DELETE method
This commit is contained in:
VLE2FE
@@ -22,7 +22,7 @@
|
|||||||
500:
|
500:
|
||||||
$ref: 'api.yaml#/components/responses/500'
|
$ref: 'api.yaml#/components/responses/500'
|
||||||
put:
|
put:
|
||||||
summary: TODO change measurement
|
summary: change measurement
|
||||||
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
||||||
x-doc: status is reset to 0 on any changes
|
x-doc: status is reset to 0 on any changes
|
||||||
tags:
|
tags:
|
||||||
@@ -55,7 +55,7 @@
|
|||||||
500:
|
500:
|
||||||
$ref: 'api.yaml#/components/responses/500'
|
$ref: 'api.yaml#/components/responses/500'
|
||||||
delete:
|
delete:
|
||||||
summary: TODO delete measurement
|
summary: delete measurement
|
||||||
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
||||||
tags:
|
tags:
|
||||||
- /measurement
|
- /measurement
|
||||||
@@ -77,7 +77,7 @@
|
|||||||
|
|
||||||
/measurement/new:
|
/measurement/new:
|
||||||
post:
|
post:
|
||||||
summary: TODO add measurement
|
summary: add measurement
|
||||||
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
||||||
x-doc: 'Adds status: 0 automatically'
|
x-doc: 'Adds status: 0 automatically'
|
||||||
tags:
|
tags:
|
||||||
|
|||||||
@@ -223,6 +223,81 @@ describe('/measurement', () => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('DELETE /measurement/{id}', () => {
|
||||||
|
it('sets the status to deleted', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000000000000000001',
|
||||||
|
auth: {basic: 'janedoe'},
|
||||||
|
httpStatus: 200,
|
||||||
|
}).end((err, res) => {
|
||||||
|
if (err) return done(err);
|
||||||
|
should(res.body).be.eql({status: 'OK'});
|
||||||
|
MeasurementModel.findById('800000000000000000000001').lean().exec((err, data) => {
|
||||||
|
if (err) return done(err);
|
||||||
|
should(data).have.property('status', -1);
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('rejects an API key', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000000000000000001',
|
||||||
|
auth: {key: 'janedoe'},
|
||||||
|
httpStatus: 401,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('rejects requests from a read user', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000000000000000001',
|
||||||
|
auth: {basic: 'user'},
|
||||||
|
httpStatus: 403,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('rejects deleting a measurement for a write user who did not create this measurement', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000000000000000003',
|
||||||
|
auth: {basic: 'janedoe'},
|
||||||
|
httpStatus: 403,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('accepts deleting a measurement of another user for a maintain/admin user', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000000000000000001',
|
||||||
|
auth: {basic: 'admin'},
|
||||||
|
httpStatus: 200,
|
||||||
|
res: {status: 'OK'}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('rejects an invalid id', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000h00000000000001',
|
||||||
|
auth: {basic: 'janedoe'},
|
||||||
|
httpStatus: 404,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('rejects an unknown id', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/000000000000000000000001',
|
||||||
|
auth: {basic: 'janedoe'},
|
||||||
|
httpStatus: 404,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('rejects unauthorized requests', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'delete',
|
||||||
|
url: '/measurement/800000000000000000000001',
|
||||||
|
httpStatus: 401,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
describe('POST /measurement/new', () => {
|
describe('POST /measurement/new', () => {
|
||||||
it('returns the right measurement', done => {
|
it('returns the right measurement', done => {
|
||||||
TestHelper.request(server, done, {
|
TestHelper.request(server, done, {
|
||||||
|
|||||||
@@ -55,6 +55,22 @@ router.put('/measurement/' + IdValidate.parameter(), async (req, res, next) => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
router.delete('/measurement/' + IdValidate.parameter(), (req, res, next) => {
|
||||||
|
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
|
||||||
|
|
||||||
|
MeasurementModel.findById(req.params.id).lean().exec(async (err, data) => {
|
||||||
|
if (err) return next(err);
|
||||||
|
if (!data) {
|
||||||
|
res.status(404).json({status: 'Not found'});
|
||||||
|
}
|
||||||
|
if (!await conditionIdCheck(data, req, res, next)) return;
|
||||||
|
await MeasurementModel.findByIdAndUpdate(req.params.id, {status: -1}).lean().exec(async err => {
|
||||||
|
if (err) return next(err);
|
||||||
|
res.json({status: 'OK'});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
router.post('/measurement/new', async (req, res, next) => {
|
router.post('/measurement/new', async (req, res, next) => {
|
||||||
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
|
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user