Skip to content

Implement hero deletion endpoint with confirmation requirement #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Implement hero deletion endpoint with confirmation requirement #61

wants to merge 2 commits into from

Conversation

Copilot
Copy link

@Copilot Copilot AI commented May 28, 2025
edited
Loading

This PR implements the hero deletion functionality for the Tour of Heroes API with several key safety features:

Implementation Details

  • Added a deleteHero method to HeroService that:

    • Requires an explicit confirmation parameter
    • Verifies the hero exists before attempting deletion
    • Logs deletion actions for audit purposes
    • Returns clear success/error messages

  • Added a controller method in HeroController that:

    • Validates the hero ID format
    • Processes the confirmation parameter
    • Returns appropriate HTTP status codes for different scenarios

  • Updated routes to include the new DELETE endpoint

  • Added comprehensive documentation:

    • API endpoint documentation in basic-usage.md
    • Example requests in heroes.http for testing

Example Usage

# Delete with confirmation
curl -X DELETE http://localhost:3000/api/heroes/1?confirm=true

# Without confirmation (will fail)
curl -X DELETE http://localhost:3000/api/heroes/1

Safety Features

  • Explicit Confirmation: Requires confirm=true query parameter to prevent accidental deletions
  • Not Found Handling: Returns 404 status when attempting to delete non-existent heroes
  • Audit Logging: Records deletion details for traceability

Fixes #40.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@Copilot Copilot AI assigned Copilot and 0GiS0 May 28, 2025
@Copilot @0GiS0
Implement hero deletion endpoint with confirmation requirement
b9821bb 
Co-authored-by: 0GiS0 <175379+0GiS0@users.noreply.github.com>
@Copilot Copilot AI changed the title [WIP] 4. Eliminar héroes (Delete) 💣🧹 Implement hero deletion endpoint with confirmation requirement May 28, 2025
@Copilot Copilot AI requested a review from 0GiS0 May 28, 2025 10:40
Copilot finished work on behalf of 0GiS0 May 28, 2025 10:40
@0GiS0 0GiS0 requested a review from Copilot May 28, 2025 10:43
Copilot
Copilot AI reviewed May 28, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Adds a new DELETE endpoint to safely remove heroes by requiring explicit confirmation, checking existence, logging actions, and returning clear status codes and messages.

  • Implements deleteHero in HeroService with confirmation, existence check, deletion, and audit logging.
  • Exposes DELETE /api/heroes/:id in HeroController with ID validation, confirmation processing, and proper HTTP responses.
  • Updates routing, HTTP example scripts, and documentation to cover deletion use cases.

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
src/services/hero.service.ts Defined DeleteHeroResult and added deleteHero method with safety checks
src/controllers/hero.controller.ts Introduced deleteHero action handling confirmation and status codes
src/routes/hero.routes.ts Added DELETE route for hero deletion
heroes.http Added HTTP examples for deletion scenarios
docs/basic-usage.md Documented delete endpoint usage, parameters, and responses
Comments suppressed due to low confidence (1)

src/services/hero.service.ts:163

  • No unit tests cover the new deleteHero logic; consider adding tests for confirmation missing, hero not found, successful deletion, and error handling.
async deleteHero(id: number, confirm: boolean): Promise<DeleteHeroResult> {

src/services/hero.service.ts
await HeroModel.deleteOne({ id });

// Log the deletion for audit purposes
console.log(`Hero deleted: ${hero.name} (ID: ${id}) at ${new Date().toISOString()}`);
Copy link
Preview

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider using the project's structured logger instead of console.log for audit logging to maintain consistency and enable log level control.

Copilot uses AI. Check for mistakes.

src/services/hero.service.ts
message: `Hero ${hero.name} has been deleted`,
};
} catch (error) {
console.error(`Error deleting hero with id ${id}:`, error);
Copy link
Preview

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider using the project's structured logger instead of console.error for error logging to maintain consistency and facilitate log aggregation.

Suggested change
console.error(`Error deleting hero with id ${id}:`, error);
logger.error(`Error deleting hero with id ${id}:`, { id, error });

Copilot uses AI. Check for mistakes.

src/controllers/hero.controller.ts
Comment on lines +165 to +171
// Determine appropriate status code based on error
if (result.error === 'Confirmation is required to delete a hero') {
res.status(400).json({ error: result.error });
} else if (result.error?.includes('not found')) {
res.status(404).json({ error: result.error });
} else {
res.status(500).json({ error: result.error });
Copy link
Preview

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Matching on exact error message content is brittle; consider extending DeleteHeroResult with a status code or error code enum to drive HTTP status decisions.

Suggested change
// Determine appropriate status code based on error
if (result.error === 'Confirmation is required to delete a hero') {
res.status(400).json({ error: result.error });
} else if (result.error?.includes('not found')) {
res.status(404).json({ error: result.error });
} else {
res.status(500).json({ error: result.error });
// Determine appropriate status code based on errorCode
switch (result.errorCode) {
case 'INVALID_CONFIRMATION':
res.status(400).json({ error: 'Confirmation is required to delete a hero' });
break;
case 'HERO_NOT_FOUND':
res.status(404).json({ error: 'Hero not found' });
break;
default:
res.status(500).json({ error: 'An unknown error occurred' });

Copilot uses AI. Check for mistakes.

heroes.http

### Delete hero without confirmation (will fail)
DELETE {{baseUrl}}/heroes/1 HTTP/1.1
Copy link
Preview

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test request path is missing the /api prefix; it should be {{baseUrl}}/api/heroes/1 to match the configured route.

Copilot uses AI. Check for mistakes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@0GiS0 0GiS0 Awaiting requested review from 0GiS0

Assignees

@0GiS0 0GiS0

Copilot code review Copilot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

4. Eliminar héroes (Delete) 💣🧹
2 participants
@Copilot @0GiS0