Merge pull request #1464 from strongloop/cb-err

Catch err using Callback

lib/dao.js

@@ -2714,7 +2714,11 @@ DataAccessObject.updateAll = function(where, data, options, cb) {
         data = ctx.data;
         var inst = data;
         if (!(data instanceof Model)) {
-          inst = new Model(data, {applyDefaultValues: false});
+          try {
+            inst = new Model(data, {applyDefaultValues: false});
+          } catch (err) {
+            return cb(err);
+          }
         }
 
         if (doValidate === false) {
@@ -3023,12 +3027,17 @@ DataAccessObject.replaceById = function(id, data, options, cb) {
 
   var pkName = idName(this);
   if (!data[pkName]) data[pkName] = id;
+  try {
+    var Model = this;
+    var inst = new Model(data, {persisted: true});
+    var enforced = {};
+
+    this.applyProperties(enforced, inst);
+    inst.setAttributes(enforced);
+  } catch (err) {
+    return cb(err);
+  }
 
-  var Model = this;
-  var inst = new Model(data, {persisted: true});
-  var enforced = {};
-  this.applyProperties(enforced, inst);
-  inst.setAttributes(enforced);
   Model = this.lookupModel(data); // data-specific
   if (Model !== inst.constructor) inst = new Model(data);
   var strict = inst.__strict;

test/manipulation.test.js

@@ -559,6 +559,7 @@ describe('manipulation', function() {
         });
       });
     });
+
     it('should update one attribute', function(done) {
       person.updateAttribute('name', 'Paul Graham', function(err, p) {
         if (err) return done(err);
@@ -845,6 +846,16 @@ describe('manipulation', function() {
       });
     });
 
+    it('should reject updated empty password with updateOrCreate', function(done) {
+      StubUser.create({password: 'abc123'}, function(err, createdUser) {
+        if (err) return done(err);
+        StubUser.updateOrCreate({id: createdUser.id, 'password': ''}, function(err, updatedUser) {
+          (err.message).should.match(/password cannot be empty/);
+          done();
+        });
+      });
+    });
+
     it('throws error for queries with array input', function(done) {
       Todo.updateOrCreate([{content: 'a'}], function(err, data) {
         should.exist(err);
@@ -1337,6 +1348,16 @@ describe('manipulation', function() {
         });
       });
 
+      it('should reject updated empty password with replaceAttributes', function(done) {
+        StubUser.create({password: 'abc123'}, function(err, createdUser) {
+          if (err) return done(err);
+          createdUser.replaceAttributes({'password': ''}, function(err, updatedUser) {
+            (err.message).should.match(/password cannot be empty/);
+            done();
+          });
+        });
+      });
+
       it('should ignore PK if it is set for `instance`' +
       'in `before save` operation hook', function(done) {
         Post.findById(postInstance.id, function(err, p) {
@@ -2222,6 +2243,16 @@ describe('manipulation', function() {
           });
         });
 
+    it('should reject updated empty password with updateAll', function(done) {
+      StubUser.create({password: 'abc123'}, function(err, createdUser) {
+        if (err) return done(err);
+        StubUser.updateAll({where: {id: createdUser.id}}, {'password': ''}, function(err, updatedUser) {
+          (err.message).should.match(/password cannot be empty/);
+          done();
+        });
+      });
+    });
+
     bdd.itIf(connectorCapabilities.updateWithoutId !== false,
       'should update all instances when the where condition is not provided', function(done) {
         filterHarry = connectorCapabilities.deleteWithOtherThanId === false ?