When implementing a RESTful API, we should deliver the user proper responses on actions.
The architecture of REST API basing on proper building of the link and sending it with proper verb allows user to ask the API any request about any data. What response code should I provide to the user, when he will ask for method that is not implemented for the data he is asking for?
Example:
API is allowing the user to add articles via postAction but not allowing to delete articles at all. What response should I provide to the user when he will send REST DELETE request to my API? 404?
If it's a user permission issue, 403 seems most appropriate. (Forbidden - you're not allowed to do this but someone else might be able to)
If no-one is allowed to perform a DELETE but it's an otherwise valid URI, 405. (Method not allowed)
If it's an access to a non-existent resource, but DELETEs are supported against such resources, then 404 is appropriate. (Not found)
If it's more than one of these scenarios (i.e. the user isn't allowed to DELETE, and the URI they've provided is for a resource that doesn't actually exist) then you need to decide which piece of information is more important. I'd probably pick 404.