Merge pull request #758 from djberg96/regions_post_actions2

Remove ability to delete a region (cherry picked from commit 1343e58) Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1805844
ManageIQ · Feb 27, 2020 · 85bc2f7 · 85bc2f7
1 parent c330a9c
commit 85bc2f7
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 44 deletions.
diff --git a/app/controllers/api/regions_controller.rb b/app/controllers/api/regions_controller.rb
@@ -1,6 +1,6 @@
 module Api
   class RegionsController < BaseController
-    INVALID_REGIONS_ATTRS = ID_ATTRS + %w[created_at updated_at].freeze
+    INVALID_REGIONS_ATTRS = ID_ATTRS + %w[created_at updated_at region guid migrations_ran maintenance_zone_id].freeze
 
     # Edit an existing region (MiqRegion). Certain fields are meant for
     # internal use only and may not be edited. Attempting to edit one of

diff --git a/config/api.yml b/config/api.yml
@@ -2566,7 +2566,7 @@
     - :settings
     :options:
     - :collection
-    :verbs: *gpd
+    :verbs: *gp
     :klass: MiqRegion
     :collection_actions:
       :get:
@@ -2577,20 +2577,13 @@
         :identifier: region
       - :name: edit
         :identifier: region_edit
-      - :name: delete
-        :identifier: region_delete
     :resource_actions:
       :get:
       - :name: read
         :identifier: region
       :post:
       - :name: edit
         :identifier: region_edit
-      - :name: delete
-        :identifier: region_delete
-      :delete:
-      - :name: delete
-        :identifier: region_delete
   :reports:
     :description: Reports
     :identifier: miq_report

diff --git a/spec/requests/regions_spec.rb b/spec/requests/regions_spec.rb
@@ -124,42 +124,10 @@
   end
 
   context "delete", :delete do
-    it "can delete a region with POST" do
-      api_basic_authorize action_identifier(:regions, :delete)
-      region = FactoryBot.create(:miq_region)
-
-      expect { post api_region_url(nil, region), :params => gen_request(:delete) }.to change(MiqRegion, :count).by(-1)
-      expect(response).to have_http_status(:ok)
-    end
-
-    it "can delete a region with DELETE" do
-      api_basic_authorize action_identifier(:regions, :delete)
-      region = FactoryBot.create(:miq_region)
-
-      expect { delete api_region_url(nil, region) }.to change(MiqRegion, :count).by(-1)
-      expect(response).to have_http_status(:no_content)
-    end
-
-    it "can delete multiple regions with POST" do
-      api_basic_authorize action_identifier(:regions, :delete)
-      regions = FactoryBot.create_list(:miq_region, 2)
-
-      options = [
-        {"href" => api_region_url(nil, regions.first)},
-        {"href" => api_region_url(nil, regions.last)}
-      ]
-
-      expect { post api_regions_url, :params => gen_request(:delete, options) }.to change(MiqRegion, :count).by(-2)
-      expect(response).to have_http_status(:ok)
-    end
-
-    it "forbids deletion of a region without an appropriate role" do
-      api_basic_authorize
+    it "forbids deletion of a region" do
       region = FactoryBot.create(:miq_region, :description => "Current Region description")
-
-      delete api_region_url(nil, region)
-
-      expect(response).to have_http_status(:forbidden)
+      delete(api_region_url(nil, region))
+      expect(response).to have_http_status(:not_found)
     end
   end