Allow for admin deletion of challenge tracks and types

#519

Author: jmgasper

app-constants.js

@@ -64,6 +64,10 @@ const Topics = {
   ChallengeDeleted: 'challenge.notification.delete',
   ChallengeTypeCreated: 'test.new.bus.events', // 'challenge.action.type.created',
   ChallengeTypeUpdated: 'test.new.bus.events', // 'challenge.action.type.updated',
+  ChallengeTypeDeleted: 'test.new.bus.events', // 'challenge.action.type.deleted',
+  ChallengeTrackCreated: 'test.new.bus.events', // 'challenge.action.track.created',
+  ChallengeTrackUpdated: 'test.new.bus.events', // 'challenge.action.track.updated',
+  ChallengeTrackDeleted: 'test.new.bus.events', // 'challenge.action.track.deleted',
   ChallengePhaseCreated: 'test.new.bus.events', // 'challenge.action.phase.created',
   ChallengePhaseUpdated: 'test.new.bus.events', // 'challenge.action.phase.updated',
   ChallengePhaseDeleted: 'test.new.bus.events', // 'challenge.action.phase.deleted',

docs/swagger.yaml

@@ -908,6 +908,46 @@ paths:
           description: Internal Server error
           schema:
             $ref: "#/definitions/ErrorModel"
+    delete:
+      tags:
+        - ChallengeTypes
+      description: Delete the challenge type with specified id.
+      security:
+        - bearer: []
+      produces:
+        - application/json
+      parameters:
+        - name: challengeTypeId
+          in: path
+          required: true
+          type: string
+          format: UUID
+          description: The id of challengeType to be deleted
+      responses:
+        "200":
+          description: Deleted - The request was successful and the resource is returned.
+          schema:
+            $ref: "#/definitions/ChallengeType"
+        "400":
+          description: Bad request. Request parameters were invalid.
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "401":
+          description: Unauthorized. Fail to authenticate the requester.
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "403":
+          description: Forbidden. The requester does not have the correct permission to delete the challenge type.
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "404":
+          description: Not Found. Challenge type not found
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "500":
+          description: Internal Server Error
+          schema:
+            $ref: "#/definitions/ErrorModel"
   /challenge-tracks:
     get:
       tags:
@@ -1143,6 +1183,46 @@ paths:
           description: Internal Server Error
           schema:
             $ref: "#/definitions/ErrorModel"
+    delete:
+      tags:
+        - ChallengeTracks
+      description: Delete the challenge track with specified id.
+      security:
+        - bearer: []
+      produces:
+        - application/json
+      parameters:
+        - name: challengeTrackId
+          in: path
+          required: true
+          type: string
+          format: UUID
+          description: The id of challengeTrack to be deleted.
+      responses:
+        "200":
+          description: Deleted - The request was successful and the resource is returned.
+          schema:
+            $ref: "#/definitions/ChallengeTrack"
+        "400":
+          description: Bad request. Request parameters were invalid.
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "401":
+          description: Unauthorized. Fail to authenticate the requester.
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "403":
+          description: Forbidden. The requester does not have the correct permission to delete the challenge track.
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "404":
+          description: Not Found. Challenge track not found
+          schema:
+            $ref: "#/definitions/ErrorModel"
+        "500":
+          description: Internal Server Error
+          schema:
+            $ref: "#/definitions/ErrorModel"
   /challenge-phases:
     get:
       tags:

src/controllers/ChallengeTrackController.js

@@ -56,10 +56,21 @@ async function partiallyUpdateChallengeTrack (req, res) {
   res.send(result)
 }
 
+/**
+ * Delete challenge track
+ * @param {Object} req the request
+ * @param {Object} res the response
+ */
+async function deleteChallengeTrack (req, res) {
+  const result = await service.deleteChallengeTrack(req.params.challengeTrackId)
+  res.send(result)
+}
+
 module.exports = {
   searchChallengeTracks,
   createChallengeTrack,
   getChallengeTrack,
   fullyUpdateChallengeTrack,
-  partiallyUpdateChallengeTrack
+  partiallyUpdateChallengeTrack,
+  deleteChallengeTrack
 }

src/controllers/ChallengeTypeController.js

@@ -56,10 +56,21 @@ async function partiallyUpdateChallengeType (req, res) {
   res.send(result)
 }
 
+/**
+ * Delete challenge type
+ * @param {Object} req the request
+ * @param {Object} res the response
+ */
+async function deleteChallengeType (req, res) {
+  const result = await service.deleteChallengeType(req.params.challengeTypeId)
+  res.send(result)
+}
+
 module.exports = {
   searchChallengeTypes,
   createChallengeType,
   getChallengeType,
   fullyUpdateChallengeType,
-  partiallyUpdateChallengeType
+  partiallyUpdateChallengeType,
+  deleteChallengeType
 }

src/routes.js

@@ -113,6 +113,13 @@ module.exports = {
       auth: 'jwt',
       access: [constants.UserRoles.Admin, constants.UserRoles.Copilot, constants.UserRoles.Manager],
       scopes: [UPDATE, ALL]
+    },
+    delete: {
+      controller: 'ChallengeTypeController',
+      method: 'deleteChallengeType',
+      auth: 'jwt',
+      access: [constants.UserRoles.Admin, constants.UserRoles.Copilot, constants.UserRoles.Manager],
+      scopes: [DELETE, ALL]
     }
   },
   '/challenge-tracks': {
@@ -146,6 +153,13 @@ module.exports = {
       auth: 'jwt',
       access: [constants.UserRoles.Admin, constants.UserRoles.Copilot, constants.UserRoles.Manager],
       scopes: [UPDATE, ALL]
+    },
+    delete: {
+      controller: 'ChallengeTrackController',
+      method: 'deleteChallengeTrack',
+      auth: 'jwt',
+      access: [constants.UserRoles.Admin, constants.UserRoles.Copilot, constants.UserRoles.Manager],
+      scopes: [DELETE, ALL]
     }
   },
   '/challenge-timelines': {

src/services/ChallengeTrackService.js

@@ -172,12 +172,32 @@ partiallyUpdateChallengeTrack.schema = {
   }).required()
 }
 
