Archived
2

DELETE method

This commit is contained in:
VLE2FE 2020-05-12 17:37:01 +02:00
parent ff36b49cc5
commit 5bce7a1e98
3 changed files with 94 additions and 3 deletions

View File

@ -22,7 +22,7 @@
500:
$ref: 'api.yaml#/components/responses/500'
put:
summary: TODO change measurement
summary: change measurement
description: 'Auth: basic, levels: write, maintain, dev, admin'
x-doc: status is reset to 0 on any changes
tags:
@ -55,7 +55,7 @@
500:
$ref: 'api.yaml#/components/responses/500'
delete:
summary: TODO delete measurement
summary: delete measurement
description: 'Auth: basic, levels: write, maintain, dev, admin'
tags:
- /measurement
@ -77,7 +77,7 @@
/measurement/new:
post:
summary: TODO add measurement
summary: add measurement
description: 'Auth: basic, levels: write, maintain, dev, admin'
x-doc: 'Adds status: 0 automatically'
tags:

View File

@ -223,6 +223,81 @@ describe('/measurement', () => {
});
});
describe('DELETE /measurement/{id}', () => {
it('sets the status to deleted', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000000000000000001',
auth: {basic: 'janedoe'},
httpStatus: 200,
}).end((err, res) => {
if (err) return done(err);
should(res.body).be.eql({status: 'OK'});
MeasurementModel.findById('800000000000000000000001').lean().exec((err, data) => {
if (err) return done(err);
should(data).have.property('status', -1);
done();
});
});
});
it('rejects an API key', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000000000000000001',
auth: {key: 'janedoe'},
httpStatus: 401,
});
});
it('rejects requests from a read user', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000000000000000001',
auth: {basic: 'user'},
httpStatus: 403,
});
});
it('rejects deleting a measurement for a write user who did not create this measurement', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000000000000000003',
auth: {basic: 'janedoe'},
httpStatus: 403,
});
});
it('accepts deleting a measurement of another user for a maintain/admin user', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000000000000000001',
auth: {basic: 'admin'},
httpStatus: 200,
res: {status: 'OK'}
});
});
it('rejects an invalid id', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000h00000000000001',
auth: {basic: 'janedoe'},
httpStatus: 404,
});
});
it('rejects an unknown id', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/000000000000000000000001',
auth: {basic: 'janedoe'},
httpStatus: 404,
});
});
it('rejects unauthorized requests', done => {
TestHelper.request(server, done, {
method: 'delete',
url: '/measurement/800000000000000000000001',
httpStatus: 401,
});
});
});
describe('POST /measurement/new', () => {
it('returns the right measurement', done => {
TestHelper.request(server, done, {

View File

@ -55,6 +55,22 @@ router.put('/measurement/' + IdValidate.parameter(), async (req, res, next) => {
});
});
router.delete('/measurement/' + IdValidate.parameter(), (req, res, next) => {
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
MeasurementModel.findById(req.params.id).lean().exec(async (err, data) => {
if (err) return next(err);
if (!data) {
res.status(404).json({status: 'Not found'});
}
if (!await conditionIdCheck(data, req, res, next)) return;
await MeasurementModel.findByIdAndUpdate(req.params.id, {status: -1}).lean().exec(async err => {
if (err) return next(err);
res.json({status: 'OK'});
});
});
});
router.post('/measurement/new', async (req, res, next) => {
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;