Implemented Deletion Feature with filter on X-user

Author: tonylook

application/src/main/java/com/qa/blog/application/ApplicationConfig.java

@@ -1,6 +1,8 @@
 package com.qa.blog.application;
 
 import com.qa.blog.core.*;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
@@ -26,4 +28,14 @@ public FindPostById findPost(PostRepository postRepository) {
     public SearchPosts searchPosts(PostRepository postRepository) {
         return new SearchPostsDefault(postRepository);
     }
+
+    @Bean
+    public DeletePostById deletePostById(PostRepository postRepository) {
+        return new DeletePostByIdDefault(postRepository);
+    }
+
+    @Bean
+    public OpenAPI customOpenAPI() {
+        return new OpenAPI().info(new Info().title("QA Blog").version("undefined"));
+    }
 }

application/src/test/java/com/qa/blog/application/steps/PostSteps.java

@@ -20,9 +20,12 @@
 import java.util.Set;
 
 import static org.hamcrest.Matchers.*;
+import static org.junit.jupiter.api.Assertions.assertFalse;
 
 @AutoConfigureWebTestClient
 public class PostSteps extends BaseSteps {
+    private String userType;
+
     @After
     public void afterEachScenario() {
         deleteDatabase();
@@ -231,6 +234,25 @@ public void theResponseShouldContainResults(int postsQuantity) {
             .jsonPath("$.length()").isEqualTo(postsQuantity);
     }
 
+    @Given("I am an {string}")
+    public void iAmAn(String userType) {
+        this.userType = userType;
+    }
+
+    @When("I delete the blog post")
+    public void iDeleteTheBlogPost() {
+        resultComponent.actualResponse = webTestClient.delete()
+            .uri("/post/" + resultComponent.post.getId())
+            .header("X-user", userType)
+            .exchange();
+    }
+
+    @Then("the blog post should no longer exist")
+    public void theBlogPostShouldNoLongerExist() {
+        boolean postExists = jpaPostRepository.existsById(resultComponent.post.getId());
+        assertFalse(postExists, "The blog post should no longer exist");
+    }
+
     public record PostRequest(String title, String content, String author, String image, String category,
                               List<String> tags) {
     }

application/src/test/resources/features/blog/DeletePost.feature

@@ -3,18 +3,18 @@ Feature: Delete a blog post
   I want to delete a blog post
 
   Background:
-    Given a blog with the following blog post
+    Given the following blog posts exist:
       | title   | content      | author      | image                        | category   | tags       |
-      | My Post | some content | Mario Fusco | http://example.com/image.jpg | Technology | tag1, tag2 |
+      | My Post | some content | Mario Fusco | http://example.com/image.jpg | Technology | tag1,tag2 |
 
   Scenario: Successfully delete a blog post
     Given I am an "admin"
     When I delete the blog post
-    Then the response status should be 204
+    Then the response status code should be 204
     And the blog post should no longer exist
 
   Scenario: Fail to delete a blog post as a regular user
-    Given I am a "user"
+    Given I am an "user"
     When I delete the blog post
-    Then the response status should be 403
+    Then the response status code should be 403
     And the response should contain an error message "Only admins can delete blog posts"

core/src/main/java/com/qa/blog/core/DeletePostById.java

@@ -0,0 +1,5 @@
+package com.qa.blog.core;
+
+public interface DeletePostById {
+    void execute(Long id);
+}

core/src/main/java/com/qa/blog/core/DeletePostByIdDefault.java

@@ -0,0 +1,14 @@
+package com.qa.blog.core;
+
+public class DeletePostByIdDefault implements DeletePostById {
+    private final PostRepository postRepository;
+
+    public DeletePostByIdDefault(PostRepository postRepository) {
+        this.postRepository = postRepository;
+    }
+
+    @Override
+    public void execute(Long id) {
+        postRepository.deleteById(id);
+    }
+}

core/src/main/java/com/qa/blog/core/PostRepository.java

@@ -6,4 +6,5 @@ public interface PostRepository {
     Post save(Post post);
     Post findById(Long id);
     List<Post> findByTitleAndCategoryAndTags (String title, String category, List<String> tags);
+    void deleteById(Long id);
 }

mariadb/src/main/java/com/qa/blog/mariadb/PostRepositoryDefault.java

@@ -41,4 +41,9 @@ public List<Post> findByTitleAndCategoryAndTags(String title, String category, L
         return postEntities.stream().map(postEntityMapper::toDomain).toList();
     }
 
