error('not-authorized');
     }
     
+    const board = ReactiveCache.getBoard(boardId);
+    if (!board || !board.isVisibleBy({ _id: this.userId })) {
+      throw new Meteor.Error('not-authorized', 'You do not have access to this board.');
+    }
+
     return attachmentMigrationService.isBoardMigrated(boardId);
   }
 });