verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2814 from strongloop/backport/partial-update 

Validate non-email property partial update
This commit is contained in:
Loay 2016-10-03 18:02:47 -04:00 committed by GitHub
parent 46f0c061c0 bdeaf654fa
commit 715bc1ece6
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/models/user.js
View File

@ -681,7 +681,9 @@ module.exports = function(User) {
UserModel.observe('after save', function afterEmailUpdate(ctx, next) { UserModel.observe('after save', function afterEmailUpdate(ctx, next) {
if (!ctx.Model.relations.accessTokens) return next(); if (!ctx.Model.relations.accessTokens) return next();
var AccessToken = ctx.Model.relations.accessTokens.modelTo; var AccessToken = ctx.Model.relations.accessTokens.modelTo;
if (!ctx.instance && !ctx.data) return next();
var newEmail = (ctx.instance || ctx.data).email; var newEmail = (ctx.instance || ctx.data).email;
if (!newEmail) return next();
if (!ctx.hookState.originalUserData) return next(); if (!ctx.hookState.originalUserData) return next();
var idsToExpire = ctx.hookState.originalUserData.filter(function(u) { var idsToExpire = ctx.hookState.originalUserData.filter(function(u) {
return u.email !== newEmail; return u.email !== newEmail;

37
test/user.test.js
View File

@ -1972,6 +1972,43 @@ describe('User', function() {
], done); ], done);
}); });
it('keeps sessions AS IS if non-email property is changed using updateAll', function(done) {
var userPartial;
async.series([
function createPartialUser(next) {
User.create(
{ email: 'partial@example.com', password: 'pass1', age: 25 },
function(err, partialInstance) {
if (err) return next(err);
userPartial = partialInstance;
next();
});
},
function loginPartiallUser(next) {
User.login({ email: 'partial@example.com', password: 'pass1' }, function(err, ats) {
if (err) return next(err);
next();
});
},
function updatePartialUser(next) {
User.updateAll(
{ id: userPartial.id },
{ age: userPartial.age + 1 },
function(err, info) {
if (err) return next(err);
next();
});
},
function verifyTokensOfPartialUser(next) {
AccessToken.find({ where: { userId: userPartial.id }}, function(err, tokens1) {
if (err) return next(err);
expect(tokens1.length).to.equal(1);
next();
});
},
], done);
});
function assertPreservedToken(done) { function assertPreservedToken(done) {
AccessToken.find({ where: { userId: user.id }}, function(err, tokens) { AccessToken.find({ where: { userId: user.id }}, function(err, tokens) {
if (err) return done(err); if (err) return done(err);