Delete endpoint
This commit is contained in:
parent
4287b96320
commit
9ae96650ec
@ -5,6 +5,7 @@ import org.springframework.data.domain.PageRequest;
|
|||||||
import org.springframework.data.domain.Pageable;
|
import org.springframework.data.domain.Pageable;
|
||||||
import org.springframework.data.domain.Sort;
|
import org.springframework.data.domain.Sort;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.PostMapping;
|
||||||
import org.springframework.web.bind.annotation.PutMapping;
|
import org.springframework.web.bind.annotation.PutMapping;
|
||||||
@ -88,4 +89,14 @@ public class CashCardController {
|
|||||||
cashCardRepository.save(updatedCashCard);
|
cashCardRepository.save(updatedCashCard);
|
||||||
return ResponseEntity.noContent().build();
|
return ResponseEntity.noContent().build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@DeleteMapping("/{id}")
|
||||||
|
private ResponseEntity<Void> deleteCashCard(@PathVariable Long id, Principal principal) {
|
||||||
|
if (cashCardRepository.existsByIdAndOwner(id, principal.getName())) {
|
||||||
|
cashCardRepository.deleteById(id);
|
||||||
|
return ResponseEntity.noContent().build();
|
||||||
|
}
|
||||||
|
|
||||||
|
return ResponseEntity.notFound().build();
|
||||||
|
}
|
||||||
}
|
}
|
@ -13,4 +13,5 @@ extends
|
|||||||
{
|
{
|
||||||
CashCard findByIdAndOwner(Long id, String owner);
|
CashCard findByIdAndOwner(Long id, String owner);
|
||||||
Page<CashCard> findByOwner(String owner, PageRequest amount);
|
Page<CashCard> findByOwner(String owner, PageRequest amount);
|
||||||
|
boolean existsByIdAndOwner(Long id, String owner);
|
||||||
}
|
}
|
||||||
|
@ -47,7 +47,13 @@ public class SecurityConfig {
|
|||||||
.password(passwordEncoder.encode("qrs456"))
|
.password(passwordEncoder.encode("qrs456"))
|
||||||
.roles("NON-OWNER") // new role
|
.roles("NON-OWNER") // new role
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
|
UserDetails kumar = users
|
||||||
|
.username("kumar2")
|
||||||
|
.password(passwordEncoder.encode("xyz789"))
|
||||||
|
.roles("CARD-OWNER") // new role
|
||||||
|
.build();
|
||||||
|
|
||||||
return new InMemoryUserDetailsManager(sarah, hankOwnsNoCards);
|
return new InMemoryUserDetailsManager(sarah, hankOwnsNoCards, kumar);
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -204,4 +204,41 @@ class CashcardApplicationTests {
|
|||||||
.exchange("/cashcards/99999", HttpMethod.PUT, request, Void.class);
|
.exchange("/cashcards/99999", HttpMethod.PUT, request, Void.class);
|
||||||
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND);
|
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@DirtiesContext
|
||||||
|
void shouldDeleteAnExistingCashCard() {
|
||||||
|
ResponseEntity<Void> response = restTemplate
|
||||||
|
.withBasicAuth("sarah1", "abc123")
|
||||||
|
.exchange("/cashcards/99", HttpMethod.DELETE, null, Void.class);
|
||||||
|
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.NO_CONTENT);
|
||||||
|
|
||||||
|
// Ensure that the resource was actually deleted:
|
||||||
|
ResponseEntity<String> getResponse = restTemplate
|
||||||
|
.withBasicAuth("sarah1", "abc123")
|
||||||
|
.getForEntity("/cashcards/99", String.class);
|
||||||
|
assertThat(getResponse.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void shouldNotDeleteACashCardThatDoesNotExist() {
|
||||||
|
ResponseEntity<Void> deleteResponse = restTemplate
|
||||||
|
.withBasicAuth("sarah1", "abc123")
|
||||||
|
.exchange("/cashcards/99999", HttpMethod.DELETE, null, Void.class);
|
||||||
|
assertThat(deleteResponse.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void shouldNotAllowDeletionOfCashCardsTheyDoNotOwn() {
|
||||||
|
ResponseEntity<Void> deleteResponse = restTemplate
|
||||||
|
.withBasicAuth("sarah1", "abc123")
|
||||||
|
.exchange("/cashcards/102", HttpMethod.DELETE, null, Void.class);
|
||||||
|
assertThat(deleteResponse.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND);
|
||||||
|
|
||||||
|
// Ensure that the record still exsists:
|
||||||
|
ResponseEntity<String> getResponse = restTemplate
|
||||||
|
.withBasicAuth("kumar2", "xyz789")
|
||||||
|
.getForEntity("/cashcards/102", String.class);
|
||||||
|
assertThat(getResponse.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user