fix: revert changes to accept DELETE method

src/main/openapi/daam.yaml

@@ -85,72 +85,65 @@ paths:
       security:
         - daam_auth:
             - read:applications
-  /api/v1/applications/{id}/save-forms-and-duos:
-    post:
-      summary: save application forms and duos
-      operationId: save_application_forms_and_duos_v1
+    delete:
+      summary: Delete application
+      operationId: delete_application_v1
       tags:
         - "application-command"
       parameters:
         - name: id
           in: path
-          description: ID of application to update
+          description: ID of application to delete
           required: true
           schema:
             type: integer
             format: int64
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: "#/components/schemas/SaveFormsAndDuos"
       responses:
         "204":
           description: Successful Response (no content)
-        "404":
-          description: Application not found
+        "403":
+          description: Application does not belong to applicant
           content:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
-        "403":
-          description: Application does not belong to applicant
+        "404":
+          description: Application not found
           content:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
         "409":
-          description: Application not in submittable state
+          description: Application not in draft state
           content:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
       security:
         - daam_auth:
-            - write:applications
-  /api/v1/applications/{id}/submit:
+            - read:applications
+  /api/v1/applications/{id}/save-forms-and-duos:
     post:
-      summary: Submit application
-      operationId: submit_application_v1
+      summary: save application forms and duos
+      operationId: save_application_forms_and_duos_v1
       tags:
         - "application-command"
       parameters:
         - name: id
           in: path
-          description: ID of application to submit
+          description: ID of application to update
           required: true
           schema:
             type: integer
             format: int64
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/SaveFormsAndDuos"
       responses:
         "204":
           description: Successful Response (no content)
-        "400":
-          description: Bad Request
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ErrorResponse"
         "404":
           description: Application not found
           content:
@@ -169,29 +162,28 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
-
       security:
         - daam_auth:
             - write:applications
-  /api/v1/applications/{id}/delete:
+  /api/v1/applications/{id}/submit:
     post:
-      summary: Delete application
-      operationId: delete_application_v1
+      summary: Submit application
+      operationId: submit_application_v1
       tags:
         - "application-command"
       parameters:
         - name: id
           in: path
-          description: ID of application to delete
+          description: ID of application to submit
           required: true
           schema:
             type: integer
             format: int64
       responses:
         "204":
           description: Successful Response (no content)
-        "403":
-          description: Application does not belong to applicant
+        "400":
+          description: Bad Request
           content:
             application/json:
               schema:
@@ -202,15 +194,22 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
+        "403":
+          description: Application does not belong to applicant
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
         "409":
-          description: Application not in draft state
+          description: Application not in submittable state
           content:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
+
       security:
         - daam_auth:
-            - read:applications
+            - write:applications
   /api/v1/applications/create:
     post:
       summary: Create application

src/test/java/io/github/genomicdatainfrastructure/daam/api/DeleteApplicationTest.java

@@ -43,7 +43,7 @@ void cannot_delete_application_when_not_same_applicant() {
                 .auth()
                 .oauth2(getAccessToken("jdoe"))
                 .when()
-                .post("/api/v1/applications/1/delete")
+                .delete("/api/v1/applications/1")
                 .then()
                 .statusCode(403)
                 .body("title", equalTo("User Not Applicant"));
@@ -55,7 +55,7 @@ void cannot_delete_application_when_not_draft() {
                 .auth()
                 .oauth2(getAccessToken("alice"))
                 .when()
-                .post("/api/v1/applications/2/delete")
+                .delete("/api/v1/applications/2")
                 .then()
                 .statusCode(409)
                 .body("title", equalTo("Application Not In Correct State"))
@@ -67,7 +67,7 @@ void cannot_delete_application_when_not_draft() {
     void cannot_delete_application_when_anonymous_request() {
         given()
                 .when()
-                .post("/api/v1/applications/1/delete")
+                .delete("/api/v1/applications/1")
                 .then()
                 .statusCode(401);
     }