diff --git a/lib/Alchemy/Phrasea/Controller/Api/V1Controller.php b/lib/Alchemy/Phrasea/Controller/Api/V1Controller.php
index e66af7e87e..d0c1201141 100644
--- a/lib/Alchemy/Phrasea/Controller/Api/V1Controller.php
+++ b/lib/Alchemy/Phrasea/Controller/Api/V1Controller.php
@@ -1936,6 +1936,22 @@ class V1Controller extends Controller
         return Result::create($request, $ret)->createResponse();
     }
 
+    /**
+     * @param Request $request
+     * @param int     $databox_id
+     * @param int     $record_id
+     * @return Response
+     */
+    public function deleteRecordAction(Request $request, $databox_id, $record_id)
+    {
+        $databox = $this->findDataboxById($databox_id);
+        $record = $databox->get_record($record_id);
+
+        $record->delete();
+
+        return Result::create($request, [])->createResponse();
+    }
+
     /**
      * Return detailed information about one record
      *
@@ -2843,6 +2859,18 @@ class V1Controller extends Controller
         return null;
     }
 
+    public function ensureCanDeleteRecord(Request $request)
+    {
+        $user = $this->getApiAuthenticatedUser();
+        $record = $this->findDataboxById($request->attributes->get('databox_id'))
+            ->get_record($request->attributes->get('record_id'));
+
+        if (!$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), 'candeleterecord')) {
+            return Result::createError($request, 401, 'You are not authorized')->createResponse();
+        }
+
+        return null;
+    }
 
     public function ensureJsonContentType(Request $request)
     {
diff --git a/lib/Alchemy/Phrasea/ControllerProvider/Api/V1.php b/lib/Alchemy/Phrasea/ControllerProvider/Api/V1.php
index d179c68d96..a4942e6119 100644
--- a/lib/Alchemy/Phrasea/ControllerProvider/Api/V1.php
+++ b/lib/Alchemy/Phrasea/ControllerProvider/Api/V1.php
@@ -175,6 +175,11 @@ class V1 implements ControllerProviderInterface, ServiceProviderInterface
             'controller.api.v1:getBadRequestAction'
         );
 
+        $controllers->delete('/records/{databox_id}/{record_id}/', 'controller.api.v1:deleteRecordAction')
+            ->before('controller.api.v1:ensureCanDeleteToRecord')
+            ->assert('databox_id', '\d+')
+            ->assert('record_id', '\d+');
+
         $controllers->get('/records/{databox_id}/{record_id}/', 'controller.api.v1:getRecordAction')
             ->before('controller.api.v1:ensureCanAccessToRecord')
             ->assert('databox_id', '\d+')
diff --git a/lib/classes/ACL.php b/lib/classes/ACL.php
index 04e0f3d404..5a851a7dc4 100644
--- a/lib/classes/ACL.php
+++ b/lib/classes/ACL.php
@@ -950,14 +950,15 @@ class ACL implements cache_cacheableInterface
             $this->_limited = $data;
 
             return $this;
-        } catch (\Exception $e) {
+        }
+        catch (\Exception $e) {
+            // no-op
         }
 
-        $sql = 'SELECT  u.* FROM basusr u, bas b, sbas s
-            WHERE usr_id= :usr_id
-            AND b.base_id = u.base_id
-            AND b.sbas_id = s.sbas_id
-            AND s.sbas_id = b.sbas_id ';
+        $sql = "SELECT  u.* FROM basusr u, bas b, sbas s\n"
+            . "WHERE usr_id= :usr_id\n"
+            . "AND b.base_id = u.base_id\n"
+            . "AND s.sbas_id = b.sbas_id";
 
         $stmt = $this->app->getApplicationBox()->get_connection()->prepare($sql);
         $stmt->execute([':usr_id' => $this->user->getId()]);
diff --git a/lib/classes/record/adapter.php b/lib/classes/record/adapter.php
index fa3c466a9e..d1ac89263b 100644
--- a/lib/classes/record/adapter.php
+++ b/lib/classes/record/adapter.php
@@ -1360,16 +1360,6 @@ class record_adapter implements RecordInterface, cache_cacheableInterface
         $stmt->execute([':record_id' => $this->getRecordId()]);
         $stmt->closeCursor();
 
-        $sql = "DELETE FROM prop WHERE record_id = :record_id";
-        $stmt = $connection->prepare($sql);
-        $stmt->execute([':record_id' => $this->getRecordId()]);
-        $stmt->closeCursor();
-
-        $sql = "DELETE FROM idx WHERE record_id = :record_id";
-        $stmt = $connection->prepare($sql);
-        $stmt->execute([':record_id' => $this->getRecordId()]);
-        $stmt->closeCursor();
-
         $sql = "DELETE FROM permalinks WHERE subdef_id IN (SELECT subdef_id FROM subdef WHERE record_id=:record_id)";
         $stmt = $connection->prepare($sql);
         $stmt->execute([':record_id' => $this->getRecordId()]);
@@ -1385,19 +1375,9 @@ class record_adapter implements RecordInterface, cache_cacheableInterface
         $stmt->execute([':record_id' => $this->getRecordId()]);
         $stmt->closeCursor();
 
-        $sql = "DELETE FROM thit WHERE record_id = :record_id";
+        $sql = "DELETE FROM regroup WHERE rid_parent = :record_id1 OR rid_child = :record_id2";
         $stmt = $connection->prepare($sql);
-        $stmt->execute([':record_id' => $this->getRecordId()]);
-        $stmt->closeCursor();
-
-        $sql = "DELETE FROM regroup WHERE rid_parent = :record_id";
-        $stmt = $connection->prepare($sql);
-        $stmt->execute([':record_id' => $this->getRecordId()]);
-        $stmt->closeCursor();
-
-        $sql = "DELETE FROM regroup WHERE rid_child = :record_id";
-        $stmt = $connection->prepare($sql);
-        $stmt->execute([':record_id' => $this->getRecordId()]);
+        $stmt->execute([':record_id1' => $this->getRecordId(), ':record_id2' => $this->getRecordId()]);
         $stmt->closeCursor();
 
         $orderElementRepository = $this->app['repo.order-elements'];