Blog Delete API Endpoint

[Pythonian]

Description

Develop an endpoint to handle requests to delete an existing blog post. This endpoint should be accessible only to super admins. Instead of permanently deleting the blog post, implement soft deletion by marking the post as deleted. If the blog post is deleted successfully, it will return a 204 No Content status. If an error occurs, an appropriate error status will be returned.

Acceptance Criteria

• The endpoint allows super admins to delete an existing blog post by its ID.
• The endpoint is protected by JWT-based authentication and role-based access control to ensure only super admins can access it.
• Instead of permanently deleting the blog post, mark it as deleted.
• Returns a 204 No Content status code when the blog post is deleted successfully.
• Returns an appropriate error message when an error occurs or when the user is not authorized.

Requirements

• Implement API endpoint for soft deleting an existing blog post.
• Confirm deletion action to prevent accidental deletions.
• Ensure only super admins can access this endpoint using JWT-based authentication and role-based access control.
• Implement soft delete functionality by marking the deleted field of the blog post model as True.
• Handle unexpected errors and return the appropriate status code.
• Ensure related entities, such as comments, handle the soft delete status appropriately.

Expected Outcome

• Super admins should be able to send a request to soft delete an existing blog post and a confirmation provided.
• Users should receive appropriate status codes and responses based on the outcome of the request.

Endpoints

[DELETE] /api/v1/blogs/:id

• Description: Soft deletes an existing blog post.

• Path Parameters:

  • id: The ID of the blog post to delete.

• Success Response:

  • Status: 204 No Content

    {
        "message": "Blog post successfully deleted."
    }

• Error Response:

  • Status: 500 Internal Server Error

  • Body:

    {
        "error": "Internal server error."
    }

• Unauthorized Response:

  • Status: 403 Forbidden

  • Body:

    {
        "error": "You are not authorized to perform this action."
    }

• Not Found Response:

  • Status: 404 Not Found

  • Body:

    {
        "error": "Blog post with given id not found."
    }

• Method Not Allowed Response:

  • Status: 405 Method Not Allowed

  • Body:

    {
        "error": "This method is not allowed."
    }

• Bad Request Response:

  • Status: 400 Bad Request

  • Body:

    {
        "error": "An invalid request was sent."
    }

Testing

Test Scenarios

1. Successful Soft Deletion of Blog Post

   • Ensure that the endpoint successfully marks an existing blog post as deleted.
   • Verify that the response includes a 204 No Content status code.

2. Unauthorized Access

   • Simulate a request from a non-super admin user.
   • Confirm that the endpoint returns a 403 Forbidden status code and an appropriate error message.

3. Internal Server Error

   • Simulate an internal server error to raise an exception.
   • Verify that the endpoint returns a 500 Internal Server Error status code and an appropriate error message.

4. Blog Post Not Found

   • Simulate a request to delete a blog post that does not exist.
   • Confirm that the endpoint returns a 404 Not Found status code and an appropriate error message.

5. Check Related Entities

   • Ensure that related entities, such as comments, are handled appropriately and reflect the soft delete status of the blog post.

6. Invalid Method

   • Send a request using an invalid HTTP method (e.g., POST) to the endpoint.
   • Verify that the endpoint returns a 405 Method Not Allowed status code.