+/**
+ * Delete challenge track.
+ * @param {String} id the challenge track id
+ * @return {Object} the deleted challenge track
+ */
+async function deleteChallengeTrack (id) {
+  const span = await logger.startSpan('ChallengeTrackService.deleteChallengeTrack')
+  const record = await helper.getById('ChallengeTrack', id)
+  await record.delete()
+  // post bus event
+  await helper.postBusEvent(constants.Topics.ChallengeTrackDeleted, record)
+  await logger.endSpan(span)
+  return record
+}
+
+deleteChallengeTrack.schema = {
+  id: Joi.id()
+}
+
 module.exports = {
   searchChallengeTracks,
   createChallengeTrack,
   getChallengeTrack,
   fullyUpdateChallengeTrack,
-  partiallyUpdateChallengeTrack
+  partiallyUpdateChallengeTrack,
+  deleteChallengeTrack
 }
 
 // logger.buildService(module.exports)

src/services/ChallengeTypeService.js

@@ -150,12 +150,32 @@ partiallyUpdateChallengeType.schema = {
   }).required()
 }
 
+/**
+ * Delete challenge type.
+ * @param {String} id the challenge type id
+ * @returns {Object} the deleted challenge type
+ */
+async function deleteChallengeType (id) {
+  const span = await logger.startSpan('ChallengeTypeService.deleteChallengeType')
+  const ret = await helper.getById('ChallengeType', id)
+  await ret.delete()
+  // post bus event
+  await helper.postBusEvent(constants.Topics.ChallengeTypeDeleted, ret)
+  await logger.endSpan(span)
+  return ret
+}
+
+deleteChallengeType.schema = {
+  id: Joi.id()
+}
+
 module.exports = {
   searchChallengeTypes,
   createChallengeType,
   getChallengeType,
   fullyUpdateChallengeType,
-  partiallyUpdateChallengeType
+  partiallyUpdateChallengeType,
+  deleteChallengeType
 }
 
 // logger.buildService(module.exports)

test/e2e/challenge.type.api.test.js

@@ -665,4 +665,46 @@ describe('challenge type API E2E tests', () => {
       should.equal(response.body.message, '"legacyId" must be a number')
     })
   })
+
+  describe('remove challenge type API tests', () => {
+    it('remove challenge type - forbidden', async () => {
+      const response = await chai.request(app)
+        .delete(`${basePath}/${id}`)
+        .set('Authorization', `Bearer ${config.USER_TOKEN}`)
+      should.equal(response.status, 403)
+      should.equal(response.body.message, 'You are not allowed to perform this action!')
+    })
+
+    it('remove challenge type successfully', async () => {
+      const response = await chai.request(app)
+        .delete(`${basePath}/${id}`)
+        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+      should.equal(response.status, 200)
+      should.equal(response.body.id, id)
+    })
+
+    it('remove challenge type - not found 1', async () => {
+      const response = await chai.request(app)
+        .delete(`${basePath}/${id}`)
+        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+      should.equal(response.status, 404)
+      should.equal(response.body.message, `ChallengeType with id: ${id} doesn't exist`)
+    })
+
+    it('remove challenge type - not found 2', async () => {
+      const response = await chai.request(app)
+        .delete(`${basePath}/${notFoundId}`)
+        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+      should.equal(response.status, 404)
+      should.equal(response.body.message, `ChallengeType with id: ${notFoundId} doesn't exist`)
+    })
+
+    it('remove challenge type - invalid id', async () => {
+      const response = await chai.request(app)
+        .delete(`${basePath}/invalid`)
+        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+      should.equal(response.status, 400)
+      should.equal(response.body.message, '"challengeTypeId" must be a valid GUID')
+    })
+  })
 })

test/unit/ChallengeTypeService.test.js

@@ -630,4 +630,41 @@ describe('challenge type service unit tests', () => {
       throw new Error('should not reach here')
     })
   })
+
+  describe('remove challenge type tests', () => {
+    it('remove challenge type successfully', async () => {
+      const result = await service.deleteChallengeType(id2)
+      should.equal(result.id, id2)
+    })
+
+    it('remove challenge type - not found 1', async () => {
+      try {
+        await service.deleteChallengeType(notFoundId)
+      } catch (e) {
+        should.equal(e.message, `ChallengeType with id: ${notFoundId} doesn't exist`)
+        return
+      }
+      throw new Error('should not reach here')
+    })
+
+    it('remove challenge type - not found 2', async () => {
+      try {
+        await service.deleteChallengeType(id2)
+      } catch (e) {
+        should.equal(e.message, `ChallengeType with id: ${id2} doesn't exist`)
+        return
+      }
+      throw new Error('should not reach here')
+    })
+
+    it('remove challenge type - invalid id', async () => {
+      try {
+        await service.deleteChallengeType('invalid')
+      } catch (e) {
+        should.equal(e.message.indexOf('"challengeType" must be a valid GUID') >= 0, true)
+        return
+      }
+      throw new Error('should not reach here')
+    })
+  })
 })