def menu_manipulation(): auth_header = request.headers.get('Authorization') if auth_header: access_token = auth_header.split(" ")[1] if access_token: user_id = User.decode_token(access_token) if isinstance(user_id, int): current_user = User.query.filter_by(id=user_id).first() if current_user.caterer: menu = Menu.query.order_by('menu.date').all()[-1] if not menu: abort(404) if request.method == "DELETE": menu.delete() return { "message": "Todays menu has been deleted".format(menu.id) }, 200 elif request.method == 'PUT': menu_meals = request.data.get('meal_list', '') date = request.data.get('date', '') menu.delete() if date == '': date = datetime.datetime.now() if menu_meals: meals = [Meal.get(id=id) for id in menu_meals] menu = Menu(date=date) menu.add_meal_to_menu(meals) return { 'message': 'The menu has successfully been updated', 'menu': menu_meals }, 200 return {'message': 'Please add meals to menu'}, 202 menu.save() else: response = { 'message': 'You are not authorized to perform these functions' } return make_response(jsonify(response)), 401 else: # user is not legit, so the payload is an error message message = user_id response = {'message': message} return make_response(jsonify(response)), 401 else: response = {'message': 'Please input access token'} return make_response(jsonify(response)), 401 else: return {'message': 'Please input access token'}
def menu(): auth_header = request.headers.get('Authorization') if auth_header: access_token = auth_header.split(" ")[1] if access_token: user_id = User.decode_token(access_token) if isinstance(user_id, int): current_user = User.query.filter_by(id=user_id).first() if request.method == "POST": if current_user.caterer: menu_meals = request.data.get('meal_list', '') date = request.data.get('date', '') if date == '': date = datetime.datetime.now() if menu_meals: meals = [Meal.get(id=id) for id in menu_meals] menu = Menu(date=date) menu.add_meal_to_menu(meals) return { 'message': 'Todays menu has been updated' }, 201 return {'message': 'Please add meals to menu'}, 202 else: response = { 'message': 'You are unauthorized to access this' } return make_response(jsonify(response)), 401 else: # GET menu = Menu.query.order_by('menu.date').all()[-1] menu_meals = [item.make_dict() for item in menu.meals] return { 'message': 'Here is the menu for today', 'menu': menu_meals }, 200 else: # user is not legit, so the payload is an error message message = user_id response = {'message': message} return make_response(jsonify(response)), 401 else: response = {'message': 'Please input access token'} return make_response(jsonify(response)), 401 else: return {'message': 'Please input access token'}
def test_user_can_access_menu(self): """Test user can access the menu (GET request).""" date = datetime.utcnow().date() menu = Menu(date=date) meal = Meal(name='Beef', description='Saucy beef', price=10) meal.save() menu.add_meal_to_menu(meal) menu.save() result = self.login_user() self.assertEqual(200, result.status_code) access_token = json.loads(result.data.decode())['access_token'] res = self.client().get('api/v1/menu/', headers=dict(Authorization="Bearer " + access_token)) self.assertEqual(res.status_code, 200) self.assertEqual('Here is the menu for today', json.loads(res.data.decode('utf-8'))['message'])