#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ # # Copyright (c) 2016, Electric Power Research Institute (EPRI) # All rights reserved. # # OpenADR ("this software") is licensed under BSD 3-Clause license. # # Redistribution and use in source and binary forms, with or without modification, # are permitted provided that the following conditions are met: # # * Redistributions of source code must retain the above copyright notice, this # list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # * Neither the name of EPRI nor the names of its contributors may # be used to endorse or promote products derived from this software without # specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. # IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, # INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR # PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. # # This EPRI software incorporates work covered by the following copyright and permission # notices. You may not use these works except in compliance with their respective # licenses, which are provided below. # # These works are provided by the copyright holders and contributors "as is" and any express or # implied warranties, including, but not limited to, the implied warranties of merchantability # and fitness for a particular purpose are disclaimed. # ######################################################################################### # MIT Licensed Libraries ######################################################################################### # # * actionmailer 3.2.12 (http://www.rubyonrails.org) - Email composition, delivery, and receiving framework (part of Rails). # * actionpack 3.2.12 (http://www.rubyonrails.org) - Web-flow and rendering framework putting the VC in MVC (part of Rails). # * activemodel 3.2.12 (http://www.rubyonrails.org) - A toolkit for building modeling frameworks (part of Rails). # * activerecord 3.2.12 (http://www.rubyonrails.org) - Object-relational mapper framework (part of Rails). # * activeresource 3.2.12 (http://www.rubyonrails.org) - REST modeling framework (part of Rails). # * activesupport 3.2.12 (http://www.rubyonrails.org) - A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. # * arel 3.0.2 (http://github.com/rails/arel) - Arel is a SQL AST manager for Ruby # * bootstrap-sass 3.1.1.0 (https://github.com/twbs/bootstrap-sass) - Twitter's Bootstrap, converted to Sass and ready to drop into Rails or Compass # * builder 3.0.4 (http://onestepback.org) - Builders for MarkUp. # * bundler 1.12.5 (http://bundler.io) - The best way to manage your application's dependencies # * capybara 2.4.4 (http://github.com/jnicklas/capybara) - Capybara aims to simplify the process of integration testing Rack applications, such as Rails, Sinatra or Merb # * coffee-rails 3.2.2 () - Coffee Script adapter for the Rails asset pipeline. # * coffee-script-source 1.6.3 (http://jashkenas.github.com/coffee-script/) - The CoffeeScript Compiler # * docile 1.1.5 (https://ms-ati.github.io/docile/) - Docile keeps your Ruby DSLs tame and well-behaved # * edn 1.0.0 () - 'edn implements a reader for Extensible Data Notation by Rich Hickey.' # * erubis 2.7.0 (http://www.kuwata-lab.com/erubis/) - a fast and extensible eRuby implementation which supports multi-language # * execjs 1.4.0 (https://github.com/sstephenson/execjs) - Run JavaScript code from Ruby # * factory_girl 4.5.0 (https://github.com/thoughtbot/factory_girl) - factory_girl provides a framework and DSL for defining and using model instance factories. # * factory_girl_rails 4.5.0 (http://github.com/thoughtbot/factory_girl_rails) - factory_girl_rails provides integration between factory_girl and rails 3 # * gem-licenses 0.1.2 (http://github.com/dblock/gem-licenses) - List all gem licenses. # * hike 1.2.3 (http://github.com/sstephenson/hike) - Find files in a set of paths # * i18n 0.6.5 (http://github.com/svenfuchs/i18n) - New wave Internationalization support for Ruby # * jdbc-postgresql 9.2.1000 (https://github.com/rosenfeld/jdbc-postgresql) - PostgresSQL jdbc driver for JRuby # * journey 1.0.4 (http://github.com/rails/journey) - Journey is a router # * jquery-rails 3.0.4 (http://rubygems.org/gems/jquery-rails) - Use jQuery with Rails 3 # * json-schema 2.6.2 (http://github.com/ruby-json-schema/json-schema/tree/master) - Ruby JSON Schema Validator # * mail 2.4.4 (http://github.com/mikel/mail) - Mail provides a nice Ruby DSL for making, sending and reading emails. # * metaclass 0.0.4 (http://github.com/floehopper/metaclass) - Adds a metaclass method to all Ruby objects # * mime-types 1.23 (http://mime-types.rubyforge.org/) - This library allows for the identification of a file's likely MIME content type # * mocha 1.1.0 (http://gofreerange.com/mocha/docs) - Mocking and stubbing library # * multi_json 1.7.9 (http://github.com/intridea/multi_json) - A common interface to multiple JSON libraries. # * nokogiri 1.6.5 (http://nokogiri.org) - Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser # * polyglot 0.3.3 (http://github.com/cjheath/polyglot) - Augment 'require' to load non-Ruby file types # * rack-test 0.6.2 (http://github.com/brynary/rack-test) - Simple testing API built on Rack # * railties 3.2.12 (http://www.rubyonrails.org) - Tools for creating, working with, and running Rails applications. # * rake 10.1.0 (http://rake.rubyforge.org) - Ruby based make-like utility. # * rspec-core 2.14.3 (http://github.com/rspec/rspec-core) - rspec-core-2.14.3 # * rspec-expectations 2.14.0 (http://github.com/rspec/rspec-expectations) - rspec-expectations-2.14.0 # * rspec-mocks 2.14.1 (http://github.com/rspec/rspec-mocks) - rspec-mocks-2.14.1 # * rspec-rails 2.14.0 (http://github.com/rspec/rspec-rails) - rspec-rails-2.14.0 # * sass 3.2.9 (http://sass-lang.com/) - A powerful but elegant CSS compiler that makes CSS fun again. # * sass-rails 3.2.6 () - Sass adapter for the Rails asset pipeline. # * simplecov 0.9.0 (http://github.com/colszowka/simplecov) - Code coverage for Ruby 1.9+ with a powerful configuration library and automatic merging of coverage across test suites # * spork 1.0.0rc3 (http://github.com/sporkrb/spork) - spork # * therubyrhino 2.0.2 (http://github.com/cowboyd/therubyrhino) - Embed the Rhino JavaScript interpreter into JRuby # * thor 0.18.1 (http://whatisthor.com/) - A scripting framework that replaces rake, sake and rubigen # * tilt 1.4.1 (http://github.com/rtomayko/tilt/) - Generic interface to multiple Ruby template engines # * treetop 1.4.14 (https://github.com/cjheath/treetop) - A Ruby-based text parsing and interpretation DSL # * uglifier 2.1.2 (http://github.com/lautis/uglifier) - Ruby wrapper for UglifyJS JavaScript compressor # * xpath 2.0.0 (http://github.com/jnicklas/xpath) - Generate XPath expressions from Ruby # * blankslate 2.1.2.4 (http://github.com/masover/blankslate) - BlankSlate extracted from Builder. # * bourbon 3.1.8 (https://github.com/thoughtbot/bourbon) - Bourbon Sass Mixins using SCSS syntax. # * coffee-script 2.2.0 (http://github.com/josh/ruby-coffee-script) - Ruby CoffeeScript Compiler # * diff-lcs 1.2.4 (http://diff-lcs.rubyforge.org/) - Diff::LCS computes the difference between two Enumerable sequences using the McIlroy-Hunt longest common subsequence (LCS) algorithm # * jquery-ui-rails 4.0.3 (https://github.com/joliss/jquery-ui-rails) - jQuery UI packaged for the Rails asset pipeline # * parslet 1.4.0 (http://kschiess.github.com/parslet) - Parser construction library with great error reporting in Ruby. # * rack 1.4.5 (http://rack.github.com/) - a modular Ruby webserver interface # * rack-cache 1.2 (http://tomayko.com/src/rack-cache/) - HTTP Caching for Rack # * rack-ssl 1.3.3 (https://github.com/josh/rack-ssl) - Force SSL/TLS in your app. # * rails 3.2.12 (http://www.rubyonrails.org) - Full-stack web application framework. # * simplecov-html 0.8.0 (https://github.com/colszowka/simplecov-html) - Default HTML formatter for SimpleCov code coverage tool for ruby 1.9+ # * tzinfo 0.3.37 (http://tzinfo.rubyforge.org/) - Daylight-savings aware timezone library # * warbler 1.4.0.beta1 (http://caldersphere.rubyforge.org/warbler) - Warbler chirpily constructs .war files of your Rails applications. # ######################################################################################### # BSD Licensed Libraries ######################################################################################### # # * activerecord-jdbc-adapter 