Security Fix 13: LinkedBoardActivitiesBleed.

Thanks to [Joshua Rogers](https://joshua.hu) of [Aisle Research](https://aisle.com) and xet7.

server/publications/activities.js

@@ -21,37 +21,38 @@ Meteor.publish('activities', function(kind, id, limit, showActivities) {
     return this.ready();
   }
 
-  // Check user permissions - only BoardAdmin can view activities
+  if (!this.userId) {
-  if (this.userId) {
-    const user = ReactiveCache.getUser(this.userId);
-    const board = ReactiveCache.getBoard(id);
-    
-    if (user && board) {
-      // Find user membership in board
-      const membership = board.members.find(m => m.userId === this.userId);
-      
-      // Only BoardAdmin can view activities
-      if (!membership || !membership.isAdmin) {
-        return this.ready();
-      }
-    } else {
-      // If board or user not found, deny
-      return this.ready();
-    }
-  } else {
-    // If not logged in, deny
     return this.ready();
   }
 
-  // Get linkedBoard
   let linkedElmtId = [id];
-  if (kind == 'board') {
+  let board;
+
+  if (kind === 'board') {
+    board = ReactiveCache.getBoard(id);
+    if (!board || !board.isVisibleBy(this.userId)) {
+      return this.ready();
+    }
+
+    // Get linked boards, but only those visible to the user
     ReactiveCache.getCards({
       "type": "cardType-linkedBoard",
-      "boardId": id}
+      "boardId": id
-      ).forEach(card => {
+    }).forEach(card => {
+      const linkedBoard = ReactiveCache.getBoard(card.linkedId);
+      if (linkedBoard && linkedBoard.isVisibleBy(this.userId)) {
         linkedElmtId.push(card.linkedId);
+      }
     });
+  } else if (kind === 'card') {
+    const card = ReactiveCache.getCard(id);
+    if (!card) {
+      return this.ready();
+    }
+    board = ReactiveCache.getBoard(card.boardId);
+    if (!board || !board.isVisibleBy(this.userId)) {
+      return this.ready();
+    }
   }
 
   const selector = showActivities