Skip to content

[6.0] [webservices] cannot delete not trashed resource return 409 #45868

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Bodge-IT merged 20 commits into from
Sep 8, 2025
Merged

[6.0] [webservices] cannot delete not trashed resource return 409 #45868

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
5da34ae
cannot delete not trashed banner test
alikon Aug 7, 2025
e54cdd2
return 409
alikon Aug 7, 2025
b9ee6c1
set 409 in the session
alikon Aug 7, 2025
03dfd25
cs
alikon Aug 7, 2025
2e72e0d
cs
alikon Aug 7, 2025
c74de06
cs
alikon Aug 7, 2025
5c2467d
cs
alikon Aug 7, 2025
eb15041
failOnStatusCode
alikon Aug 7, 2025
f7d6512
cy.request
alikon Aug 7, 2025
283bfe7
endpoint
alikon Aug 8, 2025
02cbae8
token
alikon Aug 8, 2025
9b475e6
js cs
alikon Aug 8, 2025
4fbb57e
Merge branch '6.0-dev' into patch-26
alikon Aug 22, 2025
2aebe83
Merge branch '6.0-dev' into patch-26
richard67 Aug 30, 2025
f29452d
Merge branch '6.0-dev' into patch-26
softforge Aug 30, 2025
1582cce
delete 409 and 204
alikon Sep 5, 2025
3d2add3
cs
alikon Sep 5, 2025
0ba15d5
Merge branch '6.0-dev' into patch-26
alikon Sep 6, 2025
a55a015
increase phpstan-neon counter
alikon Sep 7, 2025
e7417c8
Merge branch '6.0-dev' into patch-26
Bodge-IT Sep 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions libraries/src/MVC/Controller/ApiController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
use Joomla\CMS\MVC\Model\ListModel;
use Joomla\CMS\MVC\Model\State;
use Joomla\CMS\MVC\View\JsonApiView;
use Joomla\CMS\Response\JsonResponse;
use Joomla\Input\Input;
use Joomla\Registry\Registry;
use Tobscure\JsonApi\Exception\InvalidParameterException;
Expand Down Expand Up @@ -304,6 +305,23 @@ public function delete($id = null)
if ($model->getError() !== false) {
throw new \RuntimeException($model->getError(), 500);
}

// If the model has set a 409 status code in the session, we return a 409 http status codee
if ($this->app->getSession()->get('http_status_code_409', false)) {
$this->app->getSession()->clear('http_status_code_409');
$this->app->setHeader('status', 409, true);
$this->app->setHeader('Content-Type', 'application/json');
$this->app->sendHeaders();
$body = [
'status' => 'Conflict',
'code' => 409,
'message' => 'Resource not in state that can be deleted, must be trashed before it can be deleted',
];
echo new JsonResponse($body);
$this->app->close();
} else {
throw new \RuntimeException(Text::_('JLIB_APPLICATION_ERROR_DELETE'), 500);
}
}

$this->app->setHeader('status', 204);
Expand Down
20 changes: 18 additions & 2 deletions libraries/src/MVC/Model/AdminModel.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -953,14 +953,30 @@ public function delete(&$pks)
return false;
}

if (Factory::getApplication()->isClient('api')) {
$session = Factory::getApplication()->getSession();
$session->set('http_status_code_409', true);
}

Log::add(Text::_('JLIB_APPLICATION_ERROR_DELETE_NOT_PERMITTED'), Log::WARNING, 'jerror');

return false;
}
} else {
$this->setError($table->getError());
$error = $this->getError();
if ($error) {
$this->setError($table->getError());

return false;
return false;
}
if (Factory::getApplication()->isClient('api')) {
$session = Factory::getApplication()->getSession();
$session->set('http_status_code_409', true);
}

Log::add(Text::_('JLIB_APPLICATION_ERROR_DELETE_NOT_PERMITTED'), Log::WARNING, 'jerror');

return true;
}
}

Expand Down
2 changes: 1 addition & 1 deletion phpstan-baseline.neon
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13104,7 +13104,7 @@ parameters:
Catch thrown Exceptions instead of getError$#
'''
identifier: method.deprecated
count: 1
count: 2
path: libraries/src/MVC/Model/AdminModel.php

-
Expand Down
24 changes: 24 additions & 0 deletions tests/System/integration/api/com_banners/Banners.cy.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,4 +48,28 @@ describe('Test that banners API endpoint', () => {
cy.db_createBanner({ name: 'automated test banner', state: -2 })
.then((banner) => cy.api_delete(`/banners/${banner.id}`));
});

it('check correct response for delete a not existent contact', () => {
cy.api_delete('/banners/9999')
.then((result) => expect(result.status).to.eq(204));
});

it('cannot delete a banner that is not trashed', () => {
cy.db_createBanner({ name: 'automated test banner' })
.then((banner) => {
cy.api_getBearerToken().then((token) => {
cy.request({
method: 'DELETE',
url: `/api/index.php/v1/banners/${banner.id}`,
headers: {
Authorization: `Bearer ${token}`,
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.equal(409);
expect(response.body.data.message).to.include('must be trashed before it can be deleted');
});
});
});
});
});
Loading