1.2.9.1 (https://github.com/jruby/activerecord-jdbc-adapter) - Copyright (c) 2006-2012 Nick Sieger , Copyright (c) 2006-2008 Ola Bini # * jdbc-postgres 9.2.1004 (https://github.com/jruby/activerecord-jdbc-adapter) - Copyright (c) 1997-2011, PostgreSQL Global Development Group # * d3js 3.5.16 (https://d3js.org/) Copyright (c) 2015 Mike Bostock # ######################################################################################### # Ruby Licensed Libraries ######################################################################################### # # * json 1.8.0 (http://json-jruby.rubyforge.org/) - JSON implementation for JRuby # * rubyzip 0.9.9 (http://github.com/aussiegeek/rubyzip) - rubyzip is a ruby module for reading and writing zip files # * httpclient 2.3.4.1 (http://github.com/nahi/httpclient) - gives something like the functionality of libwww-perl (LWP) in Ruby # * test-unit 2.5.5 (http://test-unit.rubyforge.org/) - test-unit - Improved version of Test::Unit bundled in Ruby 1.8.x. # ######################################################################################### # Public domain - creative commons Licensed Libraries ######################################################################################### # # * torquebox 3.1.2 (http://torquebox.org/) - TorqueBox Gem # * torquebox-cache 3.1.2 (http://torquebox.org/) - TorqueBox Cache Gem # * torquebox-configure 3.1.2 (http://torquebox.org/) - TorqueBox Configure Gem # * torquebox-core 3.1.2 (http://torquebox.org/) - TorqueBox Core Gem # * torquebox-messaging 3.1.2 (http://torquebox.org/) - TorqueBox Messaging Client # * torquebox-naming 3.1.2 (http://torquebox.org/) - TorqueBox Naming Client # * torquebox-rake-support 3.1.2 (http://torquebox.org/) - TorqueBox Rake Support # * torquebox-security 3.1.2 (http://torquebox.org/) - TorqueBox Security Gem # * torquebox-server 3.1.2 (http://torquebox.org/) - TorqueBox Server Gem # * torquebox-stomp 3.1.2 (http://torquebox.org/) - TorqueBox STOMP Support # * torquebox-transactions 3.1.2 (http://torquebox.org/) - TorqueBox Transactions Gem # * torquebox-web 3.1.2 (http://torquebox.org/) - TorqueBox Web Gem # ######################################################################################### # Apache Licensed Libraries ######################################################################################### # # * addressable 2.3.8 (https://github.com/sporkmonger/addressable) - URI Implementation # * bcrypt-ruby 3.0.1 (http://bcrypt-ruby.rubyforge.org) - OpenBSD's bcrypt() password hashing algorithm. # * database_cleaner 1.4.0 (http://github.com/bmabey/database_cleaner) - Strategies for cleaning databases. Can be used to ensure a clean state for testing. # * annotate 2.5.0 (http://github.com/ctran/annotate_models) - Annotates Rails Models, routes, fixtures, and others based on the database schema. # * nvd3 1.8.4 (http://nvd3.org/) Copeyright (c) 2014 Novus Partners - chart library based on d3js # * smack 3.3.1 (https://www.igniterealtime.org/projects/smack/) - XMPP library # ######################################################################################### # LGPL ######################################################################################### # # * jruby-1.7.4 # * jruby-jars 1.7.4 (http://github.com/jruby/jruby/tree/master/gem/jruby-jars) - The core JRuby code and the JRuby stdlib as jar # ** JRuby is tri-licensed GPL, LGPL, and EPL. # ######################################################################################### # MPL Licensed Libraries ######################################################################################### # # * therubyrhino_jar 1.7.4 (http://github.com/cowboyd/therubyrhino) - Rhino's jars packed for therubyrhino # ######################################################################################### # Artistic 2.0 # * mime-types 1.23 (http://mime-types.rubyforge.org/) - This library allows for the identification of a file's likely MIME content type # ######################################################################################### # ######################################################################################### # GPL-2 ######################################################################################### # * mime-types 1.23 (http://mime-types.rubyforge.org/) - This library allows for the identification of a file's likely MIME content type # ######################################################################################### # No License Given ######################################################################################### # # * spork-testunit 0.0.8 (http://github.com/timcharper/spork-testunit) - spork-testunit # * sprockets 2.2.2 (http://getsprockets.org/) - Rack-based asset packaging system # #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ require 'test_helper' require 'integration/helpers/flow_helper' class EventFlowTests < ActionDispatch::IntegrationTest include AccountsHelper # for path helper functions include FlowHelper fixtures :accounts, :events setup do @account = Account.find_by_name("user1") @account.password = "testing" @account.password_confirmation = "testing" @account.save @admin = accounts(:admin) @admin.password ="testing" @admin.password_confirmation = "testing" @admin.save @event = Event.first @event.account_id = (@account.id + 1) @event.market_context = MarketContext.first @event.save end ###################################################################### test "protected events should be redirected" do # login @account get events_path assert_response 302 get event_path(@event) assert_response 302 get new_event_by_type_path assert_response 302 post events_path(@event) assert_response 302 delete event_path(@event) assert_response 302 put event_path(@event) assert_response 302 end ###################################################################### test "access protected event should fail" do login @account get event_path(@event) assert_response 403 # user can create an event but test_event field is hard coded get new_event_by_type_path assert_response 200 response_required_type_id = ResponseRequiredType.first.id market_context_id = MarketContext.first.id assert_difference('Event.count') do post events_path, { event_interface: { event: { duration: "5", dtstart_str: "2013-01-01 12:00PM CST", response_required_type_id: response_required_type_id, market_context_id: market_context_id }, event_signal: { signal_name_id: 1, signal_type_id: 1}, event_signal_interval: {} } }, { 'HTTP_REFERER' => '/' } # puts response.body assert_response 302 end assert assigns(:event_interface).event.test_event != "false" put event_path(@event), {event: { event_id: "aaaa"}}, {'HTTP_REFERER' => '/'} assert_response 403 @event = Event.find_by_event_id("aaaa") assert_nil @event @event = Event.find_by_event_id(events(:event1).event_id) assert_no_difference('Event.count') do delete event_path(@event), {}, {'HTTP_REFERER' => '/'} assert_response 403 end end ###################################################################### test "access protected event should succeed" do login @admin get events_path assert_response 200 get event_path(@event) assert_response 200 get new_event_by_type_path assert_response 200 market_context_id = MarketContext.first.id # new_event = Event.new(event_id: "new_event") assert_difference('Event.count') do post events_path, { event_interface: { event: { event_id: "eventname", duration: "1", response_required_type_id: "0", market_context_id: market_context_id }, event_signal: { signal_name_id: 1, signal_type_id: 1}, event_signal_interval: {} } }, { 'HTTP_REFERER' => '/' } end put event_path(@event), { event_interface: { event: { event_id: "aaaa"} } }, { 'HTTP_REFERER' => '/' } assert_response 200 @event = Event.find_by_event_id("aaaa") assert_not_nil @event assert_difference('Event.count', -1) do delete event_path(@event), {}, {'HTTP_REFERER' => '/'} end end ###################################################################### test "account access event_groups should fail" do login @account groups = Group.all event = Event.first put add_groups_event_path(event), {group: { id: [groups[0].id, groups[1].id] }} assert_response 403 # NOTE: this shold be passing event_group ids but access should be blocked so # it doesn't matter what we pass for IDs put remove_groups_event_path(event), {event_group: { id: [groups[0].id, groups[1].id] }} assert_response 403 end ###################################################################### test "admin access event_groups should succeed" do login @admin groups = Group.all event = Event.first assert_difference('EventGroup.count', 2) do put add_groups_event_path(event), {group: { id: [groups[0].id, groups[1].id] }} assert_response 200 end assert_raise(ActiveRecord::RecordNotUnique) do assert_difference('EventGroup.count', 0) do put add_groups_event_path(event), {group: { id: [groups[0].id] }} end end event_groups = event.event_groups assert_difference('EventGroup.count', -1) do put remove_groups_event_path(event), {event_group: { id: [event_groups[0].id] }} assert_response 200 end end ###################################################################### test "account access event_resources should fail" do login @account resource_types = ResourceType.all event = Event.first put add_resources_event_path(event), {resource_type: { id: [resource_types[0].id, resource_types[1].id] }} assert_response 403 # NOTE: this shold be passing event_resource ids but access should be blocked so # it doesn't matter what we pass for IDs put remove_resources_event_path(event), {event_resource: { id: [resource_types[0].id, resource_types[1].id] }} assert_response 403 end ###################################################################### test "admin access event_resources should succeed" do login @admin resource_types = ResourceType.all event = Event.first assert_difference('EventResource.count', 2) do put add_resources_event_path(event), {resource_type: { id: [resource_types[0].id, resource_types[1].id] }} assert_response 200 end assert_raise (ActiveRecord::RecordNotUnique) do assert_difference('EventResource.count', 0) do put add_resources_event_path(event), {resource_type: { id: [resource_types[0].id] }} end end event_resources = event.event_resources assert_difference('EventResource.count', -2) do put remove_resources_event_path(event), {event_resource: { id: [event_resources[0].id, event_resources[1].id] }} assert_response 200 end end ###################################################################### test "account access event_vens should fail" do login @account vens = Ven.all event = Event.first put add_vens_event_path(event), {ven: { id: [vens[0].id, vens[1].id] }} assert_response 403 # NOTE: this shold be passing event_ven ids but access should be blocked so # it doesn't matter what we pass for IDs put remove_vens_event_path(event), {event_ven: { id: [vens[0].id, vens[1].id] }} assert_response 403 end ###################################################################### test "admin access event_vens should succeed" do login @admin vens = Ven.all event = Event.first assert_difference('EventVen.count', 2) do put add_vens_event_path(event), {ven: { id: [vens[0].id, vens[1].id] }} assert_response 200 end assert_raise (ActiveRecord::RecordNotUnique) do assert_difference('EventVen.count', 0) do put add_vens_event_path(event), {ven: { id: [vens[0].id] }} end end event_vens = event.event_vens assert_difference('EventVen.count', -2) do put remove_vens_event_path(event), {event_ven: { id: [event_vens[0].id, event_vens[1].id] }} assert_response 200 end end ###################################################################### test "account access event_parties should fail" do login @account market_context_subscriptions = MarketContextSubscription.all event = Event.first put add_parties_event_path(event), {market_context_subscription: { id: [] }} assert_response 403 # NOTE: this shold be passing event_parties ids but access should be blocked so # it doesn't matter what we pass for IDs put remove_parties_event_path(event), {market_context_subscription: { id: [] }} assert_response 403 end ###################################################################### test "admin access event_parties should succeed" do login @admin event = Event.first ven = Ven.first ven.account = @admin ven.save market_contexts = MarketContext.all s = ven.market_context_subscriptions.new s.market_context_id = market_contexts[0].id s.save s = ven.market_context_subscriptions.new s.market_context_id = market_contexts[1].id