Prevent non-existent entity from deleting (#296)

eric-pSAP · schiwekM · web-flow · commit cb9d09ded179 · 2025-11-10T15:39:36.000+01:00
Addressing issue #286. Should return an error when trying to delete a non-existent entity --------- Co-authored-by: Marten Schiwek <marten.schiwek@sap.com>
diff --git a/README.md b/README.md
@@ -15,7 +15,7 @@ The `@cap-js/attachments` package is a [CDS plugin](https://cap.cloud.sap/docs/n
   * [Storage Targets](#storage-targets)
   * [Malware Scanner](#malware-scanner)
   * [Visibility Control](#visibility-control-for-attachments-ui-facet-generation)
-  * [Non-Draft Uploading](non-draft-upload)
+  * [Non-Draft Uploading](#non-draft-upload)
 * [Releases](#releases)
 * [Minimum UI5 and CAP NodeJS Version](#minimum-ui5-and-cap-nodejs-version)
 * [Architecture Overview](#architecture-overview)
diff --git a/lib/basic.js b/lib/basic.js
@@ -240,6 +240,9 @@ class AttachmentsService extends cds.Service {
       .filter(assoc => req?.target?.associations[assoc]._target['@_is_media_data'])
     if (attachmentCompositions.length > 0) {
       const diffData = await req.diff()
+      if (!diffData || Object.keys(diffData).length === 0) {
+        return
+      }
       const queries = []
       for (const attachmentsComp of attachmentCompositions) {
         let deletedAttachments = []
diff --git a/tests/integration/attachments.test.js b/tests/integration/attachments.test.js
@@ -7,9 +7,15 @@ const { createReadStream } = cds.utils.fs
 const { join } = cds.utils.path
 
 const app = path.join(__dirname, "../incidents-app")
-const { test, expect, axios, GET, POST, DELETE } = cds.test(app)
+const { test, expect, axios, GET, POST, DELETE: _DELETE } = cds.test(app)
 axios.defaults.auth = { username: "alice" }
-
+const DELETE = async function () {
+  try {
+    return await _DELETE(...arguments)
+  } catch (e) {
+    return e.response ?? e
+  }
+}
 let utils = null
 const incidentID = "3ccf474c-3881-44b7-99fb-59a2a4668418"
 
@@ -196,6 +202,18 @@ describe("Tests for uploading/deleting attachments through API calls", () => {
     ).to.be.rejectedWith(/404/)
   })
 
+  it("Deleting a non existing root does not crash the application", async () => {
+    const response = await DELETE(
+      `odata/v4/processor/Incidents(ID=${incidentID},IsActiveEntity=true)`
+    )
+    expect(response.status).to.equal(204)
+    
+    const response2 = await DELETE(
+      `odata/v4/processor/Incidents(ID=${incidentID},IsActiveEntity=true)`
+    )
+    expect(response2.status).to.equal(404)
+  })
+
   it("Cancel draft where parent has composed key", async () => {
 
     await POST(
