diff --git a/common/models/user.js b/common/models/user.js index f71b10a4..a5ebd313 100644 --- a/common/models/user.js +++ b/common/models/user.js @@ -657,7 +657,8 @@ module.exports = function(User) { // Access token to normalize email credentials UserModel.observe('access', function normalizeEmailCase(ctx, next) { - if (!ctx.Model.settings.caseSensitiveEmail && ctx.query.where && ctx.query.where.email) { + if (!ctx.Model.settings.caseSensitiveEmail && ctx.query.where && + ctx.query.where.email && typeof(ctx.query.where.email) === 'string') { ctx.query.where.email = ctx.query.where.email.toLowerCase(); } next(); diff --git a/test/user.test.js b/test/user.test.js index 0fec68f5..37534a72 100644 --- a/test/user.test.js +++ b/test/user.test.js @@ -454,6 +454,36 @@ describe('User', function() { done(); }); }); + + it('Should be able to use query filters (email case-sensitivity off)', function(done) { + User.settings.caseSensitiveEmail = false; + var insensitiveUser = { email: 'insensitive@example.com', password: 'abc' }; + User.create(insensitiveUser, function(err, user) { + User.find({ where: { email: + { inq: [insensitiveUser.email] }, + }}, function(err, result) { + if (err) done(err); + assert(result[0], 'The query did not find the user'); + assert.equal(result[0].email, insensitiveUser.email); + done(); + }); + }); + }); + + it('Should be able to use query filters (email case-sensitivity on)', function(done) { + User.settings.caseSensitiveEmail = true; + var sensitiveUser = { email: 'senSiTive@example.com', password: 'abc' }; + User.create(sensitiveUser, function(err, user) { + User.find({ where: { email: + { inq: [sensitiveUser.email] }, + }}, function(err, result) { + if (err) done(err); + assert(result[0], 'The query did not find the user'); + assert.equal(result[0].email, sensitiveUser.email); + done(); + }); + }); + }); }); describe('User.login', function() {