verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3720 from STRML/fix/falsy-id-3.x 

Fix handling of falsy model ids
This commit is contained in:
Miroslav Bajtoš 2017-12-08 15:24:13 +01:00 committed by GitHub
parent 1babfcde9f 2bfd67ccaa
commit 3bf84bacde
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 66 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/access-context.js
View File

@ -80,17 +80,16 @@ function AccessContext(context) {
var principalType = context.principalType || Principal.USER; var principalType = context.principalType || Principal.USER;
var principalId = context.principalId || undefined; var principalId = context.principalId || undefined;
var principalName = context.principalName || undefined; var principalName = context.principalName || undefined;
if (principalId != null) {
if (principalId) {
this.addPrincipal(principalType, principalId, principalName); this.addPrincipal(principalType, principalId, principalName);
} }
var token = this.accessToken || {}; var token = this.accessToken || {};
if (token.userId) { if (token.userId != null) {
this.addPrincipal(Principal.USER, token.userId); this.addPrincipal(Principal.USER, token.userId);
} }
if (token.appId) { if (token.appId != null) {
this.addPrincipal(Principal.APPLICATION, token.appId); this.addPrincipal(Principal.APPLICATION, token.appId);
} }
this.remotingContext = context.remotingContext; this.remotingContext = context.remotingContext;
@ -193,7 +192,7 @@ AccessContext.prototype.getAppId = function() {
* @returns {boolean} * @returns {boolean}
*/ */
AccessContext.prototype.isAuthenticated = function() { AccessContext.prototype.isAuthenticated = function() {
return !!(this.getUserId() || this.getAppId()); return this.getUserId() != null || this.getAppId() != null;
}; };
/** /**

4
lib/model.js
View File

@ -161,13 +161,13 @@ module.exports = function(registry) {
} }
} }
if (id && data) { if (id != null && data) {
var model = new ModelCtor(data); var model = new ModelCtor(data);
model.id = id; model.id = id;
fn(null, model); fn(null, model);
} else if (data) { } else if (data) {
fn(null, new ModelCtor(data)); fn(null, new ModelCtor(data));
} else if (id) { } else if (id != null) {
var filter = {}; var filter = {};
ModelCtor.findById(id, filter, options, function(err, model) { ModelCtor.findById(id, filter, options, function(err, model) {
if (err) { if (err) {

4
lib/persisted-model.js
View File

@ -1710,7 +1710,7 @@ module.exports = function(registry) {
ctx.instance, ctx.currentInstance, ctx.where, ctx.data); ctx.instance, ctx.currentInstance, ctx.where, ctx.data);
} }
if (id) { if (id != null) {
ctx.Model.rectifyChange(id, reportErrorAndNext); ctx.Model.rectifyChange(id, reportErrorAndNext);
} else { } else {
ctx.Model.rectifyAllChanges(reportErrorAndNext); ctx.Model.rectifyAllChanges(reportErrorAndNext);
@ -1734,7 +1734,7 @@ module.exports = function(registry) {
debug('context instance:%j where:%j', ctx.instance, ctx.where); debug('context instance:%j where:%j', ctx.instance, ctx.where);
} }
if (id) { if (id != null) {
ctx.Model.rectifyChange(id, reportErrorAndNext); ctx.Model.rectifyChange(id, reportErrorAndNext);
} else { } else {
ctx.Model.rectifyAllChanges(reportErrorAndNext); ctx.Model.rectifyAllChanges(reportErrorAndNext);

58
test/role.test.js
View File

@ -364,6 +364,64 @@ describe('role model', function() {
}); });
}); });
it.only('should be properly authenticated with 0 userId', function(done) {
var userData = {name: 'Raymond', email: 'x@y.com', password: 'foobar', id: 0};
var TestUser = app.registry.createModel({
name: 'TestUser',
base: 'User',
// forceId is set to false so we can create a user with a known ID,
// in this case 0 - which used to fail the falsy checks.
forceId: false,
});
app.model(TestUser, {dataSource: 'db'});
TestUser.create(userData, function(err, user) {
if (err) return done(err);
Role.create({name: 'userRole'}, function(err, role) {
if (err) return done(err);
role.principals.create({principalType: RoleMapping.USER, principalId: user.id},
function(err, p) {
if (err) return done(err);
async.series([
function(next) {
Role.isInRole(
'userRole',
{principalType: RoleMapping.USER, principalId: user.id},
function(err, inRole) {
if (err) return next(err);
assert(!!inRole);
next();
});
},
function(next) {
Role.isInRole(
'userRole',
{principalType: RoleMapping.APP, principalId: user.id},
function(err, inRole) {
if (err) return next(err);
assert(!inRole);
next();
});
},
function(next) {
Role.getRoles(
{principalType: RoleMapping.USER, principalId: user.id},
function(err, roles) {
if (err) return next(err);
expect(roles).to.eql([
Role.AUTHENTICATED,
Role.EVERYONE,
role.id,
]);
next();
});
},
], done);
});
});
});
});
// this test should be split to address one resolver at a time // this test should be split to address one resolver at a time
it('supports built-in role resolvers', function(done) { it('supports built-in role resolvers', function(done) {
Role.registerResolver('returnPromise', function(role, context) { Role.registerResolver('returnPromise', function(role, context) {