1
00:00:01,960 --> 00:00:05,110
In this video we're going to tackle the show request handler.

2
00:00:05,110 --> 00:00:09,150
This request handler is going to get information about a very specific order.

3
00:00:09,160 --> 00:00:13,480
Once again we're going to make sure that only authenticated users can access this through our handler.

4
00:00:13,480 --> 00:00:17,860
And we're also going to make sure that users can only access their own orders.

5
00:00:17,860 --> 00:00:21,610
So one user can not look at another user's orders in total.

6
00:00:21,640 --> 00:00:24,930
This right handler is going to look very similar to the index one that we just put together.

7
00:00:24,940 --> 00:00:30,070
So let's just dive right in and get to it back inside to my editor I'll find my roots directory and

8
00:00:30,070 --> 00:00:33,080
we've already created the show to yes file inside there.

9
00:00:33,160 --> 00:00:33,710
So your show.

10
00:00:33,740 --> 00:00:38,830
Yes at the very top we're going to add in a couple of different imports right away without a doubt.

11
00:00:38,830 --> 00:00:43,690
We need the require off middleware from our common module.

12
00:00:43,720 --> 00:00:52,230
I'm also going to get the order model from up to directories or see me just one directory models order

13
00:00:54,860 --> 00:00:56,610
let's apply that require off middleware.

14
00:00:56,630 --> 00:01:03,730
So right above the or right before the actual it request handling function will add and require of then

15
00:01:03,730 --> 00:01:06,040
inside the root handler itself.

16
00:01:06,040 --> 00:01:12,310
We're going to take the I.D. or the order I.D. off the request parameters and we'll just try to fetch

17
00:01:12,310 --> 00:01:18,160
some order out of our database using that order I.D. sort through inside of your order is going to be

18
00:01:18,160 --> 00:01:19,990
a wait order.

19
00:01:20,000 --> 00:01:21,630
Fined by I.T. No.

20
00:01:21,670 --> 00:01:26,560
That is how we look up a very particular record based on its I.T. and the idea that we want to try to

21
00:01:26,560 --> 00:01:30,370
look up is going to be coming out of the request per Ram's object.

22
00:01:30,370 --> 00:01:37,330
So it will be rec Korans not order I.D. We're really making a big assumption here.

23
00:01:37,460 --> 00:01:43,160
Just assuming that the user is going to provide a accurate or what looks like a mongo DV idea right

24
00:01:43,160 --> 00:01:48,170
here and we already had a discussion a little bit ago about doing some validation to make sure that

25
00:01:48,170 --> 00:01:49,950
a valid I.D. is provided.

26
00:01:50,030 --> 00:01:54,710
So we could add in a validation step to make sure that that parameter right there is looking like a

27
00:01:54,710 --> 00:01:56,720
real Mongo DV I.D..

28
00:01:56,750 --> 00:02:02,830
I'll leave that up to you if you want to add that in so when I going to fetch the order and when we

29
00:02:02,830 --> 00:02:08,290
fetch the order we probably want to also simultaneously retrieve the associated ticket as well.

30
00:02:08,290 --> 00:02:13,420
So we're going to once again use that populate system in Mongoose so to say that we want to find this

31
00:02:13,420 --> 00:02:16,450
order and also simultaneously fetch the associated ticket.

32
00:02:16,450 --> 00:02:22,760
We're going to chain onto the very end dot populate ticket like so now this should give us our order

33
00:02:22,880 --> 00:02:24,260
and the associated ticket

34
00:02:27,170 --> 00:02:31,890
when we run this query is entirely possible that we will not find any order whatsoever.

35
00:02:31,970 --> 00:02:37,100
So a user might provide an invalid I.D. they might provide an I.D. for some order that has not yet been

36
00:02:37,100 --> 00:02:37,720
created.

37
00:02:37,760 --> 00:02:38,600
Who knows.

38
00:02:38,600 --> 00:02:44,660
But first we need to do is to make sure that we actually found in order we'll say if we did not find

39
00:02:44,660 --> 00:02:48,650
an order then we probably want to throw a not found error until a user.

40
00:02:48,650 --> 00:02:54,090
Sorry but we were not able to actually find anything so if we get inside of here we will throw a new

41
00:02:54,300 --> 00:03:07,060
not found error let's make sure we import that error from our common module so not found error.

42
00:03:07,070 --> 00:03:11,960
Next up if the user does not own this order then we probably want to throw in error as well.

43
00:03:11,960 --> 00:03:20,920
So again one user cannot look at another user's orders so we'll say if the order got user I.D..

44
00:03:20,940 --> 00:03:26,280
So this thing's user I.D. if the person who owns this order is not equal to the idea of the person making

45
00:03:26,280 --> 00:03:26,860
the request.

46
00:03:27,090 --> 00:03:30,530
Well we need to throw a not authorized error or something like that.

47
00:03:30,600 --> 00:03:37,830
So say if the order is user I.D. is not equal to recurrent user and don't forget the exclamation.

48
00:03:37,830 --> 00:03:41,970
Because we want to tell typescript Don't worry we already made sure that there is a current user property

49
00:03:42,840 --> 00:03:52,230
and then dot I.D. then we will throw a new not authorized error and once again we need to make sure

50
00:03:52,230 --> 00:03:53,970
we import that from our common module

51
00:03:58,590 --> 00:04:03,030
so if we get past both those little checks right there then that means say we found the I.D. or something.

52
00:04:03,030 --> 00:04:05,670
We found the order and we actually want send this back to the user.

53
00:04:05,700 --> 00:04:10,950
So at the very bottom we can replace that empty object with order and send back the entire thing to

54
00:04:10,950 --> 00:04:13,520
the user.

55
00:04:13,740 --> 00:04:14,220
That should be it.

56
00:04:14,490 --> 00:04:15,500
Let's save this.

57
00:04:15,750 --> 00:04:20,850
As usual we don't have really any mechanism right now to effectively test this is we don't have the

58
00:04:20,850 --> 00:04:24,470
ability to really create tickets to associate with a given order.

59
00:04:24,480 --> 00:04:26,090
So once again we're gonna take a quick pause.

60
00:04:26,130 --> 00:04:28,290
Come back the next video and write out a quick test.

61
00:04:28,290 --> 00:04:28,890
And don't worry.

62
00:04:28,890 --> 00:04:33,520
The test for this is going to go way faster than the index one we just put together.

63
00:04:33,540 --> 00:04:34,500
Let's take a pause right here.

64
00:04:34,530 --> 00:04:36,080
Get started on this in just a moment.