Backend: Bucket PATCH + DELETE operations #57
Labels
No labels
bug
duplicate
enhancement
help wanted
invalid
question
research
wontfix
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Blocks
#59 Frontend: edit + delete bucket (inline)}
lvl0/buckets
Reference: lvl0/buckets#57
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Context
Bucket currently exposes only
GetCollection / Get / Post. The old Laravel app had inline bucket editing (partial PATCH) and deletion (PLATFORM.md "Inline Editing Components"). To port that UI we need the API operations first. This backend ticket unblocks the edit/delete frontend ticket.Scope
Patchto Bucket's#[ApiResource]operations — partial update of name, type, allocation type/value, priority, sortOrder, buffer multiplier.Deleteto Bucket's operations.BucketOwnerExtension'sapplyToItemalready scopes item resolution, so PATCH/DELETE on a non-owned bucket SHOULD 404 — but VERIFY with tests (per the PLATFORM.md "FUTURE (when Patch/Put/Delete land)" note; don't assume).Testing (TDD)
Notes
application/merge-patch+jsonis AP's PATCH content-type; check it doesn't bypass theld+json-enforced CSRF guard, or document the difference).Out of scope
Resolved on
release/v0.3.0:b932228(PATCH + priority-uniqueness validator),cb4af69(DELETE), + a doc-tighten follow-up.Adding
new Patch()/new Delete()to Bucket's operations was the entire change for the verbs — everything else inherited from #50/#31:is_granted('ROLE_USER').BucketOwnerExtension::applyToItemis operation-agnostic; verified for PATCH and DELETE (no mutation/deletion leaks).application/merge-patch+json(AP 4.3 default); wrong type → 415. Re-parent-via-PATCH into a foreign scenario IRI → 400 (locked decision, same as foreign-IRI POST).stream.bucket_id(referencing stream survives, bucket=null).Real bug found + fixed: priority uniqueness was enforced only by the DB
unique_scenario_priorityconstraint, so a collidingpriorityPATCH/POST 500'd (unhandledUniqueConstraintViolationExceptionat flush). Added a customUniquePriorityPerScenariovalidator (+ validator class +BucketRepository::countBucketsWithPriorityForScenario, mirrorsSingleOverflowPerScenario, self-excludes by id) → clean 422 atpriority. Guarded by a newBucket::hasPriority()sincepriorityis the only validated property without a default (a POST omitting it would otherwise fatal on the uninitialized typed property).The stream-orphan-on-delete behaviour got a characterization test folded in here (no separate follow-up needed).
217 tests green, PHPStan level 6 + php-cs-fixer clean, zero deprecations/notices. pr-reviewer (full-ticket diff): Approve, 0 must-fix.