def deleteMenuItem(restaurant_id, menu_id):
# Get user info for the user menu
user = userData.getCurrentUserInfo()
# Fetches the context item
item = db.getRestaurantMenuItem(menu_id)
# Checks whether the user has access to this content
if not allowAccess(item.user_id, user["id"]):
# Inform the user
output = "You are not authorized to delete menu item to %s. Please create your own restaurant in order to delete items." % item.name
flash(output, "alert-danger")
# Redirects to the new area
return redirect(url_for('showmenu', restaurant_id=restaurant_id))
if request.method == 'POST':
if validateStateToke(request.form['csrf']):
# Deleting item
db.deleteRestaurantMenuItem(item)
# Inform the user
output = "%s menu item deleted!" % item.name
flash(output, "alert-success")
# Redirects to the new area
return redirect(url_for('showmenu', restaurant_id=restaurant_id))
else:
# Render template
return render_template('deleteMenuItem.html',
restaurant_id=restaurant_id,
menu_id=menu_id,
item=item,
token=antiForgeryGenToke(),
username=user['name'],
user_picture=user['picture'])
def editMenuItem(restaurant_id, menu_id):
# Get user info for the user menu
user = userData.getCurrentUserInfo()
# Fetches the context item
item = db.getRestaurantMenuItem( menu_id )
# Checks whether the user has access to this content
if not allowAccess( item.user_id, user["id"] ):
# Inform the user
output = "You are not authorized to edit menu items to %s restaurant. Please create your own restaurant in order to edit items." % restaurant.name
flash(output, "alert-danger")
# Redirects to the new area
return redirect( url_for('showmenu', restaurant_id = restaurant_id) )
# Fetches all courses type
courses = db.getAllCourses()
if request.method == 'POST':
if validateStateToke( request.form['csrf'] ):
money = request.form['price']
value = Decimal(sub(r'[^\d.]', '', money))
name = request.form['name']
db.updateRestaurantMenuItem(
item,
name = name,
description = request.form['description'],
price = '${:,.2f}'.format(float(value)),
course_name = request.form['course'],
)
# Inform the user
output = "%s menu item edited!" % name
flash( output, "alert-success" )
# Redirects to the new area
return redirect(url_for('showmenu', restaurant_id = restaurant_id))
else:
# Convert price to number
item.price = Decimal(sub(r'[^\d.]', '', item.price))
# Render template
return render_template(
'editMenuItem.html',
restaurant_id = restaurant_id,
menu_id = menu_id,
item = item,
courses = courses,
token = antiForgeryGenToke(),
username = user['name'],
user_picture = user['picture']
)
def editMenuItem(restaurant_id, menu_id):
# Get user info for the user menu
user = userData.getCurrentUserInfo()
# Fetches the context item
item = db.getRestaurantMenuItem(menu_id)
# Checks whether the user has access to this content
if not allowAccess(item.user_id, user["id"]):
# Inform the user
output = "You are not authorized to edit menu items to %s restaurant. Please create your own restaurant in order to edit items." % restaurant.name
flash(output, "alert-danger")
# Redirects to the new area
return redirect(url_for('showmenu', restaurant_id=restaurant_id))
# Fetches all courses type
courses = db.getAllCourses()
if request.method == 'POST':
if validateStateToke(request.form['csrf']):
money = request.form['price']
value = Decimal(sub(r'[^\d.]', '', money))
name = request.form['name']
db.updateRestaurantMenuItem(
item,
name=name,
description=request.form['description'],
price='${:,.2f}'.format(float(value)),
course_name=request.form['course'],
)
# Inform the user
output = "%s menu item edited!" % name
flash(output, "alert-success")
# Redirects to the new area
return redirect(url_for('showmenu', restaurant_id=restaurant_id))
else:
# Convert price to number
item.price = Decimal(sub(r'[^\d.]', '', item.price))
# Render template
return render_template('editMenuItem.html',
restaurant_id=restaurant_id,
menu_id=menu_id,
item=item,
courses=courses,
token=antiForgeryGenToke(),
username=user['name'],
user_picture=user['picture'])
def deleteMenuItem(restaurant_id, menu_id):
# Get user info for the user menu
user = userData.getCurrentUserInfo()
# Fetches the context item
item = db.getRestaurantMenuItem( menu_id )
# Checks whether the user has access to this content
if not allowAccess( item.user_id, user["id"] ):
# Inform the user
output = "You are not authorized to delete menu item to %s. Please create your own restaurant in order to delete items." % item.name
flash(output, "alert-danger")
# Redirects to the new area
return redirect( url_for('showmenu', restaurant_id = restaurant_id) )
if request.method == 'POST':
if validateStateToke( request.form['csrf'] ):
# Deleting item
db.deleteRestaurantMenuItem( item )
# Inform the user
output = "%s menu item deleted!" % item.name
flash(output, "alert-success")
# Redirects to the new area
return redirect(url_for('showmenu', restaurant_id = restaurant_id))
else:
# Render template
return render_template(
'deleteMenuItem.html',
restaurant_id = restaurant_id,
menu_id = menu_id,
item = item,
token = antiForgeryGenToke(),
username = user['name'],
user_picture = user['picture']
)
def menuItemJSON(restaurant_id, menu_id):
item = db.getRestaurantMenuItem( menu_id )
return jsonify( item.serialize_json )
def menuItemJSON(restaurant_id, menu_id):
item = db.getRestaurantMenuItem(menu_id)
return jsonify(item.serialize_json)
def menuItemXML(restaurant_id, menu_id):
item = db.getRestaurantMenuItem( menu_id )
return xmlResponse( item.serialize_xml )
def menuItemXML(restaurant_id, menu_id):
item = db.getRestaurantMenuItem(menu_id)
return xmlResponse(item.serialize_xml)
