HTTP Methods PUT PATCH DELETE
HTTP Methods β Deep Dive (PUT, PATCH & DELETE)β
PUT, PATCH, and DELETE are used to modify or remove data.
Automation testers must understand these deeply because mistakes here often cause:
- Data corruption
- Flaky tests
- Environment pollution
3οΈβ£ PUT Methodβ
What is PUT?β
PUT is used to fully replace an existing resource.
Example:
PUT /users/101
Meaning:
βReplace the entire user 101 with the provided data.β
Key Characteristics of PUTβ
| Aspect | Behavior |
|---|---|
| Purpose | Full update |
| Request Body | β Required |
| Side Effects | β Yes |
| Safe | β No |
| Idempotent | β Yes |
| Cacheable | β No |
Why It Matters for Testersβ
- Idempotent: Repeated calls result in the same state.
- Full Replacement: Missing fields in the payload may delete existing data.
PUT Request Exampleβ
PUT /users/101
Content-Type: application/json
{
"name": "John",
"email": "john@gmail.com",
"status": "ACTIVE"
}
β οΈ Warning: If you omit fields like email, they may be removed after PUT.
Real-World Exampleβ
Updating a userβs profile:
PUT /users/101
Content-Type: application/json
{
"name": "John Doe",
"email": "johndoe@example.com",
"status": "INACTIVE"
}
Automation Use Cases for PUTβ
- Update entire profile (
PUT /users/{id}). - Replace configuration (
PUT /settings). - Reset resource state (
PUT /orders/{id}).
Validation Checklistβ
- Status code =
200 OKor204 No Content. - All fields updated correctly.
- DB reflects full replacement.
Code Snippet: Validating PUT Responseβ
// RestAssured example
String requestBody = "{ "name": "John", "email": "john@example.com" }";
Response response = given()
.header("Content-Type", "application/json")
.body(requestBody)
.when()
.put("/users/101");
// Assertions
response.then().statusCode(200);
response.then().body("name", equalTo("John"));
Common PUT Mistakes ββ
- Assuming partial update:
PUTreplaces the entire resource; missing fields may delete data. - Sending incomplete payload: Always include all required fields.
- Confusing
PUTwithPATCH: UsePATCHfor partial updates.
PUT Interview Questionβ
Q: Is PUT idempotent?
A: Yes. Multiple PUT requests result in the same state.
4οΈβ£ PATCH Methodβ
What is PATCH?β
PATCH is used to partially update a resource.
Example:
PATCH /users/101
Meaning:
βUpdate only specified fields of user 101.β
Key Characteristics of PATCHβ
| Aspect | Behavior |
|---|---|
| Purpose | Partial update |
| Request Body | β Required |
| Side Effects | β Yes |
| Safe | β No |
| Idempotent | β οΈ Depends |
| Cacheable | β No |
Why It Matters for Testersβ
- Partial Updates: Only specified fields are modified; others remain unchanged.
- Idempotency: Some
PATCHimplementations are not idempotent (e.g., incrementing counters).
PATCH Request Exampleβ
PATCH /users/101
Content-Type: application/json
{
"status": "BLOCKED"
}
Only status is updated; other fields like name and email remain unchanged.
Real-World Exampleβ
Blocking a user without modifying other details:
PATCH /users/101
Content-Type: application/json
{
"status": "BLOCKED"
}
PUT vs PATCH (CRITICAL COMPARISON)β
| Aspect | PUT | PATCH |
|---|---|---|
| Update type | Full replace | Partial |
| Missing fields | Removed | Retained |
| Idempotent | β | β οΈ |
| Risk | High | Medium |
Tester Ruleβ
Use
PATCHwhen available to avoid accidental data loss.
PATCH Interview Questionβ
Q: Why was PATCH introduced?
A: To allow partial updates without replacing the entire resource.
5οΈβ£ DELETE Methodβ
What is DELETE?β
DELETE is used to remove a resource.
Example:
DELETE /users/101
Meaning:
βRemove user 101.β
Key Characteristics of DELETEβ
| Aspect | Behavior |
|---|---|
| Purpose | Remove resource |
| Request Body | β Rare |
| Side Effects | β Yes |
| Safe | β No |
| Idempotent | β Yes |
| Cacheable | β No |
Why It Matters for Testersβ
- Idempotent: Deleting the same resource multiple times has no additional effect.
- Soft Deletes: Resources may not be physically removed but marked as inactive.
DELETE β Hard vs Soft Delete (Awareness)β
- Hard Delete: Row removed from the database.
- Soft Delete: Status flag updated (most common).
Tester Implicationβ
DELETEmay not remove the database row.- Validate the status field instead of checking for existence.
Real-World Exampleβ
Soft-deleting a user:
DELETE /users/101
Database:
UPDATE users SET status = 'DELETED' WHERE id = 101;
Automation Use Cases for DELETEβ
- Cleanup test data (
DELETE /test-users). - Remove temporary resources (
DELETE /sessions/{id}). - Negative scenario testing (e.g., deleting non-existent resources).
Validation Checklistβ
- Status code =
200 OKor204 No Content. - Resource inaccessible afterwards.
- Database reflects expected delete behavior.
Code Snippet: Validating DELETE Responseβ
// RestAssured example
Response response = given()
.when()
.delete("/users/101");
// Assertions
response.then().statusCode(204);
// Verify resource is inaccessible
Response getResponse = given()
.when()
.get("/users/101");
getResponse.then().statusCode(404);
Common DELETE Mistakes ββ
- Assuming hard delete: Always check for soft delete behavior.
- Reusing deleted IDs: Deleted IDs may still exist in logs or references.
- Running
DELETEin shared environments: Avoid polluting shared test environments.
DELETE Interview Questionβ
Q: Is DELETE idempotent?
A: Yes. Deleting the same resource multiple times has the same effect.
Key Takeaways π―β
- PUT replaces the entire resource.
- PATCH updates partial fields (safer for incremental changes).
- DELETE removes resources (often via soft delete).
- PUT and DELETE are idempotent; PATCH depends on implementation.
- Use PATCH for partial updates to avoid accidental data loss.