Return Order Details in REST API – Magento 2 Guide

magento-2.1restsales-order

I am writing a custom API which will use a customer token in authorization header and will able to fetch the order details.

Below is my code:

File : CustomerOrderRepositoryInterface.php

<?php
namespace Vendor\Modulename\Api;


interface CustomerOrderRepositoryInterface
{
    /**
     * Get Customer Order.
     *
     * @api
     * @param int $customerId
     * @param int $orderId
     * @return \Magento\Sales\Api\Data\OrderInterface Order interface.
     * @throws \Magento\Framework\Exception\NoSuchEntityException
     */
    public function getOrder($customerId, $orderId);
}

File : CustomerOrderRepository.php

<?php
namespace Vendor\Modulename\Model\Resource;

use Vendor\Modulename\Api\CustomerOrderRepositoryInterface;
use Magento\Sales\Model\OrderRepository;
use Magento\Framework\Exception\NoSuchEntityException;

class CustomerOrderRepository implements CustomerOrderRepositoryInterface
{
    /**
     * @var \Magento\Sales\Model\OrderRepository
     */
    private $orderRepository;



    /**
     * CustomerOrderRepository constructor.
     *
     * @param \Magento\Sales\Model\OrderRepository $orderRepository
     */
    public function __construct(
        \Magento\Sales\Model\OrderRepository $orderRepository
    ) {
        $this->orderRepository = $orderRepository;
    }

    /**
     * Get Customer Order.
     *
     * @param int $customerId
     * @param int $orderId
     * @return \Magento\Sales\Api\Data\OrderInterface Order interface.
     * @throws \Magento\Framework\Exception\NoSuchEntityException
     */
    public function getOrder($customerId, $orderId)
    {
        /**
        * Here I have put some custom checks before proceeding to fetch the order details and 
        * based on that I am getting the $customerOrderId from my custom table.
        */

        if($customerOrderId == $orderId) {
            /** Here I am passing the correct order ID. 
              *I am able to get the details with admin token for same orderId.*/
            $orderDetails = $this->orderRepository->get($orderId);
            return $orderDetails;
        }else {
            throw new NoSuchEntityException(__('There is no order with number "%1" is associated.',$orderId));
        }
    }
}

File : webapi.xml

<?xml version="1.0" ?>
<routes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Webapi:etc/webapi.xsd">
    <route url="/V1/vendor/orders/:orderId" method="GET">
        <service class="Vendor\Modulename\Api\CustomerOrderRepositoryInterface" method="getOrder"/>
        <resources>
            <resource ref="self"/>
        </resources>
        <data>
            <parameter name="customerId" force="true">%customer_id%</parameter>
        </data>
    </route>
</routes>

I am getting the error below in the response. (I tried using use Magento\Sales\Api\OrderRepositoryInterface too)

{
    "message": "No such entity with %fieldName = %fieldValue",
    "parameters": {
        "fieldName": "orderId",
        "fieldValue": "17"
    }
}

How I can fetch the order details in this scenario?

Best Answer

In file vendor/magento/module-sales/Model/ResourceModel/Order/Plugin/Authorization.php below code is throwing the error.

public function aroundLoad(
    \Magento\Sales\Model\ResourceModel\Order $subject,
    \Closure $proceed,
    \Magento\Framework\Model\AbstractModel $order,
    $value,
    $field = null
) {
    $result = $proceed($order, $value, $field);
    if (!$this->isAllowed($order)) {
        throw NoSuchEntityException::singleField('orderId', $order->getId());
    }
    return $result;
}

$this->isAllowed method checks against USER_TYPE_CUSTOMER. As I am passing the different customer token which is need of my project, it's throwing the error.

Related Topic