bigdoods · adamtheturtle · Nov 29, 2015 · Nov 27, 2015 · Nov 27, 2015 · Nov 27, 2015
diff --git a/authentication/authentication.py b/authentication/authentication.py
@@ -89,10 +89,8 @@ def load_user_from_id(user_id):
         there is no such user.
     :rtype: ``User`` or ``None``.
     """
-    response = requests.get(
-        urljoin(STORAGE_URL, 'users/{email}').format(email=user_id),
-        headers={'Content-Type': 'application/json'},
-    )
+    url = urljoin(STORAGE_URL, 'users/{email}').format(email=user_id)
+    response = requests.get(url, headers={'Content-Type': 'application/json'})
 
     if response.status_code == codes.OK:
         details = json.loads(response.text)
@@ -204,6 +202,36 @@ def logout():
     return jsonify({}), codes.OK
 
 
+@app.route('/users/<email>', methods=['DELETE'])
+@consumes('application/json')
+def specific_user_route(email):
+    """
+    Delete a particular user.
+
+    :reqheader Content-Type: application/json
+    :resheader Content-Type: application/json
+    :resjson string email: The email address of the deleted user.
+    :status 200: The user has been deleted.
+    :status 404: There is no user with the given ``email``.
+    """
+    user = load_user_from_id(email)
+
+    if user is None:
+        return jsonify(
+            title='The requested user does not exist.',
+            detail='No user exists with the email "{email}"'.format(
+                email=email),
+        ), codes.NOT_FOUND
+
+    requests.delete(
+        urljoin(STORAGE_URL, '/users/{email}'.format(email=email)),
+        headers={'Content-Type': 'application/json'},
+    )
+
+    return_data = jsonify(email=user.email)
+    return return_data, codes.OK
+
+
 @app.route('/signup', methods=['POST'])
 @consumes('application/json')
 @jsonschema.validate('user', 'create')

diff --git a/authentication/tests/test_authentication.py b/authentication/tests/test_authentication.py
@@ -71,6 +71,10 @@ def request_callback(self, request):
         Given a request to the storage service, send an equivalent request to
         an in memory fake of the storage service and return some key details
         of the response.
+
+        :param request: The incoming request to pass onto the storage app.
+        :return: A tuple of status code, response headers and response data
+            from the storage app.
         """
         # The storage application is a ``werkzeug.test.Client`` and therefore
         # has methods like 'head', 'get' and 'post'.
@@ -439,6 +443,65 @@ def test_fake_token(self):
         self.assertIsNone(load_user_from_token(auth_token='fake_token'))
 
 
+class DeleteUserTests(AuthenticationTests):
+    """
+    Tests for the delete user endpoint at ``DELETE /users/<email>``.
+    """
+
+    @responses.activate
+    def test_delete_user(self):
+        """
+        A ``DELETE`` request to delete a user returns an OK status code and the
+        email of the deleted user. The user no longer exists.
+        """
+        self.app.post(
+            '/signup',
+            content_type='application/json',
+            data=json.dumps(USER_DATA))
+
+        response = self.app.delete(
+            '/users/{email}'.format(email=USER_DATA['email']),
+            content_type='application/json')
+
+        self.assertEqual(response.headers['Content-Type'], 'application/json')
+        self.assertEqual(response.status_code, codes.OK)
+        self.assertEqual(
+            json.loads(response.data.decode('utf8')),
+            {'email': USER_DATA['email']})
+
+        self.assertIsNone(load_user_from_id(user_id=USER_DATA['email']))
+
+    @responses.activate
+    def test_non_existant_user(self):
+        """
+        A ``DELETE`` request for a user which does not exist returns a
+        NOT_FOUND status code and error details.
+        """
+        response = self.app.delete(
+            '/users/{email}'.format(email=USER_DATA['email']),
+            content_type='application/json')
+        self.assertEqual(response.headers['Content-Type'], 'application/json')
+        self.assertEqual(response.status_code, codes.NOT_FOUND)
+        expected = {
+            'title': 'The requested user does not exist.',
+            'detail': 'No user exists with the email "{email}"'.format(
+                email=USER_DATA['email']),
+        }
+        self.assertEqual(json.loads(response.data.decode('utf8')), expected)
+
+    def test_incorrect_content_type(self):
+        """
+        If a Content-Type header other than 'application/json' is given, an
+        UNSUPPORTED_MEDIA_TYPE status code is given.
+        """
+        response = self.app.delete(
+            '/users/{email}'.format(email=USER_DATA['email']),
+            content_type='text/html',
+        )
+
+        self.assertEqual(response.status_code, codes.UNSUPPORTED_MEDIA_TYPE)
+
+
 class UserTests(unittest.TestCase):
     """
     Tests for the ``User`` model.

