中文版
实现步骤:
1.DELETE /pet/123 → 返回 200 OK
2.POST /store/order 请求体包含 "petId": 123 → 系统竟然成功下单,并返回一个整数类型的订单 ID
实际结果:
允许为已删除的宠物(petId)创建订单,返回 200 OK,与预期业务逻辑不符。
可参考解决方案:
在 POST /store/order 接口中添加 petId 校验逻辑,确保指定的宠物必须是存在且处于有效状态,否则应返回 404 Not Found 或 422 Unprocessable Entity。
English Version
Steps to Reproduce:
1.DELETE /pet/123 → returns 200 OK
2.POST /store/order with request body including "petId": 123 → the system surprisingly accepts the order and returns an integer order ID
Actual Outcome:
The API allows creating an order for a pet that no longer exists, returning a 200 OK status, which is inconsistent with the intended business logic.
Suggested Fix:
Add a validation step in the POST /store/order endpoint to verify that the specified petId exists and is valid. If the pet does not exist, the API should return 404 Not Found or 422 Unprocessable Entity instead.
中文版
实现步骤:
1.DELETE /pet/123 → 返回 200 OK
2.POST /store/order 请求体包含 "petId": 123 → 系统竟然成功下单,并返回一个整数类型的订单 ID
实际结果:
允许为已删除的宠物(petId)创建订单,返回 200 OK,与预期业务逻辑不符。
可参考解决方案:
在 POST /store/order 接口中添加 petId 校验逻辑,确保指定的宠物必须是存在且处于有效状态,否则应返回 404 Not Found 或 422 Unprocessable Entity。
English Version
Steps to Reproduce:
1.DELETE /pet/123 → returns 200 OK
2.POST /store/order with request body including "petId": 123 → the system surprisingly accepts the order and returns an integer order ID
Actual Outcome:
The API allows creating an order for a pet that no longer exists, returning a 200 OK status, which is inconsistent with the intended business logic.
Suggested Fix:
Add a validation step in the POST /store/order endpoint to verify that the specified petId exists and is valid. If the pet does not exist, the API should return 404 Not Found or 422 Unprocessable Entity instead.