sig Stringa{}sig User{ name: one Stringa, surname: one Stringa, userna

1. sig Stringa{}
2.  
3. sig User{
4. name: one Stringa,
5. surname: one Stringa,
6. username: one Stringa,
7. password: one Stringa,
8. attend: set Activity
9. }
10.  
11. abstract sig Activity{
12. state: one ActivityState,
13. route: lone Route,
14. schedulingDate: one Int,
15. endActivityDate: one Int,
16. alert: set Warning
17. }{
18. schedulingDate >= 0 and
19. endActivityDate > schedulingDate
20. }
21.  
22. sig Meeting extends Activity{}
23.  
24. sig FlexibleActivity extends Activity{
25. schedulingIntervalBegin: one Int,
26. schedulingIntervalEnd: one Int
27. }{
28. schedulingIntervalBegin >= 0 and
29. schedulingIntervalEnd > schedulingIntervalBegin
30. }
31.  
32. sig Route{
33. stage: some SubRoute
34. }
35.  
36. sig SubRoute{
37. state: one ActivityState,
38. beginDate: one Int,
39. endDate: one Int,
40. alert: lone Warning
41. }{
42. beginDate >= 0 and
43. endDate > beginDate
44. }
45.  
46. abstract sig ActivityState{}
47. sig IN_PROGRESS extends ActivityState{}
48. sig SCHEDULED extends ActivityState{}
49. sig COMPLETED extends ActivityState{}
50.  
51. abstract sig Warning{}
52. sig UNREACHABLE extends Warning{}
53. sig RAIN extends Warning{}
54. sig STRIKE extends Warning{}
55.  
56. //Used for time clock
57. sig System{
58. currentTime: one Int
59. }{
60. currentTime>=0
61. }
62.  
63. //There is only one system with its current Time
64. fact onlyOneSystem{
65. #System = 1
66. }
67.  
68. //There is not two users with the same username
69. fact noTwoUsersWithSameUsername{
70. no disj u1, u2: User | u1.username = u2.username
71. }
72.  
73. //An Activity is completed if and only if it's already finished
74. fact completedActivity{
75. all a: Activity | a.state in COMPLETED
76. iff
77. (all sys: System | sys.currentTime >= a.endActivityDate)
78. }
79.  
80. //An Activity is scheduled if and only if has not yet begun
81. // and neither the route has begun
82. fact scheduledActivity{
83. all a: Activity, sys: System | a.state in SCHEDULED
84. iff
85. (sys.currentTime =< a.schedulingDate and
86. (all s: SubRoute | s in a.route.stage implies
87. s.state in SCHEDULED))
88. }
89.  
90. //Each activity has its (unique) creator
91. fact allActivityhasACreator{
92. all a: Activity | one u : User | a in u.attend
93. }
94.  
95. //There are no routes without the corresponding activity
96. fact allRouteshasAMotherActivity{
97. all r: Route | one a : Activity | r in a.route
98. }
99.  
100. //There are no subroutes without the corresponding route
101. fact allSubRouteshasAMotherRoute{
102. all s: SubRoute | one r : Route | s in r.stage
103. }
104.  
105. //All subroutes scheduled prior to the current date are completed
106. fact completedSubRoute{
107. all s: SubRoute | s.state in COMPLETED
108. iff
109. (all sys: System | s.endDate <= sys.currentTime)
110. }
111.  
112. //All subroutes scheduled after to the current date are scheduled
113. fact scheduledSubRoute{
114. all s: SubRoute | s.state in SCHEDULED
115. iff
116. (all sys: System | s.beginDate >= sys.currentTime)
117. }
118.  
119. //all subroutes in progress have sys.currentTime between
120. //begin-time and end-time
121. fact inProgressSubRoute{
122. all s: SubRoute | s.state in IN_PROGRESS
123. iff
124. (all sys: System | s.beginDate < sys.currentTime
125. and sys.currentTime < s.endDate)
126. }
127.  
128. //there can be no two activities at the same time
129. //e.g. Luca has two meeting, one from 2:00 to 5:00 and
130. // one from 3:00 to 6:00. This is impossible because at 4:00 Luca
131. //should attend two different meetings
132. fact noTwistedActivity{
133. no disj a1, a2: Activity | one u: User |
134. a1 in u.attend and a2 in u.attend and
135. (some t: Int |
136. t >= a1.schedulingDate and
137. t >= a2.schedulingDate and
138. t < a1.endActivityDate and
139. t < a2.endActivityDate
140. )
141. }
142.  
143. //The example also applies to subroutes:
144. //If I'm traveling for meeting 2 then
145. //I can not attend the meeting 1 at the same time
146. fact noTwistedActivityOneWithARoute{
147. no disj a1, a2: Activity | one u: User |
148. #a1.route = 1 and #a2.route = 0 and
149. a1 in u.attend and a2 in u.attend and
150. (some t: Int |
151. t >= a2.schedulingDate and
152. t < a1.endActivityDate and
153. t < a2.endActivityDate and
154. (some s1: SubRoute | s1 in a1.route.stage and
155. t >= s1.beginDate)
156. )
157. }
158.  
159. //The example also applies to two subroutes:
160. //If I'm traveling for meeting 1 then
161. //I can not traveling for meeting 2 at the same time
162. fact noTwistedActivityTwoWithARoute{
163. no disj a1, a2: Activity | one u: User |
164. #a1.route = 1 and #a2.route = 1 and
165. a1 in u.attend and a2 in u.attend and
166. (some t: Int |
167. t < a1.endActivityDate and
168. t < a2.endActivityDate and
169. (some s1: SubRoute | s1 in a1.route.stage and
170. t >= s1.beginDate) and
171. (some s2: SubRoute | s2 in a2.route.stage and
172. t >= s2.beginDate)
173. )
174. }
175.  
