diff --git a/src/main/openapi/daam.yaml b/src/main/openapi/daam.yaml index c28b27d..49479f9 100644 --- a/src/main/openapi/daam.yaml +++ b/src/main/openapi/daam.yaml @@ -85,72 +85,65 @@ paths: security: - daam_auth: - read:applications - /api/v1/applications/{id}/save-forms-and-duos: - post: - summary: save application forms and duos - operationId: save_application_forms_and_duos_v1 + delete: + summary: Delete application + operationId: delete_application_v1 tags: - "application-command" parameters: - name: id in: path - description: ID of application to update + description: ID of application to delete required: true schema: type: integer format: int64 - requestBody: - content: - application/json: - schema: - $ref: "#/components/schemas/SaveFormsAndDuos" responses: "204": description: Successful Response (no content) - "404": - description: Application not found + "403": + description: Application does not belong to applicant content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" - "403": - description: Application does not belong to applicant + "404": + description: Application not found content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" "409": - description: Application not in submittable state + description: Application not in draft state content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" security: - daam_auth: - - write:applications - /api/v1/applications/{id}/submit: + - read:applications + /api/v1/applications/{id}/save-forms-and-duos: post: - summary: Submit application - operationId: submit_application_v1 + summary: save application forms and duos + operationId: save_application_forms_and_duos_v1 tags: - "application-command" parameters: - name: id in: path - description: ID of application to submit + description: ID of application to update required: true schema: type: integer format: int64 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/SaveFormsAndDuos" responses: "204": description: Successful Response (no content) - "400": - description: Bad Request - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorResponse" "404": description: Application not found content: @@ -169,20 +162,19 @@ paths: application/json: schema: $ref: "#/components/schemas/ErrorResponse" - security: - daam_auth: - write:applications - /api/v1/applications/{id}/delete: + /api/v1/applications/{id}/submit: post: - summary: Delete application - operationId: delete_application_v1 + summary: Submit application + operationId: submit_application_v1 tags: - "application-command" parameters: - name: id in: path - description: ID of application to delete + description: ID of application to submit required: true schema: type: integer @@ -190,8 +182,8 @@ paths: responses: "204": description: Successful Response (no content) - "403": - description: Application does not belong to applicant + "400": + description: Bad Request content: application/json: schema: @@ -202,15 +194,22 @@ paths: application/json: schema: $ref: "#/components/schemas/ErrorResponse" + "403": + description: Application does not belong to applicant + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorResponse" "409": - description: Application not in draft state + description: Application not in submittable state content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" + security: - daam_auth: - - read:applications + - write:applications /api/v1/applications/create: post: summary: Create application diff --git a/src/test/java/io/github/genomicdatainfrastructure/daam/api/DeleteApplicationTest.java b/src/test/java/io/github/genomicdatainfrastructure/daam/api/DeleteApplicationTest.java index d2dd42d..341615e 100644 --- a/src/test/java/io/github/genomicdatainfrastructure/daam/api/DeleteApplicationTest.java +++ b/src/test/java/io/github/genomicdatainfrastructure/daam/api/DeleteApplicationTest.java @@ -43,7 +43,7 @@ void cannot_delete_application_when_not_same_applicant() { .auth() .oauth2(getAccessToken("jdoe")) .when() - .post("/api/v1/applications/1/delete") + .delete("/api/v1/applications/1") .then() .statusCode(403) .body("title", equalTo("User Not Applicant")); @@ -55,7 +55,7 @@ void cannot_delete_application_when_not_draft() { .auth() .oauth2(getAccessToken("alice")) .when() - .post("/api/v1/applications/2/delete") + .delete("/api/v1/applications/2") .then() .statusCode(409) .body("title", equalTo("Application Not In Correct State")) @@ -67,7 +67,7 @@ void cannot_delete_application_when_not_draft() { void cannot_delete_application_when_anonymous_request() { given() .when() - .post("/api/v1/applications/1/delete") + .delete("/api/v1/applications/1") .then() .statusCode(401); }