HTML MASTER CLASS /// LEARN TAGS /// BUILD STRUCTURE /// SEMANTIC WEB /// HTML MASTER CLASS /// LEARN TAGS ///
Total XP: 0|💻 apicreationmanipulation XP: 0

Updating & Deleting (CRUD)

Complete your mastery of server-side CRUD operations. Learn how to execute Updates using `req.params` and `req.body`, and understand the critical architectural difference between Hard Deletes and Soft Deletes.

LOADING ENGINE...

Skill Matrix

UNLOCK NODES BY LEARNING NEW TAGS.

Updates & Deletes

Modify records.

Quick Quiz //

Why does an Update (PATCH) route typically require you to extract data from both `req.params` and `req.body`?


Modifying and destroying data are the most dangerous operations in an API. They must be handled with precision and safety.

1The Complexity of Updates

Updating a record is logically the most complex of the four CRUD operations because it requires the intersection of two data streams. You must extract the Target ID from the URL (req.params) to locate the specific record in the database. Simultaneously, you must extract the Payload from the request body (req.body) to know what new data to apply. If you mix these up, you might accidentally overwrite the wrong user's profile.

+
// Implementation Example

async function execute() {
  // See concept above
}
localhost:3000
localhost:3000
Status: Execution verified and active.

2Coding PATCH vs PUT

In a previous module, we learned that PUT is a full replacement and PATCH is a partial update. In your Express code, this translates directly to how you configure your ORM. If your route is a PUT, you must write logic to overwrite every single field in the database, setting missing fields to null. If your route is a PATCH, you simply pass req.body directly to the ORM, allowing it to dynamically update only the specific fields provided by the client.

+
// Implementation Example

async function execute() {
  // See concept above
}
localhost:3000
localhost:3000
Status: Execution verified and active.

3The Soft Delete Architecture

Data is the most valuable asset a company has. You never truly delete it. If a user deletes their account, executing a raw SQL DELETE command destroys the relational integrity of the database. All of their past orders, comments, and analytics become 'orphaned', causing the app to crash when it tries to load them. Instead, a 'DELETE' route in Express should actually execute an ORM update() command, flipping a boolean column called isDeleted or isActive. Your GET routes are then modified to filter out any users where isDeleted is true.

+
// Implementation Example

async function execute() {
  // See concept above
}
localhost:3000
localhost:3000
Status: Execution verified and active.

?Frequently Asked Questions

Pascual Vila

Pascual Vila

Frontend Instructor // Code Syllabus

Lesson Glossary

[01]PATCH

An HTTP method used to apply partial modifications to a resource.

Code Preview
The Modifier

[02]DELETE

An HTTP method used to request the removal of a specific resource from the server.

Code Preview
The Destroyer

[03]Hard Delete

A database operation that permanently and irrevocably removes a record from the storage disk. Dangerous for relational data.

Code Preview
Permanent Erasure

[04]Soft Delete

An architectural pattern where a record is not physically deleted, but instead marked as inactive (e.g., isDeleted = true) so it is hidden from the user interface.

Code Preview
The Hidden Flag

[05]HTTP 204

No Content. A common success status code for a DELETE operation, indicating the action succeeded but there is no data to send back.

Code Preview
Success, Nothing to Return

Continue Learning

Go Deeper

Related Courses