Merge pull request #1010 from kingcody/fix/userModel-updates

fix(model): fix update bugs with mongoose and sequelize

Author: Awk34

Diff for: app/templates/server/api/user(auth)/user.model(mongooseModels).js

@@ -102,7 +102,7 @@ var validatePresenceOf = function(value) {
 UserSchema
   .pre('save', function(next) {
     // Handle new/update passwords
-    if (this.password) {
+    if (this.isModified('password')) {
       if (!validatePresenceOf(this.password)<% if (filters.oauth) { %> && authTypes.indexOf(this.provider) === -1<% } %>) {
         next(new Error('Invalid password'));
       }

Diff for: app/templates/server/api/user(auth)/user.model(sequelizeModels).js

@@ -89,8 +89,9 @@ module.exports = function(sequelize, DataTypes) {
       },
       beforeUpdate: function(user, fields, fn) {
         if (user.changed('password')) {
-          user.updatePassword(fn);
+          return user.updatePassword(fn);
         }
+        fn();
       }
     },
 

Diff for: app/templates/server/api/user(auth)/user.model.spec(mongooseModels).js

@@ -2,22 +2,29 @@
 
 var app = require('../../app');
 var User = require('./user.model');
-
-var user = new User({
-  provider: 'local',
-  name: 'Fake User',
-  email: '[email protected]',
-  password: 'password'
-});
+var user;
+var genUser = function() {
+  user = new User({
+    provider: 'local',
+    name: 'Fake User',
+    email: '[email protected]',
+    password: 'password'
+  });
+  return user;
+};
 
 describe('User Model', function() {
   before(function() {
     // Clear users before testing
-    return User.remove().exec();
+    return User.removeAsync();
+  });
+
+  beforeEach(function() {
+    genUser();
   });
 
   afterEach(function() {
-    return User.remove().exec();
+    return User.removeAsync();
   });
 
   it('should begin with no users', function() {
@@ -28,21 +35,38 @@ describe('User Model', function() {
   it('should fail when saving a duplicate user', function() {
     return user.saveAsync()
       .then(function() {
-        var userDup = new User(user);
+        var userDup = genUser();
         return userDup.saveAsync();
       }).should.be.rejected;
   });
 
-  it('should fail when saving without an email', function() {
-    user.email = '';
-    return user.saveAsync().should.be.rejected;
+  describe('#email', function() {
+    it('should fail when saving without an email', function() {
+      user.email = '';
+      return user.saveAsync().should.be.rejected;
+    });
   });
 
-  it('should authenticate user if password is valid', function() {
-    user.authenticate('password').should.be.true;
-  });
+  describe('#password', function() {
+    beforeEach(function() {
+      return user.saveAsync();
+    });
+
+    it('should authenticate user if valid', function() {
+      user.authenticate('password').should.be.true;
+    });
 
-  it('should not authenticate user if password is invalid', function() {
-    user.authenticate('blah').should.not.be.true;
+    it('should not authenticate user if invalid', function() {
+      user.authenticate('blah').should.not.be.true;
+    });
+
+    it('should remain the same hash unless the password is updated', function() {
+      user.name = 'Test User';
+      return user.saveAsync()
+        .spread(function(u) {
+          return u.authenticate('password');
+        }).should.eventually.be.true;
+    });
   });
+
 });

Diff for: app/templates/server/api/user(auth)/user.model.spec(sequelizeModels).js

@@ -2,16 +2,17 @@
 
 var app = require('../../app');
 var User = require('../../sqldb').User;
-
-var userTemplate = {
-  provider: 'local',
-  name: 'Fake User',
-  email: '[email protected]',
-  password: 'password'
+var user;
+var genUser = function() {
+  user = User.build({
+    provider: 'local',
+    name: 'Fake User',
+    email: '[email protected]',
+    password: 'password'
+  });
+  return user;
 };
 
-var user = User.build(userTemplate);
-
 describe('User Model', function() {
   before(function() {
     // Sync and clear users before testing
@@ -20,6 +21,10 @@ describe('User Model', function() {
     });
   });
 
+  beforeEach(function() {
+    genUser();
+  });
+
   afterEach(function() {
     return User.destroy({ where: {} });
   });
@@ -32,21 +37,38 @@ describe('User Model', function() {
   it('should fail when saving a duplicate user', function() {
     return user.save()
       .then(function() {
-        var userDup = User.build(userTemplate);
+        var userDup = genUser();
         return userDup.save();
       }).should.be.rejected;
   });
 
-  it('should fail when saving without an email', function() {
-    user.email = '';
-    return user.save().should.be.rejected;
+  describe('#email', function() {
+    it('should fail when saving without an email', function() {
+      user.email = '';
+      return user.save().should.be.rejected;
+    });
   });
 
-  it('should authenticate user if password is valid', function() {
-    user.authenticate('password').should.be.true;
-  });
+  describe('#password', function() {
+    beforeEach(function() {
+      return user.save();
+    });
+
+    it('should authenticate user if valid', function() {
+      user.authenticate('password').should.be.true;
+    });
 
-  it('should not authenticate user if password is invalid', function() {
-    user.authenticate('blah').should.not.be.true;
+    it('should not authenticate user if invalid', function() {
+      user.authenticate('blah').should.not.be.true;
+    });
+
+    it('should remain the same hash unless the password is updated', function() {
+      user.name = 'Test User';
+      return user.save()
+        .then(function(u) {
+          return u.authenticate('password');
+        }).should.eventually.be.true;
+    });
   });
+
 });