def newMenuItem(restaurant_id):
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
creator = getUserInfo(restaurant.user_id)
if ('username' not in login_session) or (creator.id != login_session['user_id']):
return redirect(url_for('showLogin'))
if request.method == 'POST':
# File upload
filename = ""
file = request.files['image']
if file and allowed_file(file.filename):
filename = secure_filename(file.filename)
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
newItem = MenuItem(
course=request.form['course'],
description=request.form['description'],
name=request.form['name'],
price=request.form['price'],
restaurant_id=restaurant_id,
user_id=login_session['user_id'],
image=filename
)
session.add(newItem)
session.commit()
flash('New Menu Item created!')
return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
return render_template(
'new-menu-item.html',
restaurant=restaurant,
courses=constants.COURSES)
def editMenuItem(restaurant_id, menuitem_id):
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
creator = getUserInfo(restaurant.user_id)
if creator.id != login_session['user_id']:
return redirect(url_for('showLogin'))
menuitem = session.query(MenuItem).filter_by(id=menuitem_id).one()
if request.method == 'POST':
if request.form['name']:
menuitem.name = request.form['name']
if request.form['description']:
menuitem.description = request.form['description']
if request.form['price']:
menuitem.price = request.form['price']
if request.form['course']:
menuitem.course = request.form['course']
session.add(menuitem)
session.commit()
flash('Menu Item {0} Updated'.format(menuitem.name))
return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
return render_template(
'edit-menu-item.html',
restaurant_id=restaurant_id,
menuitem_id=menuitem_id,
item=menuitem,
courses=constants.COURSES)
def restaurantMenu(restaurant_id):
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
creator = getUserInfo(restaurant.user_id)
appetizers = session.query(MenuItem).filter_by(restaurant_id=restaurant.id, course="Appetizers")
main_dishes = session.query(MenuItem).filter_by(restaurant_id=restaurant.id, course="Main Dish")
beverages = session.query(MenuItem).filter_by(restaurant_id=restaurant.id, course="Beverages").all()
desserts = session.query(MenuItem).filter_by(restaurant_id=restaurant.id, course="Desserts")
if 'username' not in login_session:
return render_template(
'restaurant-menu-public.html',
restaurant=restaurant,
appetizers=appetizers,
main_dishes=main_dishes,
beverages=beverages,
desserts=desserts,
creatorPicture=creator.picture
)
else:
isCreator = login_session['user_id'] == creator.id
return render_template(
'restaurant-menu.html',
restaurant=restaurant,
appetizers=appetizers,
main_dishes=main_dishes,
beverages=beverages,
desserts=desserts,
isCreator=isCreator,
creatorPicture=creator.picture
)
def deleteMenuItem(restaurant_id, menuitem_id):
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
creator = getUserInfo(restaurant.user_id)
if ('username' not in login_session) or (creator.id != login_session['user_id']):
return redirect(url_for('showLogin'))
menuitem = session.query(MenuItem).filter_by(id=menuitem_id).one()
if request.method == 'POST':
flashMessage = 'Menu item: %s deleted!' % menuitem.name
session.delete(menuitem)
session.commit()
flash(flashMessage)
return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
return render_template(
'delete-menu-item.html',
item=menuitem)
def restaurantUpdate(restaurant_id):
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
creator = getUserInfo(restaurant.user_id)
if (creator.id != login_session['user_id']):
return '''<script>
function myFunction(){
alert('You are not authorized');
location.href='/login';}
</script>
<body onload='myFunction();'>
'''
if request.method == 'POST':
restaurant.name = request.form['name']
session.add(restaurant)
session.commit()
flash('Restaurant {0} Updated'.format(restaurant.name))
return redirect(url_for('restaurantList'))
else:
return render_template('edit-restaurant.html', restaurant=restaurant)
def restaurantList():
restaurants = session.query(Restaurant).order_by(Restaurant.name).all()
print restaurants
if 'username' not in login_session:
return render_template(
'restaurants-public.html',
restaurants=restaurants
)
else:
current_user = getUserInfo(login_session['user_id'])
if not current_user:
return redirect(url_for('showLogin'))
return render_template(
'restaurants.html',
restaurants=restaurants,
user_id=login_session['user_id'],
picture=current_user.picture
)
def restaurantDelete(restaurant_id):
restaurantToDelete = session.query(Restaurant).filter_by(id=restaurant_id).one()
creator = getUserInfo(restaurantToDelete.user_id)
if (creator.id != login_session['user_id']):
return '''<script>
function myFunction(){
alert('You are not authorized');
location.href='/login';}
</script>
<body onload='myFunction();'>
'''
restaurant = session.query(Restaurant).filter_by(id=restaurant_id).one()
if request.method == 'POST':
flashMessage = 'Restaurant: %s deleted!' % restaurant.name
session.delete(restaurant)
session.commit()
flash(flashMessage)
return redirect(url_for('restaurantList'))
else:
return render_template('delete-restaurant.html', restaurant=restaurant)