s.save market_context_subscriptions = ven.market_context_subscriptions assert_difference('EventParty.count', 2) do put add_parties_event_path(event), {market_context_subscription: { id: [market_context_subscriptions[0].id, market_context_subscriptions[1].id] }} assert_response 200 end assert_raise (ActiveRecord::RecordNotUnique) do assert_difference('EventParty.count', 0) do put add_parties_event_path(event), {market_context_subscription: { id: [market_context_subscriptions[0].id] }} end end event_vens = event.event_vens assert_difference('EventParty.count', -2) do put remove_parties_event_path(event), {event_party: { id: [event.event_parties[0].id, event.event_parties[1].id] }} assert_response 200 end end ###################################################################### test "admin access event signal should succeed" do login @admin event = Event.first assert_difference('event.event_signals.count') do post event_event_signals_path(event), {event_signal: {signal_id: "signal_id", signal_type_id: "1", signal_name_id: "1"}} end assert_not_nil assigns(:event_signal) event_signal = EventSignal.first # both paths are defined put event_signal_path(event_signal), {event_signal: {signal_id: "signal_id2"}} assert_response 200 put event_event_signal_path(event_signal.event, event_signal), {event_signal: {signal_id: "signal_id2"}} assert_response 200 assert_difference('event_signal.event_signal_intervals.count') do post event_signal_event_signal_intervals_path(event_signal), {event_signal_interval: {uid: "uid", duration: "5"}} end event_signal_interval = event_signal.event_signal_intervals.first assert_not_nil event_signal_interval put event_signal_event_signal_interval_path(event_signal, event_signal_interval), {event_signal_interval: {uid: "uid2"}} event_signal_interval = event_signal.event_signal_intervals.find_by_uid("uid2") assert_not_nil event_signal_interval end ###################################################################### test "user access event signal should fail" do login @account event = Event.first assert_no_difference('event.event_signals.count') do post event_event_signals_path(event), {event_signal: {signal_id: "singal_id"}} assert_response 403 end assert_nil assigns(:event_signal) end ###################################################################### test "create event adds default signal and interval" do login @admin signal_type = SignalType.find_by_name("price") signal_name = SignalName.first market_context_id = MarketContext.first.id assert_difference('Event.count') do post events_path, { event_interface: { event: { event_id: "newevent", duration: "1", vtn_comment: "mycomment", response_required_type_id: "0", market_context_id: market_context_id }, event_signal: { signal_name_id: signal_name.id, signal_type_id: signal_type.id}, event_signal_interval: {} } }, { 'HTTP_REFERER' => '/' } end event = Event.find_by_vtn_comment("mycomment") assert event.event_signals.count == 1, "no default signal created" assert event.event_signals[0].signal_type.name == "price", "incorrect signal type set" assert event.event_signals[0].event_signal_intervals.count == 1, "no default interval created" end ###################################################################### test "cancel event should fail" do login @account put cancel_event_path(@event) assert_response 403 end ###################################################################### test "cancel event should succeed" do login @admin @event.event_status = EventStatus.find_by_name("none") @event.save assert @event.event_status.name == "none" put cancel_event_path(@event) @event = Event.find(@event.id) assert_not_nil @event.event_status assert @event.event_status.name == "cancelled", "exepcted cancel, received '#{@event.event_status.name}'" #event assert_response 302 end ###################################################################### test "add signal interval should succeed" do login @admin get new_event_event_signal_path(@event) assert_response 200 end ###################################################################### test "add signal interval should fail" do login @account get new_event_event_signal_path(@event) assert_response 403 end end