def deleteMenuItem(restaurant_id, menu_id): # Get user info for the user menu user = userData.getCurrentUserInfo() # Fetches the context item item = db.getRestaurantMenuItem(menu_id) # Checks whether the user has access to this content if not allowAccess(item.user_id, user["id"]): # Inform the user output = "You are not authorized to delete menu item to %s. Please create your own restaurant in order to delete items." % item.name flash(output, "alert-danger") # Redirects to the new area return redirect(url_for('showmenu', restaurant_id=restaurant_id)) if request.method == 'POST': if validateStateToke(request.form['csrf']): # Deleting item db.deleteRestaurantMenuItem(item) # Inform the user output = "%s menu item deleted!" % item.name flash(output, "alert-success") # Redirects to the new area return redirect(url_for('showmenu', restaurant_id=restaurant_id)) else: # Render template return render_template('deleteMenuItem.html', restaurant_id=restaurant_id, menu_id=menu_id, item=item, token=antiForgeryGenToke(), username=user['name'], user_picture=user['picture'])
def editMenuItem(restaurant_id, menu_id): # Get user info for the user menu user = userData.getCurrentUserInfo() # Fetches the context item item = db.getRestaurantMenuItem( menu_id ) # Checks whether the user has access to this content if not allowAccess( item.user_id, user["id"] ): # Inform the user output = "You are not authorized to edit menu items to %s restaurant. Please create your own restaurant in order to edit items." % restaurant.name flash(output, "alert-danger") # Redirects to the new area return redirect( url_for('showmenu', restaurant_id = restaurant_id) ) # Fetches all courses type courses = db.getAllCourses() if request.method == 'POST': if validateStateToke( request.form['csrf'] ): money = request.form['price'] value = Decimal(sub(r'[^\d.]', '', money)) name = request.form['name'] db.updateRestaurantMenuItem( item, name = name, description = request.form['description'], price = '${:,.2f}'.format(float(value)), course_name = request.form['course'], ) # Inform the user output = "%s menu item edited!" % name flash( output, "alert-success" ) # Redirects to the new area return redirect(url_for('showmenu', restaurant_id = restaurant_id)) else: # Convert price to number item.price = Decimal(sub(r'[^\d.]', '', item.price)) # Render template return render_template( 'editMenuItem.html', restaurant_id = restaurant_id, menu_id = menu_id, item = item, courses = courses, token = antiForgeryGenToke(), username = user['name'], user_picture = user['picture'] )
def editMenuItem(restaurant_id, menu_id): # Get user info for the user menu user = userData.getCurrentUserInfo() # Fetches the context item item = db.getRestaurantMenuItem(menu_id) # Checks whether the user has access to this content if not allowAccess(item.user_id, user["id"]): # Inform the user output = "You are not authorized to edit menu items to %s restaurant. Please create your own restaurant in order to edit items." % restaurant.name flash(output, "alert-danger") # Redirects to the new area return redirect(url_for('showmenu', restaurant_id=restaurant_id)) # Fetches all courses type courses = db.getAllCourses() if request.method == 'POST': if validateStateToke(request.form['csrf']): money = request.form['price'] value = Decimal(sub(r'[^\d.]', '', money)) name = request.form['name'] db.updateRestaurantMenuItem( item, name=name, description=request.form['description'], price='${:,.2f}'.format(float(value)), course_name=request.form['course'], ) # Inform the user output = "%s menu item edited!" % name flash(output, "alert-success") # Redirects to the new area return redirect(url_for('showmenu', restaurant_id=restaurant_id)) else: # Convert price to number item.price = Decimal(sub(r'[^\d.]', '', item.price)) # Render template return render_template('editMenuItem.html', restaurant_id=restaurant_id, menu_id=menu_id, item=item, courses=courses, token=antiForgeryGenToke(), username=user['name'], user_picture=user['picture'])
def deleteMenuItem(restaurant_id, menu_id): # Get user info for the user menu user = userData.getCurrentUserInfo() # Fetches the context item item = db.getRestaurantMenuItem( menu_id ) # Checks whether the user has access to this content if not allowAccess( item.user_id, user["id"] ): # Inform the user output = "You are not authorized to delete menu item to %s. Please create your own restaurant in order to delete items." % item.name flash(output, "alert-danger") # Redirects to the new area return redirect( url_for('showmenu', restaurant_id = restaurant_id) ) if request.method == 'POST': if validateStateToke( request.form['csrf'] ): # Deleting item db.deleteRestaurantMenuItem( item ) # Inform the user output = "%s menu item deleted!" % item.name flash(output, "alert-success") # Redirects to the new area return redirect(url_for('showmenu', restaurant_id = restaurant_id)) else: # Render template return render_template( 'deleteMenuItem.html', restaurant_id = restaurant_id, menu_id = menu_id, item = item, token = antiForgeryGenToke(), username = user['name'], user_picture = user['picture'] )
def menuItemJSON(restaurant_id, menu_id): item = db.getRestaurantMenuItem( menu_id ) return jsonify( item.serialize_json )
def menuItemJSON(restaurant_id, menu_id): item = db.getRestaurantMenuItem(menu_id) return jsonify(item.serialize_json)
def menuItemXML(restaurant_id, menu_id): item = db.getRestaurantMenuItem( menu_id ) return xmlResponse( item.serialize_xml )
def menuItemXML(restaurant_id, menu_id): item = db.getRestaurantMenuItem(menu_id) return xmlResponse(item.serialize_xml)