From 4edce47b24a4d819a347d9343bd83c2eaadcda34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Bajto=C5=A1?= Date: Fri, 9 Dec 2016 13:16:42 +0100 Subject: [PATCH] Fix registration of operation hooks in User model Operation hooks are inherited by subclassed models, therefore they must be registered outside of `Model.setup()` function. This commit fixes this problem in the built-in User model. There are not tests verifying this change, as writing a test would be too cumbersome and not worth the cost IMO. --- common/models/user.js | 91 +++++++++++++++++++++++-------------------- 1 file changed, 48 insertions(+), 43 deletions(-) diff --git a/common/models/user.js b/common/models/user.js index 7b8e9712..9c0a8f23 100644 --- a/common/models/user.js +++ b/common/models/user.js @@ -700,49 +700,6 @@ module.exports = function(User) { next(); }); - // Delete old sessions once email is updated - UserModel.observe('before save', function beforeEmailUpdate(ctx, next) { - if (ctx.isNewInstance) return next(); - if (!ctx.where && !ctx.instance) return next(); - var where = ctx.where || {id: ctx.instance.id}; - ctx.Model.find({where: where}, function(err, userInstances) { - if (err) return next(err); - ctx.hookState.originalUserData = userInstances.map(function(u) { - return {id: u.id, email: u.email}; - }); - if (ctx.instance) { - var emailChanged = ctx.instance.email !== ctx.hookState.originalUserData[0].email; - if (emailChanged && ctx.Model.settings.emailVerificationRequired) { - ctx.instance.emailVerified = false; - } - } else { - var emailChanged = ctx.hookState.originalUserData.some(function(data) { - return data.email != ctx.data.email; - }); - if (emailChanged && ctx.Model.settings.emailVerificationRequired) { - ctx.data.emailVerified = false; - } - } - next(); - }); - }); - - UserModel.observe('after save', function afterEmailUpdate(ctx, next) { - if (!ctx.Model.relations.accessTokens) return next(); - var AccessToken = ctx.Model.relations.accessTokens.modelTo; - if (!ctx.instance && !ctx.data) return next(); - var newEmail = (ctx.instance || ctx.data).email; - if (!newEmail) return next(); - if (!ctx.hookState.originalUserData) return next(); - var idsToExpire = ctx.hookState.originalUserData.filter(function(u) { - return u.email !== newEmail; - }).map(function(u) { - return u.id; - }); - if (!idsToExpire.length) return next(); - AccessToken.deleteAll({userId: {inq: idsToExpire}}, next); - }); - UserModel.remoteMethod( 'login', { @@ -855,6 +812,54 @@ module.exports = function(User) { */ User.setup(); + + // --- OPERATION HOOKS --- + // + // Important: Operation hooks are inherited by subclassed models, + // therefore they must be registered outside of setup() function + + // Delete old sessions once email is updated + User.observe('before save', function beforeEmailUpdate(ctx, next) { + if (ctx.isNewInstance) return next(); + if (!ctx.where && !ctx.instance) return next(); + var where = ctx.where || {id: ctx.instance.id}; + ctx.Model.find({where: where}, function(err, userInstances) { + if (err) return next(err); + ctx.hookState.originalUserData = userInstances.map(function(u) { + return {id: u.id, email: u.email}; + }); + if (ctx.instance) { + var emailChanged = ctx.instance.email !== ctx.hookState.originalUserData[0].email; + if (emailChanged && ctx.Model.settings.emailVerificationRequired) { + ctx.instance.emailVerified = false; + } + } else { + var emailChanged = ctx.hookState.originalUserData.some(function(data) { + return data.email != ctx.data.email; + }); + if (emailChanged && ctx.Model.settings.emailVerificationRequired) { + ctx.data.emailVerified = false; + } + } + next(); + }); + }); + + User.observe('after save', function afterEmailUpdate(ctx, next) { + if (!ctx.Model.relations.accessTokens) return next(); + var AccessToken = ctx.Model.relations.accessTokens.modelTo; + if (!ctx.instance && !ctx.data) return next(); + var newEmail = (ctx.instance || ctx.data).email; + if (!newEmail) return next(); + if (!ctx.hookState.originalUserData) return next(); + var idsToExpire = ctx.hookState.originalUserData.filter(function(u) { + return u.email !== newEmail; + }).map(function(u) { + return u.id; + }); + if (!idsToExpire.length) return next(); + AccessToken.deleteAll({userId: {inq: idsToExpire}}, next); + }); }; function emailValidator(err, done) {