Unconsistent behaviour of dataset delete API #11253
Labels
Type: Bug
a defect
Comments
|
@vera yes, I'd say you're finding some unexpected behavior when using a superuser token with that "Delete Unpublished Dataset" API:
I'll go ahead and flag this as a bug. Please feel free to make a PR if you'd like! ❤ |
|
+1 for simply calling the delete draft version method for this endpoint. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While testing the dataset delete API, I just noticed the following behavior, which was unexpected to me:
When logged in as a superuser, and then calling the delete API on a dataset with exactly one published version and no draft currently existing, the request seems to be automatically "upgraded" to a destroy action. The request succeeds and the dataset is deleted.
I expected the request to fail, since the delete API is not meant for deleting published datasets (at least according to the docs where the API is titled "Delete Unpublished Dataset" and the destroy API exists, which is in contrast meant for deleting published datasets as a superuser).
What makes the behavior even more confusing to me, as soon as more than one published version exists, the delete API always fails even when I'm a superuser (message:
This is a published dataset with multiple versions. This API can only delete the latest version if it is a DRAFT).When not logged in as a superuser, everything works as I expected (delete API succeeds for drafts but fails for published versions).
Here's the related code:
dataverse/src/main/java/edu/harvard/iq/dataverse/api/Datasets.java
Lines 278 to 287 in f4380ea
And my question: Is this intended behavior? If yes, I think the special case (superuser + exactly one published version allows delete API to succeed) should be documented in the API docs.
The text was updated successfully, but these errors were encountered: