mirror of
https://github.com/simple-login/app.git
synced 2024-10-02 22:51:29 +02:00
Add DELETE /api/contacts/:contact_id
This commit is contained in:
parent
9ae6ba323c
commit
54a30a62d2
18
README.md
18
README.md
@ -995,6 +995,24 @@ Return 409 if contact is already added.
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### DELETE /api/contacts/:contact_id
|
||||||
|
|
||||||
|
Delete a contact
|
||||||
|
|
||||||
|
Input:
|
||||||
|
- `Authentication` header that contains the api key
|
||||||
|
- `contact_id` in url.
|
||||||
|
|
||||||
|
Output:
|
||||||
|
If success, 200.
|
||||||
|
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"deleted": true
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
### Database migration
|
### Database migration
|
||||||
|
|
||||||
The database migration is handled by `alembic`
|
The database migration is handled by `alembic`
|
||||||
|
@ -320,3 +320,28 @@ def create_contact_route(alias_id):
|
|||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
return jsonify(**serialize_contact(contact)), 201
|
return jsonify(**serialize_contact(contact)), 201
|
||||||
|
|
||||||
|
|
||||||
|
@api_bp.route("/contacts/<int:contact_id>", methods=["DELETE"])
|
||||||
|
@cross_origin()
|
||||||
|
@verify_api_key
|
||||||
|
def delete_contact(contact_id):
|
||||||
|
"""
|
||||||
|
Delete contact
|
||||||
|
Input:
|
||||||
|
contact_id: in url
|
||||||
|
Output:
|
||||||
|
200
|
||||||
|
|
||||||
|
|
||||||
|
"""
|
||||||
|
user = g.user
|
||||||
|
contact = Contact.get(contact_id)
|
||||||
|
|
||||||
|
if not contact or contact.alias.user_id != user.id:
|
||||||
|
return jsonify(error="Forbidden"), 403
|
||||||
|
|
||||||
|
Contact.delete(contact_id)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
return jsonify(deleted=True), 200
|
||||||
|
@ -267,3 +267,32 @@ def test_create_contact_route(flask_client):
|
|||||||
json={"contact": "First2 Last2 <first@example.com>"},
|
json={"contact": "First2 Last2 <first@example.com>"},
|
||||||
)
|
)
|
||||||
assert r.status_code == 409
|
assert r.status_code == 409
|
||||||
|
|
||||||
|
|
||||||
|
def test_delete_contact(flask_client):
|
||||||
|
user = User.create(
|
||||||
|
email="a@b.c", password="password", name="Test User", activated=True
|
||||||
|
)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
# create api_key
|
||||||
|
api_key = ApiKey.create(user.id, "for test")
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
alias = Alias.create_new_random(user)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
contact = Contact.create(
|
||||||
|
alias_id=alias.id,
|
||||||
|
website_email="contact@example.com",
|
||||||
|
reply_email="reply+random@sl.io",
|
||||||
|
)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
r = flask_client.delete(
|
||||||
|
url_for("api.delete_contact", contact_id=contact.id),
|
||||||
|
headers={"Authentication": api_key.code},
|
||||||
|
)
|
||||||
|
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert r.json == {"deleted": True}
|
||||||
|
Loading…
Reference in New Issue
Block a user