[6.0] Fix DELETE endpoints to return 404 for non-existent resources (#46161)

* Verb delete return  404 for not existent
* cs
* contact test too
* wrong endpoint

Author: alikon

libraries/src/MVC/Controller/ApiController.php

@@ -319,11 +319,24 @@ public function delete($id = null)
                 ];
                 echo new JsonResponse($body);
                 $this->app->close();
-            } else {
-                throw new \RuntimeException(Text::_('JLIB_APPLICATION_ERROR_DELETE'), 500);
             }
         }
 
+        // If the model has set a 404 status code in the session, we return a 404 http status codee
+        if ($this->app->getSession()->get('http_status_code_404', false)) {
+            $this->app->getSession()->clear('http_status_code_404');
+            $this->app->setHeader('status', 404, true);
+            $this->app->setHeader('Content-Type', 'application/json');
+            $this->app->sendHeaders();
+            $body = [
+                'status'  => 'not found',
+                'code'    => 404,
+                'message' => 'Resource not found',
+            ];
+            echo new JsonResponse($body);
+            $this->app->close();
+        }
+
         $this->app->setHeader('status', 204);
     }
 

libraries/src/MVC/Model/AdminModel.php

@@ -976,11 +976,9 @@ public function delete(&$pks)
                 }
                 if (Factory::getApplication()->isClient('api')) {
                     $session = Factory::getApplication()->getSession();
-                    $session->set('http_status_code_409', true);
+                    $session->set('http_status_code_404', true);
                 }
 
-                Log::add(Text::_('JLIB_APPLICATION_ERROR_DELETE_NOT_PERMITTED'), Log::WARNING, 'jerror');
-
                 return true;
             }
         }

tests/System/integration/api/com_banners/Banners.cy.js

@@ -49,9 +49,20 @@ describe('Test that banners API endpoint', () => {
       .then((banner) => cy.api_delete(`/banners/${banner.id}`));
   });
 
-  it('check correct response for delete a not existent contact', () => {
-     cy.api_delete('/banners/9999')
-      .then((result) => expect(result.status).to.eq(204));
+  it('check correct response for delete a not existent banner', () => {
+    cy.api_getBearerToken().then((token) => {
+      cy.request({
+        method: 'DELETE',
+        url: `/api/index.php/v1/banners/9999`,
+        headers: {
+          Authorization: `Bearer ${token}`,
+        },
+        failOnStatusCode: false
+      }).then((response) => {
+        expect(response.status).to.equal(404);
+        expect(response.body.data.message).to.include('Resource not found');
+      });
+    });
   });
 
   it('cannot delete a banner that is not trashed', () => {

tests/System/integration/api/com_contact/Contacts.cy.js

@@ -47,8 +47,19 @@ describe('Test that contacts API endpoint', () => {
   });
 
   it('check correct response for delete a not existent contact', () => {
-    cy.api_delete('/contacts/9999')
-      .then((result) => expect(result.status).to.eq(204));
+    cy.api_getBearerToken().then((token) => {
+      cy.request({
+        method: 'DELETE',
+        url: `/api/index.php/v1/contacts/9999`,
+        headers: {
+          Authorization: `Bearer ${token}`,
+        },
+        failOnStatusCode: false
+      }).then((response) => {
+        expect(response.status).to.equal(404);
+        expect(response.body.data.message).to.include('Resource not found');
+      });
+    });
   });
 
   it('can submit a contact form', () => {