Merge pull request #1464 from strongloop/cb-err

Catch err using Callback
2017-08-17 10:42:45 -04:00 · 2017-08-17 10:42:45 -04:00 · e4d598cc3e
parent b96d40c028 01b4c4a3a7
commit e4d598cc3e
2 changed files with 46 additions and 6 deletions
--- a/lib/dao.js
+++ b/lib/dao.js
@ -2714,7 +2714,11 @@ DataAccessObject.updateAll = function(where, data, options, cb) {
        data = ctx.data;
        var inst = data;
        if (!(data instanceof Model)) {
+          try {
            inst = new Model(data, {applyDefaultValues: false});
+          } catch (err) {
+            return cb(err);
+          }
        }

        if (doValidate === false) {
@ -3023,12 +3027,17 @@ DataAccessObject.replaceById = function(id, data, options, cb) {

  var pkName = idName(this);
  if (!data[pkName]) data[pkName] = id;
-
+  try {
    var Model = this;
    var inst = new Model(data, {persisted: true});
    var enforced = {};
+
    this.applyProperties(enforced, inst);
    inst.setAttributes(enforced);
+  } catch (err) {
+    return cb(err);
+  }
+
  Model = this.lookupModel(data); // data-specific
  if (Model !== inst.constructor) inst = new Model(data);
  var strict = inst.__strict;
--- a/test/manipulation.test.js
+++ b/test/manipulation.test.js
@ -559,6 +559,7 @@ describe('manipulation', function() {
        });
      });
    });
+
    it('should update one attribute', function(done) {
      person.updateAttribute('name', 'Paul Graham', function(err, p) {
        if (err) return done(err);
@ -845,6 +846,16 @@ describe('manipulation', function() {
      });
    });

+    it('should reject updated empty password with updateOrCreate', function(done) {
+      StubUser.create({password: 'abc123'}, function(err, createdUser) {
+        if (err) return done(err);
+        StubUser.updateOrCreate({id: createdUser.id, 'password': ''}, function(err, updatedUser) {
+          (err.message).should.match(/password cannot be empty/);
+          done();
+        });
+      });
+    });
+
    it('throws error for queries with array input', function(done) {
      Todo.updateOrCreate([{content: 'a'}], function(err, data) {
        should.exist(err);
@ -1337,6 +1348,16 @@ describe('manipulation', function() {
        });
      });

+      it('should reject updated empty password with replaceAttributes', function(done) {
+        StubUser.create({password: 'abc123'}, function(err, createdUser) {
+          if (err) return done(err);
+          createdUser.replaceAttributes({'password': ''}, function(err, updatedUser) {
+            (err.message).should.match(/password cannot be empty/);
+            done();
+          });
+        });
+      });
+
      it('should ignore PK if it is set for `instance`' +
      'in `before save` operation hook', function(done) {
        Post.findById(postInstance.id, function(err, p) {
@ -2222,6 +2243,16 @@ describe('manipulation', function() {
          });
        });

+    it('should reject updated empty password with updateAll', function(done) {
+      StubUser.create({password: 'abc123'}, function(err, createdUser) {
+        if (err) return done(err);
+        StubUser.updateAll({where: {id: createdUser.id}}, {'password': ''}, function(err, updatedUser) {
+          (err.message).should.match(/password cannot be empty/);
+          done();
+        });
+      });
+    });
+
    bdd.itIf(connectorCapabilities.updateWithoutId !== false,
      'should update all instances when the where condition is not provided', function(done) {
        filterHarry = connectorCapabilities.deleteWithOtherThanId === false ?