int orderId = Integer.parseInt(request.getParameter("orderId"));
Order order = this.petStore.getOrder(orderId);
UserSession userSession = (UserSession) WebUtils.getSessionAttribute(request, "userSession");
if (userSession.getAccount().getUsername().equals(order.getUsername())) {
return new ModelAndView("ViewOrder", "order", order);
}
else {
return new ModelAndView("Error", "message", "You may only view your own orders.");
}