Esempio n. 1
0
    def menu_manipulation():

        auth_header = request.headers.get('Authorization')
        if auth_header:
            access_token = auth_header.split(" ")[1]

            if access_token:
                user_id = User.decode_token(access_token)
                if isinstance(user_id, int):
                    current_user = User.query.filter_by(id=user_id).first()
                    if current_user.caterer:
                        menu = Menu.query.order_by('menu.date').all()[-1]
                        if not menu:
                            abort(404)

                        if request.method == "DELETE":
                            menu.delete()
                            return {
                                "message":
                                "Todays menu has been deleted".format(menu.id)
                            }, 200
                        elif request.method == 'PUT':
                            menu_meals = request.data.get('meal_list', '')
                            date = request.data.get('date', '')
                            menu.delete()

                            if date == '':
                                date = datetime.datetime.now()
                            if menu_meals:
                                meals = [Meal.get(id=id) for id in menu_meals]
                                menu = Menu(date=date)
                                menu.add_meal_to_menu(meals)
                                return {
                                    'message':
                                    'The menu has successfully been updated',
                                    'menu': menu_meals
                                }, 200
                            return {'message': 'Please add meals to menu'}, 202
                            menu.save()
                    else:

                        response = {
                            'message':
                            'You are not authorized to perform these functions'
                        }
                        return make_response(jsonify(response)), 401

                else:
                    # user is not legit, so the payload is an error message
                    message = user_id
                    response = {'message': message}
                    return make_response(jsonify(response)), 401

            else:
                response = {'message': 'Please input access token'}
                return make_response(jsonify(response)), 401
        else:
            return {'message': 'Please input access token'}
Esempio n. 2
0
    def menu():
        auth_header = request.headers.get('Authorization')
        if auth_header:
            access_token = auth_header.split(" ")[1]

            if access_token:
                user_id = User.decode_token(access_token)
                if isinstance(user_id, int):
                    current_user = User.query.filter_by(id=user_id).first()
                    if request.method == "POST":
                        if current_user.caterer:
                            menu_meals = request.data.get('meal_list', '')
                            date = request.data.get('date', '')
                            if date == '':
                                date = datetime.datetime.now()
                            if menu_meals:
                                meals = [Meal.get(id=id) for id in menu_meals]
                                menu = Menu(date=date)
                                menu.add_meal_to_menu(meals)
                                return {
                                    'message': 'Todays menu has been updated'
                                }, 201

                            return {'message': 'Please add meals to menu'}, 202

                        else:

                            response = {
                                'message':
                                'You are unauthorized to access this'
                            }
                            return make_response(jsonify(response)), 401

                    else:  # GET

                        menu = Menu.query.order_by('menu.date').all()[-1]
                        menu_meals = [item.make_dict() for item in menu.meals]
                        return {
                            'message': 'Here is the menu for today',
                            'menu': menu_meals
                        }, 200

                else:
                    # user is not legit, so the payload is an error message
                    message = user_id
                    response = {'message': message}
                    return make_response(jsonify(response)), 401

            else:
                response = {'message': 'Please input access token'}
                return make_response(jsonify(response)), 401
        else:
            return {'message': 'Please input access token'}
Esempio n. 3
0
 def test_user_can_access_menu(self):
     """Test user can access the menu (GET request)."""
     date = datetime.utcnow().date()
     menu = Menu(date=date)
     meal = Meal(name='Beef', description='Saucy beef', price=10)
     meal.save()
     menu.add_meal_to_menu(meal)
     menu.save()
     result = self.login_user()
     self.assertEqual(200, result.status_code)
     access_token = json.loads(result.data.decode())['access_token']
     res = self.client().get('api/v1/menu/',
                             headers=dict(Authorization="Bearer " +
                                          access_token))
     self.assertEqual(res.status_code, 200)
     self.assertEqual('Here is the menu for today',
                      json.loads(res.data.decode('utf-8'))['message'])