DELETE /api/eperson/groups/<:uuid>

2025-10-15 22:13:08 +00:00 · 2020-03-13 15:38:49 +01:00
parent 380bc34e5a
commit de79405b74
2 changed files with 168 additions and 8 deletions
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/GroupRestRepository.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/GroupRestRepository.java
@@ -7,14 +7,6 @@
 */
 package org.dspace.app.rest.repository;

-import static org.apache.commons.lang3.StringUtils.isBlank;
-
-import java.io.IOException;
-import java.sql.SQLException;
-import java.util.List;
-import java.util.UUID;
-import javax.servlet.http.HttpServletRequest;
-
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.dspace.app.rest.Parameter;
 import org.dspace.app.rest.SearchRestMethod;
@@ -30,9 +22,18 @@ import org.dspace.eperson.service.GroupService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
+import org.springframework.data.rest.webmvc.ResourceNotFoundException;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Component;

+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.sql.SQLException;
+import java.util.List;
+import java.util.UUID;
+
+import static org.apache.commons.lang3.StringUtils.isBlank;
+
 /**
 * This is the repository responsible to manage Group Rest object
 *
@@ -149,4 +150,23 @@ public class GroupRestRepository extends DSpaceObjectRestRepository<Group, Group
    public Class<GroupRest> getDomainClass() {
        return GroupRest.class;
    }
+
+    @Override
+    @PreAuthorize("hasAuthority('ADMIN')")
+    protected void delete(Context context, UUID uuid) throws AuthorizeException {
+        Group group = null;
+        try {
+            group = gs.find(context, uuid);
+            if (group == null) {
+                throw new ResourceNotFoundException(
+                        GroupRest.CATEGORY + "." + GroupRest.NAME
+                                + " with id: " + uuid + " not found"
+                );
+            }
+            gs.delete(context, group);
+        } catch (SQLException | IOException e) {
+            throw new RuntimeException(e.getMessage(), e);
+        }
+    }
+
 }
--- a/dspace-server-webapp/src/test/java/org/dspace/app/rest/GroupRestRepositoryIT.java
+++ b/dspace-server-webapp/src/test/java/org/dspace/app/rest/GroupRestRepositoryIT.java
@@ -1509,4 +1509,144 @@ public class GroupRestRepositoryIT extends AbstractControllerIntegrationTest {
            }
        }
    }
+
+    @Test
+    public void deleteGroupTest() throws Exception {
+
+        GroupService groupService = EPersonServiceFactory.getInstance().getGroupService();
+        EPersonService ePersonService = EPersonServiceFactory.getInstance().getEPersonService();
+
+        Group parentGroup = null;
+
+        try {
+            context.turnOffAuthorisationSystem();
+
+            parentGroup = groupService.create(context);
+
+            context.commit();
+
+            parentGroup = context.reloadEntity(parentGroup);
+
+            String authToken = getAuthToken(admin.getEmail(), password);
+
+            getClient(authToken).perform(
+                    get("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isOk());
+
+            getClient(authToken).perform(
+                    delete("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isNoContent());
+
+            getClient(authToken).perform(
+                    get("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isNotFound());
+
+        } finally {
+            if (parentGroup != null) {
+                GroupBuilder.deleteGroup(parentGroup.getID());
+            }
+        }
+    }
+
+    @Test
+    public void deleteGroupUnauthorizedTest() throws Exception {
+
+        GroupService groupService = EPersonServiceFactory.getInstance().getGroupService();
+        EPersonService ePersonService = EPersonServiceFactory.getInstance().getEPersonService();
+
+        Group parentGroup = null;
+
+        try {
+            context.turnOffAuthorisationSystem();
+
+            parentGroup = groupService.create(context);
+
+            context.commit();
+
+            parentGroup = context.reloadEntity(parentGroup);
+
+            String authToken = getAuthToken(admin.getEmail(), password);
+
+            getClient(authToken).perform(
+                    get("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isOk());
+
+            getClient().perform(
+                    delete("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isUnauthorized());
+
+            getClient(authToken).perform(
+                    get("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isOk());
+
+        } finally {
+            if (parentGroup != null) {
+                GroupBuilder.deleteGroup(parentGroup.getID());
+            }
+        }
+    }
+
+    @Test
+    public void deleteGroupForbiddenTest() throws Exception {
+
+        GroupService groupService = EPersonServiceFactory.getInstance().getGroupService();
+        EPersonService ePersonService = EPersonServiceFactory.getInstance().getEPersonService();
+
+        Group parentGroup = null;
+
+        try {
+            context.turnOffAuthorisationSystem();
+
+            parentGroup = groupService.create(context);
+
+            context.commit();
+
+            parentGroup = context.reloadEntity(parentGroup);
+
+            String adminToken = getAuthToken(admin.getEmail(), password);
+            String authToken = getAuthToken(eperson.getEmail(), password);
+
+            getClient(adminToken).perform(
+                    get("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isOk());
+
+            getClient(authToken).perform(
+                    delete("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isForbidden());
+
+            getClient(adminToken).perform(
+                    get("/api/eperson/groups/" + parentGroup.getID())
+            ).andExpect(status().isOk());
+
+        } finally {
+            if (parentGroup != null) {
+                GroupBuilder.deleteGroup(parentGroup.getID());
+            }
+        }
+    }
+
+    @Test
+    public void deleteGroupNotFoundTest() throws Exception {
+
+        GroupService groupService = EPersonServiceFactory.getInstance().getGroupService();
+        EPersonService ePersonService = EPersonServiceFactory.getInstance().getEPersonService();
+
+        Group parentGroup = null;
+
+        try {
+            context.turnOffAuthorisationSystem();
+            context.commit();
+
+            String authToken = getAuthToken(admin.getEmail(), password);
+
+            getClient(authToken).perform(
+                    delete("/api/eperson/groups/" + UUID.randomUUID())
+            ).andExpect(status().isNotFound());
+
+        } finally {
+            if (parentGroup != null) {
+                GroupBuilder.deleteGroup(parentGroup.getID());
+            }
+        }
+    }
 }