diff --git a/common/models/user.js b/common/models/user.js index d2a445a3..d44ccf35 100644 --- a/common/models/user.js +++ b/common/models/user.js @@ -886,7 +886,7 @@ module.exports = function(User) { where[pkName] = ctx.instance[pkName]; } - ctx.Model.find({where: where}, function(err, userInstances) { + ctx.Model.find({where: where}, ctx.options, function(err, userInstances) { if (err) return next(err); ctx.hookState.originalUserData = userInstances.map(function(u) { var user = {}; diff --git a/test/user.test.js b/test/user.test.js index daa94eea..db2fbb4d 100644 --- a/test/user.test.js +++ b/test/user.test.js @@ -8,6 +8,7 @@ var loopback = require('../'); var User, AccessToken; var async = require('async'); var url = require('url'); +var extend = require('util')._extend; describe('User', function() { this.timeout(10000); @@ -2379,6 +2380,37 @@ describe('User', function() { }); }); + it('forwards the "options" argument', function(done) { + var options = {testFlag: true}; + var observedOptions = []; + + saveObservedOptionsForHook('access', User); + saveObservedOptionsForHook('before delete', AccessToken); + + user.updateAttribute('password', 'newPass', options, function(err, updated) { + if (err) return done(err); + + expect(observedOptions).to.eql([ + // prepareForTokenInvalidation - load current instance data + {hook: 'access', testFlag: true}, + + // validate uniqueness of User.email + {hook: 'access', testFlag: true}, + + // _invalidateAccessTokensOfUsers - deleteAll + {hook: 'before delete', testFlag: true}, + ]); + done(); + }); + + function saveObservedOptionsForHook(name, model) { + model.observe(name, function(ctx, next) { + observedOptions.push(extend({hook: name}, ctx.options)); + next(); + }); + } + }); + it('preserves other user sessions if their password is untouched', function(done) { var user1, user2, user1Token; async.series([