Merge pull request #2600 from atmire/DS-4317_bundles-in-REST-continued

Ds 4317 bundles in rest continued

dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/BundleRestRepository.java

@@ -40,6 +40,7 @@ import org.dspace.core.Context;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
+import org.springframework.data.rest.webmvc.ResourceNotFoundException;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Component;
@@ -202,4 +203,30 @@ public class BundleRestRepository extends DSpaceObjectRestRepository<Bundle, Bun
     public Class<BundleRest> getDomainClass() {
         return BundleRest.class;
     }
+
+    /**
+     * Deletes a bundle whose uuid is given and deletes all the bitstreams it contains in BundleService.delete
+     * @param context
+     *            the dspace context
+     * @param id
+     *            the id of the bundle to delete
+     */
+    @Override
+    @PreAuthorize("hasPermission(#id, 'BUNDLE', 'DELETE')")
+    protected void delete(Context context, UUID id) throws AuthorizeException {
+        Bundle bundleToDelete = null;
+        try {
+            bundleToDelete = bundleService.find(context, id);
+            if (bundleToDelete == null) {
+                throw new ResourceNotFoundException("Bundle with id: " + id + " not found");
+            }
+        } catch (SQLException e) {
+            throw new RuntimeException("Can't find a bundle with id: " + id, e);
+        }
+        try {
+            bundleService.delete(context, bundleToDelete);
+        } catch (IOException | SQLException e) {
+            throw new RuntimeException("Something went wrong trying to delete bundle with id: " + id, e);
+        }
+    }
 }

dspace-server-webapp/src/test/java/org/dspace/app/rest/BundleRestRepositoryIT.java

@@ -11,6 +11,7 @@ import static com.jayway.jsonpath.matchers.JsonPathMatchers.hasJsonPath;
 import static org.hamcrest.Matchers.containsInAnyOrder;
 import static org.hamcrest.Matchers.endsWith;
 import static org.hamcrest.Matchers.is;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
@@ -423,4 +424,126 @@ public class BundleRestRepositoryIT extends AbstractControllerIntegrationTest {
                 )));
     }
 
+    @Test
+    public void deleteBundle() throws Exception {
+        context.turnOffAuthorisationSystem();
+
+        String bitstreamContent = "Dummy content";
+        try (InputStream is = IOUtils.toInputStream(bitstreamContent, CharEncoding.UTF_8)) {
+            bitstream1 = BitstreamBuilder.createBitstream(context, item, is)
+                    .withName("Bitstream")
+                    .withDescription("Description")
+                    .withMimeType("text/plain")
+                    .build();
+            bitstream2 = BitstreamBuilder.createBitstream(context, item, is)
+                    .withName("Bitstream2")
+                    .withDescription("Description2")
+                    .withMimeType("text/plain")
+                    .build();
+        }
+
+        bundle1 = BundleBuilder.createBundle(context, item)
+                .withName("testname")
+                .withBitstream(bitstream1)
+                .withBitstream(bitstream2)
+                .build();
+
+        context.restoreAuthSystemState();
+
+        String token = getAuthToken(admin.getEmail(), password);
+
+        // Check if bundle is present
+        getClient().perform(get("/api/core/bundles/" + bundle1.getID() + "/bitstreams"))
+                .andExpect(status().isOk())
+                .andExpect(content().contentType(contentType))
+                .andExpect(jsonPath("$._embedded.bitstreams", Matchers.hasItems(
+                        BitstreamMatcher.matchBitstreamEntry(bitstream1),
+                        BitstreamMatcher.matchBitstreamEntry(bitstream2)
+                )));
+
+        // Delete bundle with admin auth token
+        getClient(token).perform(delete("/api/core/bundles/" + bundle1.getID()))
+                .andExpect(status().is(204));
+
+        // Verify 404 after delete for bundle AND its bitstreams
+        getClient(token).perform(get("/api/core/bundles/" + bundle1.getID()))
+                .andExpect(status().isNotFound());
+        getClient(token).perform(get("/api/core/bitstreams/" + bitstream1.getID()))
+                .andExpect(status().isNotFound());
+        getClient(token).perform(get("/api/core/bitstreams/" + bitstream2.getID()))
+                .andExpect(status().isNotFound());
+    }
+
+    @Test
+    public void deleteBundle_Forbidden() throws Exception {
+        context.turnOffAuthorisationSystem();
+
+        String bitstreamContent = "Dummy content";
+        try (InputStream is = IOUtils.toInputStream(bitstreamContent, CharEncoding.UTF_8)) {
+            bitstream1 = BitstreamBuilder.createBitstream(context, item, is)
+                    .withName("Bitstream")
+                    .withDescription("Description")
+                    .withMimeType("text/plain")
+                    .build();
+            bitstream2 = BitstreamBuilder.createBitstream(context, item, is)
+                    .withName("Bitstream2")
+                    .withDescription("Description2")
+                    .withMimeType("text/plain")
+                    .build();
+        }
+
+        bundle1 = BundleBuilder.createBundle(context, item)
+                .withName("testname")
+                .withBitstream(bitstream1)
+                .withBitstream(bitstream2)
+                .build();
+
+        context.restoreAuthSystemState();
+
+        String token = getAuthToken(eperson.getEmail(), password);
+
+        // Try to delete bundle with eperson auth token
+        getClient(token).perform(delete("/api/core/bundles/" + bundle1.getID()))
+                .andExpect(status().isForbidden());
+
+        // Verify the bundle is still here
+        getClient(token).perform(get("/api/core/bundles/" + bundle1.getID()))
+                .andExpect(status().isOk());
+    }
+
+    @Test
+    public void deleteBundle_NoAuthToken() throws Exception {
+        context.turnOffAuthorisationSystem();
+
+        String bitstreamContent = "Dummy content";
+        try (InputStream is = IOUtils.toInputStream(bitstreamContent, CharEncoding.UTF_8)) {
+            bitstream1 = BitstreamBuilder.createBitstream(context, item, is)
+                    .withName("Bitstream")
+                    .withDescription("Description")
+                    .withMimeType("text/plain")
+                    .build();
+            bitstream2 = BitstreamBuilder.createBitstream(context, item, is)
+                    .withName("Bitstream2")
+                    .withDescription("Description2")
+                    .withMimeType("text/plain")
+                    .build();
+        }
+
+        bundle1 = BundleBuilder.createBundle(context, item)
+                .withName("testname")
+                .withBitstream(bitstream1)
+                .withBitstream(bitstream2)
+                .build();
+
+        context.restoreAuthSystemState();
+
+        // Try to delete bundle without auth token
+        getClient().perform(delete("/api/core/bundles/" + bundle1.getID()))
+                .andExpect(status().isUnauthorized());
+
+        // Verify the bundle is still here
+        getClient().perform(get("/api/core/bundles/" + bundle1.getID()))
+                .andExpect(status().isOk());
+    }
+
 }