diff --git a/lib/dao.js b/lib/dao.js index 02297b53..b658ab42 100644 --- a/lib/dao.js +++ b/lib/dao.js @@ -283,15 +283,19 @@ DataAccessObject.create = function(data, options, cb) { var obj; var idValue = getIdValue(this, data); + try { // if we come from save - if (data instanceof Model && !idValue) { - obj = data; - } else { - obj = new Model(data); - } + if (data instanceof Model && !idValue) { + obj = data; + } else { + obj = new Model(data); + } - this.applyProperties(enforced, obj); - obj.setAttributes(enforced); + this.applyProperties(enforced, obj); + obj.setAttributes(enforced); + } catch (err) { + return cb(err); + } Model = this.lookupModel(data); // data-specific if (Model !== obj.constructor) obj = new Model(data); @@ -3142,7 +3146,11 @@ function(data, options, cb) { } // update instance's properties - inst.setAttributes(data); + try { + inst.setAttributes(data); + } catch (err) { + return cb(err); + } if (doValidate) { inst.isValid(function(valid) { diff --git a/test/datatype.test.js b/test/datatype.test.js index 4476f163..d141e21a 100644 --- a/test/datatype.test.js +++ b/test/datatype.test.js @@ -32,11 +32,10 @@ describe('datatypes', function() { list: {type: ['object']}, }); - (function() { - myModel.create({list: 'This string will crash the server'}); - }).should.throw({statusCode: 400}); - - done(); + myModel.create({list: 'This string will crash the server'}, function(err) { + (err.statusCode).should.equal(400); + done(); + }); }); it('should return 400 when property of type array is set to object value', @@ -45,11 +44,10 @@ describe('datatypes', function() { list: {type: ['object']}, }); - (function() { - myModel.create({list: {key: 'This string will crash the server'}}); - }).should.throw({statusCode: 400}); - - done(); + myModel.create({list: {key: 'This string will crash the server'}}, function(err) { + (err.statusCode).should.equal(400); + done(); + }); }); it('throws an error when property of type Date is set to an invalid value', @@ -58,9 +56,9 @@ describe('datatypes', function() { date: {type: Date}, }); - (function() { - myModel.create({date: 'invalid'}); - }).should.throw({message: 'Invalid date: invalid'}); + myModel.create({date: 'invalid'}, function(err) { + (err.message).should.equal('Invalid date: invalid'); + }); }); it('should keep types when get read data from db', function(done) { diff --git a/test/manipulation.test.js b/test/manipulation.test.js index b35fbba6..bf28401e 100644 --- a/test/manipulation.test.js +++ b/test/manipulation.test.js @@ -36,6 +36,7 @@ describe('manipulation', function() { before(function setupStubUserModel(done) { StubUser = db.createModel('StubUser', {password: String}, {forceId: true}); StubUser.setter.password = function(plain) { + if (plain.length === 0) throw new Error('password cannot be empty'); var hashed = false; if (!plain) return; var pos = plain.indexOf('-'); @@ -484,6 +485,23 @@ describe('manipulation', function() { }); }); + it('should reject created StubUser with empty password', function(done) { + StubUser.create({email: 'b@example.com', password: ''}, function(err, createdUser) { + (err.message).should.match(/password cannot be empty/); + done(); + }); + }); + + it('should reject updated empty password with updateAttribute', function(done) { + StubUser.create({email: 'b@example.com', password: 'abc123'}, function(err, createdUser) { + if (err) return done(err); + createdUser.updateAttribute('password', '', function(err, updatedUser) { + (err.message).should.match(/password cannot be empty/); + done(); + }); + }); + }); + it('should update one attribute', function(done) { person.updateAttribute('name', 'Paul Graham', function(err, p) { if (err) return done(err);