From b1e1de026924dfd6d2fee84225fa841e49c6eec3 Mon Sep 17 00:00:00 2001
From: Sabrina Demagny <sabrina.demagny@gmail.com>
Date: Fri, 2 Aug 2024 16:28:23 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=91=E2=80=8D=F0=9F=92=BB(backend)=20do?=
 =?UTF-8?q?=20not=20allow=20to=20delete=20a=20domain?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

At the moment a domain cannot be deleted.
We will be able to delete only pending domains and
simply turn to disabled an enabled domain.
---
 src/backend/mailbox_manager/api/viewsets.py   |  4 --
 .../test_api_mail_domains_delete.py           | 71 +------------------
 2 files changed, 3 insertions(+), 72 deletions(-)

diff --git a/src/backend/mailbox_manager/api/viewsets.py b/src/backend/mailbox_manager/api/viewsets.py
index b19a0df..62c4d00 100644
--- a/src/backend/mailbox_manager/api/viewsets.py
+++ b/src/backend/mailbox_manager/api/viewsets.py
@@ -14,7 +14,6 @@ class MailDomainViewSet(
     mixins.CreateModelMixin,
     mixins.ListModelMixin,
     mixins.RetrieveModelMixin,
-    mixins.DestroyModelMixin,
     viewsets.GenericViewSet,
 ):
     """
@@ -29,9 +28,6 @@ class MailDomainViewSet(
     POST /api/<version>/mail-domains/ with expected data:
         - name: str
         Return newly created domain
-
-    DELETE /api/<version>/mail-domains/<domain-slug>/
-        Delete targeted team access
     """
 
     permission_classes = [permissions.AccessPermission]
diff --git a/src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_delete.py b/src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_delete.py
index 5de8769..e7dedda 100644
--- a/src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_delete.py
+++ b/src/backend/mailbox_manager/tests/api/mail_domain/test_api_mail_domains_delete.py
@@ -25,10 +25,9 @@ def test_api_mail_domains__delete_anonymous():
     assert models.MailDomain.objects.count() == 1
 
 
-def test_api_mail_domains__delete_authenticated_unrelated():
+def test_api_mail_domains__delete_authenticated():
     """
-    Authenticated users should not be allowed to delete a domain to which they are not
-    related.
+    Delete a domain is not allowed.
     """
     user = core_factories.UserFactory()
     domain = factories.MailDomainFactory()
@@ -39,69 +38,5 @@ def test_api_mail_domains__delete_authenticated_unrelated():
         f"/api/v1.0/mail-domains/{domain.slug}/",
     )
 
-    assert response.status_code == status.HTTP_404_NOT_FOUND
-    assert response.json() == {"detail": "No MailDomain matches the given query."}
+    assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
     assert models.MailDomain.objects.count() == 1
-
-
-def test_api_mail_domains__delete_authenticated_member():
-    """
-    Authenticated users should not be allowed to delete a domain
-    to which they are only a member.
-    """
-    user = core_factories.UserFactory()
-    domain = factories.MailDomainFactory(users=[(user, "member")])
-
-    client = APIClient()
-    client.force_login(user)
-
-    response = client.delete(
-        f"/api/v1.0/mail-domains/{domain.slug}/",
-    )
-
-    assert response.status_code == status.HTTP_403_FORBIDDEN
-    assert response.json() == {
-        "detail": "You do not have permission to perform this action."
-    }
-    assert models.MailDomain.objects.count() == 1
-
-
-def test_api_mail_domains__delete_authenticated_administrator():
-    """
-    Authenticated users should not be allowed to delete a domain
-    for which they are administrator.
-    """
-    user = core_factories.UserFactory()
-    domain = factories.MailDomainFactory(users=[(user, "administrator")])
-
-    client = APIClient()
-    client.force_login(user)
-
-    response = client.delete(
-        f"/api/v1.0/mail-domains/{domain.slug}/",
-    )
-
-    assert response.status_code == status.HTTP_403_FORBIDDEN
-    assert response.json() == {
-        "detail": "You do not have permission to perform this action."
-    }
-    assert models.MailDomain.objects.count() == 1
-
-
-def test_api_mail_domains__delete_authenticated_owner():
-    """
-    Authenticated users should be able to delete a domain
-    for which they are directly owner.
-    """
-    user = core_factories.UserFactory()
-    domain = factories.MailDomainFactory(users=[(user, "owner")])
-
-    client = APIClient()
-    client.force_login(user)
-
-    response = client.delete(
-        f"/api/v1.0/mail-domains/{domain.slug}/",
-    )
-
-    assert response.status_code == status.HTTP_204_NO_CONTENT
-    assert models.MailDomain.objects.exists() is False