Initial commit

api/hooks/orderRevokeRequest/get_read.js

@@ -0,0 +1,35 @@
+const { withAccount } = require("../lib/utils")
+;(function () {
+    const queryParam = context.request().query("orderId")
+    if (!queryParam) {
+        if (context.user.auth()) return
+        throw {
+            message: "orderId is required",
+            code: 400,
+        }
+    }
+
+    withAccount((login) => {
+        const order = context.db.find("bigCommerceOrder", {
+            filter: {
+                bigCommerceId: Number(queryParam),
+            },
+        })[0]
+        if (!order) {
+            throw {
+                message: "Order not found",
+                code: 404,
+            }
+        }
+        if (order.customerBigCommerceId !== login.bigCommerceId) {
+            throw {
+                message: "You don't have permission to access this order",
+                code: 403,
+            }
+        }
+        context.filter = {
+            bigCommerceId: order.bigCommerceId,
+        }
+    })
+    return context
+})()