Create endpoint to load bid by ID (#1248)

* Create endpoint to load bid by ID

* Fix endpoint

app/Http/Controllers/Api/UserController.php

@@ -3,6 +3,7 @@
 namespace App\Http\Controllers\Api;
 
 use App\Contracts\Controller;
+use App\Exceptions\Unauthorized;
 use App\Exceptions\UserNotFound;
 use App\Http\Resources\Bid as BidResource;
 use App\Http\Resources\Pirep as PirepResource;
@@ -144,6 +145,28 @@ class UserController extends Controller
         return BidResource::collection($bids);
     }
 
+    /**
+     * Get a particular bid for a user
+     *
+     * @param                          $bid_id
+     * @param \Illuminate\Http\Request $request
+     *
+     * @return \App\Http\Resources\Bid
+     */
+    public function get_bid($bid_id, Request $request)
+    {
+        /** @var \App\Models\User $user */
+        $user = Auth::user();
+
+        // Return the current bid
+        $bid = $this->bidSvc->getBid($user, $bid_id);
+        if ($bid->user_id !== $user->id) {
+            throw new Unauthorized(new \Exception('Bid not not belong to authenticated user'));
+        }
+
+        return new BidResource($bid);
+    }
+
     /**
      * Return the fleet that this user is allowed to
      *

app/Models/Bid.php

@@ -6,7 +6,7 @@ use App\Contracts\Model;
 use Carbon\Carbon;
 
 /**
- * @property string user_id
+ * @property int    user_id
  * @property string flight_id
  * @property Carbon created_at
  * @property Carbon updated_at

app/Providers/RouteServiceProvider.php

@@ -584,6 +584,10 @@ class RouteServiceProvider extends ServiceProvider
                 Route::get('user/fleet', 'UserController@fleet');
                 Route::get('user/pireps', 'UserController@pireps');
 
+                Route::get('bids', 'UserController@bids');
+                Route::get('bids/{id}', 'UserController@get_bid');
+                Route::get('user/bids/{id}', 'UserController@get_bid');
+
                 Route::get('user/bids', 'UserController@bids');
                 Route::put('user/bids', 'UserController@bids');
                 Route::post('user/bids', 'UserController@bids');

app/Services/BidService.php

@@ -30,12 +30,24 @@ class BidService extends Service
      *
      * @param $bid_id
      *
-     * @return \App\Models\Bid|\Illuminate\Database\Eloquent\Model|tests/ImporterTest.php:521object|null
+     * @return \App\Models\Bid|\Illuminate\Database\Eloquent\Model|object|null
      */
-    public function getBid($bid_id)
+    public function getBid(User $user, $bid_id): Bid
     {
-        return Bid::with(['flight', 'flight.simbrief'])
+        $with = [
-            ->where(['id' => $bid_id])->first();
+            'flight',
+            'flight.fares',
+            'flight.simbrief' => function ($query) use ($user) {
+                $query->where('user_id', $user->id);
+            },
+            'flight.simbrief.aircraft',
+            'flight.simbrief.aircraft.subfleet',
+            'flight.subfleets',
+            'flight.subfleets.aircraft',
+            'flight.subfleets.fares',
+        ];
+
+        return Bid::with($with)->where(['id' => $bid_id])->first();
     }
 
     /**
@@ -132,7 +144,7 @@ class BidService extends Service
         $flight->has_bid = true;
         $flight->save();
 
-        return $this->getBid($bid->id);
+        return $this->getBid($user, $bid->id);
     }
 
     /**

tests/BidTest.php

@@ -185,6 +185,8 @@ class BidTest extends TestCase
     {
         $this->user = factory(User::class)->create();
         $user2 = factory(User::class)->create();
+
+        /** @var \App\Models\Flight $flight */
         $flight = $this->addFlight($this->user);
 
         $uri = '/api/user/bids';
@@ -194,6 +196,14 @@ class BidTest extends TestCase
         $body = $body->json('data');
 
         $this->assertEquals($body['flight_id'], $flight->id);
+        $this->assertNotEmpty($body['flight']);
+
+        $res = $this->get('/api/bids/'.$body['id']);
+        $res->assertOk();
+
+        $body = $res->json('data');
+        $this->assertEquals($body['flight_id'], $flight->id);
+        $this->assertNotEmpty($body['flight']);
 
         // Now try to have the second user bid on it
         // Should return a 409 error