DELETE requests are a crucial part of API testing, especially when ensuring data consistency and integrity. In this guide, we'll look at how to use Rest Assured to test DELETE requests effectively, verifying the successful removal of resources and handling edge cases.
Why Test DELETE Requests?
DELETE requests are used to remove resources on the server, and they often impact data directly. Ensuring these requests work as expected is critical to prevent unintended data loss or stale resources.
Some common DELETE request scenarios include:
- Successful Deletion - Confirm the resource is removed as expected.
- Non-existent Resource - Attempt to delete a resource that does not exist.
- Unauthorized Deletion - Verify that only authorized users can delete specific resources.
Setting Up Rest Assured for DELETE Requests
Rest Assured is a Java library that simplifies testing RESTful APIs. Before we dive into DELETE testing, ensure you have the following setup:
1. Dependencies: Add Rest Assured in your pom.xml
if you’re using Maven.
Writing a Basic DELETE Request Test
Let's create a test case to delete a resource. In this example, we’ll delete a user from the system by user ID.
Step 1: Define the Base URI and Path Parameters
Step 2: Write the DELETE Request
Here’s a test case that will delete a user with a specific ID. After deletion, we’ll verify the status code.
import org.testng.annotations.Test;
public class DeleteRequestTest {
@Test
public void deleteUserById() {
int userId = 5; // ID of the user to delete
given()
.pathParam("id", userId)
.when()
.delete("/users/{id}")
.then()
.statusCode(200); // Assuming 200 OK for successful deletion
}
}
In this test:
- We set the
userId
as a path parameter. - The
.delete("/users/{id}")
method performs the DELETE request. - Finally, we verify the response status code is
200
, indicating success.
Additional Validations After Deletion
Testing a DELETE request often requires additional verification, such as confirming the resource no longer exists.
Step 3: Validate Deletion
After deletion, we’ll check if a GET request on the same resource returns a 404
Not Found status.
@Test
public void verifyUserDeleted() {
int userId = 5;
// First, delete the user
given()
.pathParam("id", userId)
.when()
.delete("/users/{id}")
.then()
.statusCode(200);
// Then, verify the user no longer exists
given()
.pathParam("id", userId)
.when()
.get("/users/{id}")
.then()
.statusCode(404);
}
Handling Edge Cases in DELETE Testing
DELETE requests can have various edge cases, which are essential to test to ensure robustness.
1. Non-existent Resource: If the resource doesn’t exist, we should get a 404 Not Found
response.
Full Example: DELETE Request Testing
Here’s the complete test class covering different scenarios:
import io.restassured.RestAssured;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import static io.restassured.RestAssured.given;
import static org.hamcrest.Matchers.equalTo;
public class DeleteRequestTest {
@BeforeClass
public void setup() {
RestAssured.baseURI = "https://jsonplaceholder.typicode.com";
}
@Test
public void deleteUserById() {
int userId = 5;
given()
.pathParam("id", userId)
.when()
.delete("/users/{id}")
.then()
.statusCode(200);
}
@Test
public void verifyUserDeleted() {
int userId = 5;
// First, delete the user
given()
.pathParam("id", userId)
.when()
.delete("/users/{id}")
.then()
.statusCode(200);
// Then, verify the user no longer exists
given()
.pathParam("id", userId)
.when()
.get("/users/{id}")
.then()
.statusCode(404);
}
@Test
public void deleteUserThatDoesNotExist() {
int nonExistentUserId = 999;
given()
.pathParam("id", nonExistentUserId)
.when()
.delete("/users/{id}")
.then()
.statusCode(404);
}
@Test
public void deleteUserWithUnauthorizedAccess() {
int userId = 5;
given()
.pathParam("id", userId)
.auth()
.basic("invalidUser", "invalidPassword")
.when()
.delete("/users/{id}")
.then()
.statusCode(401);
}
}