def menu_manipulation():
auth_header = request.headers.get('Authorization')
if auth_header:
access_token = auth_header.split(" ")[1]
if access_token:
user_id = User.decode_token(access_token)
if isinstance(user_id, int):
current_user = User.query.filter_by(id=user_id).first()
if current_user.caterer:
menu = Menu.query.order_by('menu.date').all()[-1]
if not menu:
abort(404)
if request.method == "DELETE":
menu.delete()
return {
"message":
"Todays menu has been deleted".format(menu.id)
}, 200
elif request.method == 'PUT':
menu_meals = request.data.get('meal_list', '')
date = request.data.get('date', '')
menu.delete()
if date == '':
date = datetime.datetime.now()
if menu_meals:
meals = [Meal.get(id=id) for id in menu_meals]
menu = Menu(date=date)
menu.add_meal_to_menu(meals)
return {
'message':
'The menu has successfully been updated',
'menu': menu_meals
}, 200
return {'message': 'Please add meals to menu'}, 202
menu.save()
else:
response = {
'message':
'You are not authorized to perform these functions'
}
return make_response(jsonify(response)), 401
else:
# user is not legit, so the payload is an error message
message = user_id
response = {'message': message}
return make_response(jsonify(response)), 401
else:
response = {'message': 'Please input access token'}
return make_response(jsonify(response)), 401
else:
return {'message': 'Please input access token'}
def menu():
auth_header = request.headers.get('Authorization')
if auth_header:
access_token = auth_header.split(" ")[1]
if access_token:
user_id = User.decode_token(access_token)
if isinstance(user_id, int):
current_user = User.query.filter_by(id=user_id).first()
if request.method == "POST":
if current_user.caterer:
menu_meals = request.data.get('meal_list', '')
date = request.data.get('date', '')
if date == '':
date = datetime.datetime.now()
if menu_meals:
meals = [Meal.get(id=id) for id in menu_meals]
menu = Menu(date=date)
menu.add_meal_to_menu(meals)
return {
'message': 'Todays menu has been updated'
}, 201
return {'message': 'Please add meals to menu'}, 202
else:
response = {
'message':
'You are unauthorized to access this'
}
return make_response(jsonify(response)), 401
else: # GET
menu = Menu.query.order_by('menu.date').all()[-1]
menu_meals = [item.make_dict() for item in menu.meals]
return {
'message': 'Here is the menu for today',
'menu': menu_meals
}, 200
else:
# user is not legit, so the payload is an error message
message = user_id
response = {'message': message}
return make_response(jsonify(response)), 401
else:
response = {'message': 'Please input access token'}
return make_response(jsonify(response)), 401
else:
return {'message': 'Please input access token'}
def test_user_can_access_menu(self):
"""Test user can access the menu (GET request)."""
date = datetime.utcnow().date()
menu = Menu(date=date)
meal = Meal(name='Beef', description='Saucy beef', price=10)
meal.save()
menu.add_meal_to_menu(meal)
menu.save()
result = self.login_user()
self.assertEqual(200, result.status_code)
access_token = json.loads(result.data.decode())['access_token']
res = self.client().get('api/v1/menu/',
headers=dict(Authorization="Bearer " +
access_token))
self.assertEqual(res.status_code, 200)
self.assertEqual('Here is the menu for today',
json.loads(res.data.decode('utf-8'))['message'])