diff --git a/storage/storage.py b/storage/storage.py
@@ -81,16 +81,29 @@ def on_validation_error(error):
     ), codes.BAD_REQUEST
 
 
-@app.route('/users/<email>', methods=['GET'])
+@app.route('/users/<email>', methods=['GET', 'DELETE'])
 @consumes('application/json')
-def get_user(email):
+def specific_user_route(email):
     """
+    **DELETE**:
+
+    Delete a particular user.
+
+    :reqheader Content-Type: application/json
+    :resheader Content-Type: application/json
+    :resjson string email: The email address of the deleted user.
+    :resjson string password_hash: The password hash of the deleted user.
+    :status 200: The user has been deleted.
+    :status 404: There is no user with the given ``email``.
+
+    **GET**:
+
     Get information about particular user.
 
     :reqheader Content-Type: application/json
     :resheader Content-Type: application/json
-    :resjson string email: The email address of the new user.
-    :resjson string password_hash: The password hash of the new user.
+    :resjson string email: The email address of the user.
+    :resjson string password_hash: The password hash of the user.
     :status 200: The requested user's information is returned.
     :status 404: There is no user with the given ``email``.
     """
@@ -103,6 +116,10 @@ def get_user(email):
                 email=email),
         ), codes.NOT_FOUND
 
+    elif request.method == 'DELETE':
+        db.session.delete(user)
+        db.session.commit()
+
     return_data = jsonify(email=user.email, password_hash=user.password_hash)
     return return_data, codes.OK
 

diff --git a/storage/tests/test_storage.py b/storage/tests/test_storage.py
@@ -205,3 +205,63 @@ def test_incorrect_content_type(self):
         """
         response = self.storage_app.get('/users', content_type='text/html')
         self.assertEqual(response.status_code, codes.UNSUPPORTED_MEDIA_TYPE)
+
+
+class DeleteUserTests(InMemoryStorageTests):
+    """
+    Tests for deleting a user at ``DELETE /users/<email/``.
+    """
+
+    def test_delete_user(self):
+        """
+        A ``DELETE`` request to delete a user returns an OK status code and the
+        details of the deleted user. The user is no longer available when
+        getting the list of users.
+        """
+        self.storage_app.post(
+            '/users',
+            content_type='application/json',
+            data=json.dumps(USER_DATA))
+
+        response = self.storage_app.delete(
+            '/users/{email}'.format(email=USER_DATA['email']),
+            content_type='application/json')
+        self.assertEqual(response.headers['Content-Type'], 'application/json')
+        self.assertEqual(response.status_code, codes.OK)
+        self.assertEqual(json.loads(response.data.decode('utf8')), USER_DATA)
+
+        users = self.storage_app.get(
+            '/users',
+            content_type='application/json',
+        )
+
+        self.assertEqual(json.loads(users.data.decode('utf8')), [])
+
+    def test_non_existant_user(self):
+        """
+        A ``DELETE`` request for a user which does not exist returns a
+        NOT_FOUND status code and error details.
+        """
+        response = self.storage_app.delete(
+            '/users/{email}'.format(email=USER_DATA['email']),
+            content_type='application/json')
+        self.assertEqual(response.headers['Content-Type'], 'application/json')
+        self.assertEqual(response.status_code, codes.NOT_FOUND)
+        expected = {
+            'title': 'The requested user does not exist.',
+            'detail': 'No user exists with the email "{email}"'.format(
+                email=USER_DATA['email']),
+        }
+        self.assertEqual(json.loads(response.data.decode('utf8')), expected)
+
+    def test_incorrect_content_type(self):
+        """
+        If a Content-Type header other than 'application/json' is given, an
+        UNSUPPORTED_MEDIA_TYPE status code is given.
+        """
+        response = self.storage_app.delete(
+            '/users/{email}'.format(email=USER_DATA['email']),
+            content_type='text/html',
+        )
+
+        self.assertEqual(response.status_code, codes.UNSUPPORTED_MEDIA_TYPE)