Delete File
Sprint 3
Delete a file from storage and update quota. Users can only delete files under their own folder.
Endpoint
DELETE /api/v1/storage/objects/{object_name}
Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer <access_token> |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
object_name | string (path) | Yes | Object name/path in bucket (must be within user's folder: organizations/{org_id}/files/{user_id}/) |
Response
Success (200)
{
"success": true,
"data": {
"object_name": "organizations/1/files/123/report_20241203_101500_abc123.csv"
},
"message": "File deleted successfully"
}
Error Codes
| Status | Code | Description |
|---|---|---|
| 401 | UNAUTHORIZED | Invalid or missing authentication token |
| 403 | FORBIDDEN | Access denied - object_name must be within user's folder |
| 404 | NOT_FOUND | File not found |
| 500 | INTERNAL_SERVER_ERROR | Failed to delete file |
Security
- Users can only delete files under their own folder:
organizations/{org_id}/files/{user_id}/ - Path validation prevents directory traversal
- Object name must start with user's allowed path prefix
Features
- Deletes file from storage
- Automatically updates quota
- Records deletion in storage_files table
- Organization-scoped access control
Important Notes
- Quota is automatically updated after deletion
- If file is not found in tracking table, deletion from storage is still attempted
- Deletion is permanent and cannot be undone
Example
curl -X DELETE "https://api.rivergen.com/api/v1/storage/objects/organizations/1/files/123/report_20241203_101500_abc123.csv" \
-H "Authorization: Bearer <access_token>"
Related Endpoints
- List Files - List user's files
- Get Usage - Check updated storage usage