StyAndCo/zeppelin
3
0
Fork 0
mirror of https://github.com/ZeppelinBot/Zeppelin.git synced 2025-03-14 21:31:50 +00:00
Code Releases Activity

Extra fix

Browse source
This commit is contained in:
Dragory 2020-09-23 20:23:19 +03:00
parent bfb7379279
commit 9dbf80ce58
No known key found for this signature in database
GPG key ID: 5F387BA66DF8AAC1
2 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
backend/src/templateFormatter.ts
View file

@ -222,6 +222,11 @@ async function evaluateTemplateVariable(theVar: ITemplateVar, values) {
const value = has(values, theVar.identifier) ? get(values, theVar.identifier) : undefined;
if (typeof value === "function") {
// Don't allow running functions in nested objects
if (values[theVar.identifier] == null) {
return "";
}
const args = [];
for (const arg of theVar.args) {
if (typeof arg === "object") {

1
backend/src/utils.ts
View file

@ -347,6 +347,7 @@ export function get(obj, path, def?): any {
let cursor = obj;
const pathParts = path.split(".");
for (const part of pathParts) {
// hasOwnProperty check here is necessary to prevent prototype traversal in tags
if (!cursor.hasOwnProperty(part)) return def;
cursor = cursor[part];
if (cursor === undefined) return def;