176. //there can be no two subroutes related of the same route
177. //scheduled at the same time
178. fact noTwistedSubRoutes{
179. no disj s1, s2: SubRoute | one r: Route |
180. s1 in r.stage and s2 in r.stage and
181. (some t: Int | t >= s1.beginDate and
182. t >= s2.beginDate and
183. t < s1.endDate and
184. t < s2.endDate)
185. }
186.  
187. //there can no be a subroute scheduled after the end of activity
188. fact noLateOrUselessSubRoutes{
189. no s: SubRoute | one a: Activity |
190. s in a.route.stage and
191. s.endDate >= a.endActivityDate
192. }
193.  
194. //all flexible activities must comply with their construction constraint
195. fact allFlexibleActivityAreScheduledInTheGivenInterval{
196. all f: FlexibleActivity |
197. f.schedulingIntervalEnd >= f.endActivityDate and
198. f.schedulingIntervalBegin =< f.schedulingDate and
199. (all s: SubRoute | s in f.route.stage implies
200. f.schedulingIntervalBegin =< s.beginDate)
201. }
202.  
203. //WARNING CONSTRAINS
204.  
205. //a warning always belongs to one activity
206. fact oneActivityForEachWarning{
207. all w: Warning | one a:Activity| w in a.alert
208. }
209.  
210. //a warning always belongs to one subroute
211. fact oneSubRouteForEachWarning{
212. all w: Warning | one s:SubRoute | w in s.alert
213. }
214.  
215. //if an activity contains a warning then
216. //there is a subroute that caused that warning.
217. //This subroute belongs to the activity's route
218. fact thereIsAlwaysACauseOfTheWarning{
219. all a: Activity | a.alert = a.route.stage.alert
220. }
221.  
222. //a subroute is called unreachable if it makes the user late for
223. // the appointment.
224. fact definitionOfUnreachableSubRoute{
225. all s: SubRoute |
226. (some u: UNREACHABLE | u in s.alert)
227. iff
228. (s.endDate > s.~stage.~route.schedulingDate)
229. }
230.  
231. //the system can not scheduled unreachable flexible activity when
232. //it can fine scheduled the same flexible activity reachable.
233. fact noUselessUnreachableWarningForFlexibleActivities{
234. all f: FlexibleActivity |
235. (some u: UNREACHABLE | u in f.alert)
236. implies
237. ((some a: Activity | f.endActivityDate = a.schedulingDate)
238. or
239. (some s: SubRoute | f.endActivityDate = s.beginDate))
240. }
241.  
242. //if an activity with a route is completed then all its subroutines,
243. //that belongs to the activity's route, are completed
244. assert completedSubRoutesOnCompletedActivity{
245. all a: Activity | a.state in COMPLETED and #a.route = 1
246. implies
247. (all s: SubRoute | s in a.route.stage implies a.state in COMPLETED)
248. }
249. //check completedSubRoutesOnCompletedActivity
250. //OK
251.  
252. //if an activity with a route is scheduled then all its subroutines,
253. //that belongs to the activity's route, are scheduled
254. assert scheduledSubRoutesOnScheduledActivity{
255. all a: Activity | a.state in SCHEDULED and #a.route = 1
256. implies
257. (all s: SubRoute | s in a.route.stage implies a.state in SCHEDULED)
258. }
259. //check scheduledSubRoutesOnScheduledActivity
260. //OK
261.  
262. //if an activity with a route is in progress then all its subroutines,
263. //that belongs to the activity's route, are in one of the following configurations
264. //shown in the assertion
265. assert subRoutesConstrainsOnActivityInProgress{
266. all a: Activity | a.state in IN_PROGRESS and #a.route = 1
267. implies
268. ((one s: SubRoute | s in a.route.stage and s.state in IN_PROGRESS)
269. or
270. ((some s: SubRoute | s in a.route.stage and s.state in COMPLETED)
271. and
272. (some s: SubRoute | s in a.route.stage and s.state in SCHEDULED))
273. or
274. (no s: SubRoute| s in a.route.stage and s.state not in SCHEDULED)
275. or
276. (no s: SubRoute| s in a.route.stage and s.state not in COMPLETED))
277. }
278. //check subRoutesConstrainsOnActivityInProgress
279. //OK
280.  
281. //A user can have at most one activity in progress
282. assert onlyOneActivityInProgressForEachUser{
283. all u: User | lone a:Activity |
284. a in u.attend and a.state in IN_PROGRESS
285. }
286. //check onlyOneActivityInProgressForEachUser
287. //OK
288.  
289. //If an activity has no warning then all his subroutes has no warning
290. assert noWarningActivityImpliesNoWarningSubRoutes{
291. all a: Activity | a.alert = none implies
292. (all s: SubRoute | s in a.route.stage implies s.alert = none)
293. }
294. //check noWarningActivityImpliesNoWarningSubRoutes
295. //OK
296.  
297. pred show{
298. #User = 1
299. #{x: FlexibleActivity | not x.alert = none} = 1
300. #{x: Warning | x not in UNREACHABLE} = 1
301. }
302. run show for 3 but exactly 4 SubRoute, exactly 2 Route