[DELETE] An Activity

[arafaysaleem]

Summary

As a student, I should be able to delete activities, so that I can remove old or inconsistent entries.

Acceptance Criteria

GIVEN a student is deleting an activity in the app
WHEN the app hits the /activities/:id endpoint with a valid DELETE request, containing the path parameter:

• :id, the unique id of the entity being removed.

THEN the app should receive a status 200
AND in the response, the following information should be returned:

• header message indicating delete operation success

Sample Request/Sample Response

headers: {
    error: 0,
    message: "The specified item was deleted successfully"
}
body: {}

Resources

• Development URL: {Here goes a URL to the feature on development API}
• Production URL: {Here goes a URL to the feature on production API}

Dev Notes

{Some complementary notes if necessary}

Testing Notes

Scenario 1: DELETE request is successful (Owner):

1. Create a new activity with a POST request to /activities endpoint using an admin account token and ensure a 200 status code is returned.
2. With the id returned from the POST, make a DELETE request to /activities/:id endpoint using a student account token with erp == organizer_erp and ensure a 200 status code is returned.
3. A subsequent GET request to /activities/:id endpoint should return a status code 404.
4. And the response headers' code parameter should contain "NotFoundException".

Scenario 2: DELETE request is successful (Admin):

1. Create a new activity with a POST request to /activities endpoint using an admin account token and ensure a 200 status code is returned.
2. With the id returned from the POST, make a DELETE request to /activities/:id endpoint using an admin account token and ensure a 200 status code is returned.
3. A subsequent GET request to /activities/:id endpoint should return a status code 404.
4. And the response headers' code parameter should contain "NotFoundException".

Scenario 3: DELETE request is unsuccessful due to unknown activity_id

1. Make a DELETE request to /activities/:id endpoint containing a non-existent activity_id.
2. Ensure a 404 status code is returned.
3. And the response headers' code parameter should contain "NotFoundException".

Scenario 4: DELETE request is forbidden (Unowned Organizer ERP)

1. Make a DELETE request to /activities/:id endpoint for an activity with organizer_erp != erp in student account token.
2. Ensure the endpoint returns a 403 forbidden status code.
3. And the response headers' code parameter should contain "ForbiddenException"

Scenario 4: DELETE request is unauthorized

1. Send a DELETE request to /activities/:id endpoint without an authorization token
2. Ensure a 401 unauthorized status code is returned.
3. And the response headers' code parameter should contain "TokenMissingException"