adding check of string for case insensitive emails

Author: Dhaval Trivedi

common/models/user.js

@@ -657,7 +657,8 @@ module.exports = function(User) {
 
     // Access token to normalize email credentials
     UserModel.observe('access', function normalizeEmailCase(ctx, next) {
-      if (!ctx.Model.settings.caseSensitiveEmail && ctx.query.where && ctx.query.where.email) {
+      if (!ctx.Model.settings.caseSensitiveEmail && ctx.query.where &&
+          ctx.query.where.email && typeof(ctx.query.where.email) === 'string') {
         ctx.query.where.email = ctx.query.where.email.toLowerCase();
       }
       next();

test/user.test.js

@@ -454,6 +454,36 @@ describe('User', function() {
         done();
       });
     });
+
+    it('Should be able to use query filters (email case-sensitivity off)', function(done) {
+      User.settings.caseSensitiveEmail = false;
+      var insensitiveUser = { email: '[email protected]', password: 'abc' };
+      User.create(insensitiveUser, function(err, user) {
+        User.find({ where: { email:
+          { inq: [insensitiveUser.email] },
+        }}, function(err, result) {
+          if (err) done(err);
+          assert(result[0], 'The query did not find the user');
+          assert.equal(result[0].email, insensitiveUser.email);
+          done();
+        });
+      });
+    });
+
+    it('Should be able to use query filters (email case-sensitivity on)', function(done) {
+      User.settings.caseSensitiveEmail = true;
+      var sensitiveUser = { email: '[email protected]', password: 'abc' };
+      User.create(sensitiveUser, function(err, user) {
+        User.find({ where: { email:
+          { inq: [sensitiveUser.email] },
+        }}, function(err, result) {
+          if (err) done(err);
+          assert(result[0], 'The query did not find the user');
+          assert.equal(result[0].email, sensitiveUser.email);
+          done();
+        });
+      });
+    });
   });
 
   describe('User.login', function() {