# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
require 'rails_helper'
describe QuerySourceToken do
describe '.get_and_increment_source_token' do
let(:our_uuid) {'7ab66a26-05e5-11e8-b4ef-8f19083c3cc7'} #random uuid I generated
let(:not_our_uuid) {'a96e3c2c-05e5-11e8-80cc-177b86bb74cd'} # ditto
let(:fake_uuid) {'15c13da0-05e8-11e8-9cc0-e7ccb95e5f1f'} #ditto
let(:expired_uuid) {'061124ca-05f1-11e8-8730-57558ad1064d'}
let(:overused_uuid) {'0ac67006-05f1-11e8-902c-035df51dbc79'}
let(:nonprofit) {force_create(:nonprofit)}
let(:event) {force_create(:event, nonprofit: nonprofit)}
let(:user) {u = force_create(:user)
force_create(:role, name: :nonprofit_admin, host: nonprofit, user: u)
u
}
let(:other_user) {force_create(:user)}
let(:our_source_token) {force_create(:source_token, token: our_uuid, total_uses: 0, expiration: Time.now + 1.day, max_uses: 1, event:event)}
let(:not_our_source_token) {force_create(:source_token, token: not_our_uuid, total_uses: 0, expiration: Time.now + 1.day, max_uses: 1)}
let(:expired_source_token) {force_create(:source_token, token: expired_uuid, total_uses: 0, expiration: Time.now - 1.day) }
let(:overused_source_token) {force_create(:source_token, token: overused_uuid, total_uses: 1, expiration: Time.now + 1.day, max_uses: 1) }
before(:each) {
our_source_token
not_our_source_token
expired_source_token
overused_source_token
}
around(:each) {|example|
Timecop.freeze(2020, 5, 4) do
example.run
end
}
describe 'param validation' do
it 'basic validation' do
expect { QuerySourceToken.get_and_increment_source_token(nil) }.to raise_error {|error|
expect(error).to be_a ParamValidation::ValidationError
expect_validation_errors(error.data, [
{key: :token, name: :required},
{key: :token, name: :format}
])
}
end
it 'raises if source_token cant be found' do
expect { QuerySourceToken.get_and_increment_source_token(fake_uuid) }.to raise_error {|error|
expect(error).to be_a ParamValidation::ValidationError
expect_validation_errors(error.data, [
{key: :token}
])
expect(error.message).to eq "#{fake_uuid} doesn't represent a valid source"
}
end
it 'raises if token already used too much' do
expect{ QuerySourceToken.get_and_increment_source_token(overused_uuid) }.to raise_error {|error|
expect(error).to be_a ExpiredTokenError
}
end
it 'raises if token expired' do
expect{ QuerySourceToken.get_and_increment_source_token(expired_uuid) }.to raise_error {|error|
expect(error).to be_a ExpiredTokenError
}
end
it 'raises authentication error if event on it but user is nil' do
expect { QuerySourceToken.get_and_increment_source_token(our_uuid) }.to raise_error {|error|
expect(error).to be_a AuthenticationError
}
end
it 'raises authentication error if event on it but user is not with nonprofit' do
expect { QuerySourceToken.get_and_increment_source_token(our_uuid, other_user) }.to raise_error {|error|
expect(error).to be_a AuthenticationError
}
end
end
it 'increments and returns source token' do
result = QuerySourceToken.get_and_increment_source_token(our_uuid, user)
expect(result).to be_a SourceToken
expected = {
total_uses: 1,
max_uses: 1,
created_at: Time.now,
updated_at: Time.now,
event_id: event.id,
expiration: Time.now + 1.day,
token: our_uuid,
tokenizable_id: nil,
tokenizable_type: nil
}.with_indifferent_access
expect(result.attributes).to eq expected
reload_all_tokens
expect(our_source_token.attributes).to eq expected
end
def reload_all_tokens
our_source_token.reload
not_our_source_token.reload
expired_source_token.reload
overused_source_token.reload
end
end
end