+    @Override
+    public void deleteById(Long id) {
+        jpaPostRepository.deleteById(id);
+    }
+
 }

spring-web/src/main/java/com/qa/blog/springweb/DeleteActionFilter.java

@@ -0,0 +1,33 @@
+package com.qa.blog.springweb;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.qa.blog.springweb.exception.ErrorDetails;
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Component
+public class DeleteActionFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+
+        if ("DELETE".equalsIgnoreCase(httpRequest.getMethod())) {
+            String userHeader = httpRequest.getHeader("X-user");
+            if (!"admin".equals(userHeader)) {
+                httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
+                ErrorDetails errorDetails = new ErrorDetails("403", "Only admins can delete blog posts");
+                ObjectMapper objectMapper = new ObjectMapper();
+                String jsonResponse = objectMapper.writeValueAsString(errorDetails);
+                httpResponse.setContentType("application/json");
+                httpResponse.getWriter().write(jsonResponse);
+                return;
+            }
+        }
+        chain.doFilter(request, response);
+    }
+}

spring-web/src/main/java/com/qa/blog/springweb/PostController.java

@@ -21,14 +21,16 @@ public class PostController {
     private final UpdatePost updatePost;
     private final FindPostById findPostById;
     private final SearchPosts searchPosts;
+    private final DeletePostById deletePostById;
     private final PostWebMapper postWebMapper;
     private final ObjectMapper objectMapper;
 
-    public PostController(CreatePost createPost, UpdatePost updatePost, FindPostById findPostById, SearchPosts searchPosts, PostWebMapper postWebMapper, ObjectMapper objectMapper) {
+    public PostController(CreatePost createPost, UpdatePost updatePost, FindPostById findPostById, SearchPosts searchPosts, DeletePostById deletePostById, PostWebMapper postWebMapper, ObjectMapper objectMapper) {
         this.createPost = createPost;
         this.updatePost = updatePost;
         this.findPostById = findPostById;
         this.searchPosts = searchPosts;
+        this.deletePostById = deletePostById;
         this.postWebMapper = postWebMapper;
         this.objectMapper = objectMapper;
     }
@@ -72,6 +74,12 @@ public ResponseEntity<List<PostDTO>> searchPosts(
         return ResponseEntity.ok(postDTOs);
     }
 
+    @DeleteMapping("/{id}")
+    public ResponseEntity deletePost(@PathVariable("id") Long id) {
+        deletePostById.execute(id);
+        return ResponseEntity.noContent().build();
+    }
+
     private Post getPatchedPost(JsonNode patch, Post existingPost) throws JsonProcessingException {
         PostDTO existingPostToPatch = postWebMapper.toDTO(existingPost);
         JsonNode postNode = objectMapper.valueToTree(existingPostToPatch);

spring-web/src/main/java/com/qa/blog/springweb/exception/GlobalExceptionHandler.java

@@ -22,6 +22,6 @@ public ResponseEntity<ErrorDetails> handleApiException(BlogException blogExcepti
     @ExceptionHandler(PostNotFoundException.class)
     public ResponseEntity<ErrorDetails> handleNotFoundException(PostNotFoundException postNotFoundException) {
         logger.atInfo().log(postNotFoundException.getMessage());
-        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ErrorDetails("404", postNotFoundException.getMessage()));
+        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(new ErrorDetails("404", postNotFoundException.getMessage()));
     }
 }