DELETE deletes Inactive Operator Panel

Given I am authenticated as customer K0002
And there is inactive Operator Panel Device with Mac Address 01-23-45-67-89-ab
When I /api/customers/K0002/devices/operator-panel/01-23-45-67-89-ab
Then I should get HTTP/1.1 204 No Content

And there should be no more Operator Panel 01-23-45-67-89-ab
And /api/customers/K0002/devices/operator-panel/01-23-45-67-89-ab should result with HTTP/1.1 404 Not Found

DELETE doesn't allow delete Active Operator Panel

Given I am authenticated as customer K0002
And there is active Operator Panel Device with Mac Address 01-23-45-67-89-ab
When I /api/customers/K0002/devices/operator-panel/01-23-45-67-89-ab
Then I should get HTTP/1.1 400 Bad Request with body

{
  "title": "Device cannot be deleted",
  "detail": "Cannot delete device when it is active.",
  "described_by": "http://api.nfon.net/probs/cannot-delete-device"
}

And /api/customers/K0002/devices/operator-panel/01-23-45-67-89-ab should result with HTTP/1.1 200 OK

DELETE shouldn't delete Operator Panel which doesn't exists

Given I am authenticated as customer K0002
When I try to /api/customers/K0002/devices/operator-panel/404 Then I should get HTTP/1.1 404 Not Found with body

{
  "title": "Device not found",
  "detail": "Device with unique identifier 404 has not been found",
  "described_by": "http://api.nfon.net/probs/device-not-found"
}

Cannot delete Operator Panel for missing Customer

Given I am authenticated as Admin
When I send /api/customers/K0404/devices/devices/operator-panel/01-23-45-67-89-ab
Then I should receive HTTP/1.1 404 Not Found
with following body:

{
  "described_by": "http://api.nfon.net/probs/customer-not-found",
  "title": "Customer not found",
  "detail": "Customer with identifier K0404 has not been found"
}

Customer cannot remove other Customer Operator Panel

Given I am authenticated as K0003
And there is inactive Operator Panel Device with Mac Address 01-23-45-67-89-ab
When I /api/customers/K0002/devices/operator-panel/01-23-45-67-89-ab
Then I should get HTTP/1.1 403 Forbidden

{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0002]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}

System Integrator cannot remove Operator Panel of Customer that does not belong to him

Given I am authenticated as System Integrator S0002
When I send /api/customers/K0003/devices/operator-panel/01-23-45-67-89-ab
Then I should receive HTTP/1.1 403 Forbidden
with following body

{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}

Operator cannot remove Operator Panel of Customer that does not belong to him

Given I am authenticated as Operator C0002
When I send /api/customers/K0003/devices/operator-panel/01-23-45-67-89-ab
Then I should receive HTTP/1.1 403 Forbidden
with following body

{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}

Service Portal REST API

DELETE /api/customers/{identifier}/devices/operator-panel/{mac-address}