diff options
| author | soryu <soryu@soryu.co> | 2026-02-16 19:01:56 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2026-02-16 19:01:56 +0000 |
| commit | 4bd40f047a6f4703945c6db2811d8feda27241d6 (patch) | |
| tree | b53feed7931309520c0886585487d143fc2957f4 /makima/src/server/handlers/orders.rs | |
| parent | b3de779d87450033f1e0361144c621a1d5f1dbf8 (diff) | |
| download | soryu-4bd40f047a6f4703945c6db2811d8feda27241d6.tar.gz soryu-4bd40f047a6f4703945c6db2811d8feda27241d6.zip | |
soryu-co/soryu - makima (#66)
* feat: soryu-co/soryu - makima: Fix contracts page scrolling overflow
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
Diffstat (limited to 'makima/src/server/handlers/orders.rs')
| -rw-r--r-- | makima/src/server/handlers/orders.rs | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/makima/src/server/handlers/orders.rs b/makima/src/server/handlers/orders.rs index cddf6a6..1251f79 100644 --- a/makima/src/server/handlers/orders.rs +++ b/makima/src/server/handlers/orders.rs @@ -81,13 +81,14 @@ pub async fn list_orders( } } -/// Create a new order. +/// Create a new order. A valid directive_id is required. #[utoipa::path( post, path = "/api/v1/orders", request_body = CreateOrderRequest, responses( (status = 201, description = "Order created", body = Order), + (status = 400, description = "Invalid directive_id", body = ApiError), (status = 401, description = "Unauthorized", body = ApiError), (status = 503, description = "Database not configured", body = ApiError), ), @@ -107,6 +108,29 @@ pub async fn create_order( .into_response(); }; + // Validate the directive exists and belongs to this owner. + // directive_id is required by the CreateOrderRequest struct (Uuid, not Option<Uuid>). + match repository::get_directive_for_owner(pool, auth.owner_id, req.directive_id).await { + Ok(Some(_)) => {} + Ok(None) => { + return ( + StatusCode::BAD_REQUEST, + Json(ApiError::new( + "INVALID_DIRECTIVE", + "directive_id is required and must reference a valid directive owned by you", + )), + ) + .into_response(); + } + Err(e) => { + return ( + StatusCode::INTERNAL_SERVER_ERROR, + Json(ApiError::new("VALIDATION_FAILED", &e.to_string())), + ) + .into_response(); + } + } + match repository::create_order(pool, auth.owner_id, req).await { Ok(order) => (StatusCode::CREATED, Json(order)).into_response(), Err(e) => { |