From 522e0e620247845f236ddf1918134d2ef2d544b0 Mon Sep 17 00:00:00 2001
From: Frank Schubert <fronk@fronk.at>
Date: Fri, 21 Jul 2023 09:10:09 +0200
Subject: [PATCH] DELETE /preorder/:code now marks order as deleted directly

---
 application/Api/v1/PreorderApicontroller.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/application/Api/v1/PreorderApicontroller.php b/application/Api/v1/PreorderApicontroller.php
index 12892eb8d..aa6a68877 100644
--- a/application/Api/v1/PreorderApicontroller.php
+++ b/application/Api/v1/PreorderApicontroller.php
@@ -199,7 +199,7 @@ class PreorderApicontroller extends mfBaseApicontroller {
     if($preorder->partner_id != $this->me->address_id) {
       return mfResponse::Forbidden(["message" => "Permission denied"]);
     }
-    
+    /*
     if($preorder->cancel_request) {
       if($preorder->cancel_approved) {
         return mfResponse::Forbidden(["message" => "Order already cancelled"]);
@@ -207,16 +207,23 @@ class PreorderApicontroller extends mfBaseApicontroller {
         return mfResponse::Forbidden(["message" => "Cancellation request was already submitted"]);
       }
     }
+    */
+    if($preorder->deleted || $preorder->cancel_request) {
+      return mfResponse::Forbidden(["message" => "Order already cancelled"]);
+    }
     
     // set cancel_date and canceller
     $preorder->cancel_request = date('U');
     $preorder->cancel_request_by = $this->me->id;
+    $preorder->cancel_approved = $this->me->id;
+    $preorder->deleted = date('U');
+    $preorder->deleted_by = $this->me->id;
     $preorder->status_id = 15; // 899 - Cancelled
     if(!$preorder->save()) {
       return mfResponse::InternalServerError();
     }
     
-    return mfResponse::Ok(['message' => "Cancellation request submited"]);
+    return mfResponse::Ok(['message' => "Order successfully canceled"]);
     
   }