def validate(request):
error = vf.sent_expected_values(["customer", "items", "table_num"], request)
if error:
return error
table_num = int(request.json.get("table_num"))
items = request.json.get("items")
customer = request.json.get("customer")
if not isinstance(items, (list)):
error_msg = "expected 'items' to be list"
return jsonify(error={"success" : False, "message" : error_msg})
if len(items) > 100:
error_msg = "'items' is more than 100 items, please shorten it"
return jsonify(error={"success" : False, "message" : error_msg})
query = "SELECT * FROM table_details WHERE table_number = %s"
result = connector.execute_query(query, (table_num,))
if not result:
error_msg = "Given table number is not in table_detail"
return jsonify(error={"success" : False, "message" : error_msg})
query = "SELECT id FROM menu"
result = connector.execute_query(query)
res = []
for r in result:
res.append(int(r[0]))
for id in items:
if id not in res:
error_msg = "Invalid menu_item_id given in 'items' list"
return jsonify(error={"success" : False, "message" : error_msg})
return None
def login():
error = vf.sent_expected_values(["email", "password", "staff_login"],
request)
if error:
return error
email = request.json.get('email')
password = request.json.get('password')
staff_login = request.json.get('staff_login')
# select the user with the email inputted
if staff_login:
query = "SELECT email, password FROM waiter WHERE email = %s AND password = %s"
else:
query = "SELECT email, password FROM customer WHERE email = %s AND password = %s"
result = connector.execute_query(query, (email, password))
# if the result returns nothing return invalid response
if not result:
return jsonify(error={
"valid_credentials": False,
"message": "invalid email or password"
})
else:
email = result[0][0]
sessions.session.create_session(email, staff_login)
return jsonify(data={
"valid_credentials": True,
"username": email,
"is_staff": staff_login
})
def validate_order_event(request):
error = vf.sent_expected_values(["order_id", "order_event"], request)
if error:
return error
order_id = request.json.get("order_id")
event = request.json.get("order_event")
if event not in valid_events:
error_msg = "given event is not a valid event type, see this objects 'valid_events'"
error_msg += " for a list of valid events"
return jsonify(error={"success" : False, "message" : error_msg, "valid_events" : valid_events})
result = connector.execute_query("SELECT * FROM orders WHERE id=%s", (order_id,))
if not result:
error_msg = "Invalid order_id, given order_id is not in orders table"
return jsonify(error={"success" : False, "message" : error_msg})
query = "SELECT state FROM orders WHERE id = %s"
result = connector.execute_query(query, (order_id,))
order_state = result[0]
query = "SELECT order_event_transition(%s, %s) AS new_state"
result = connector.execute_query(query, (order_state, event))
print("PRINTING FROM VALIDATE_ORDERS: ", result[0][0])
# database will return error if there is a movement from one state to another that is not valid
# or if the event sent is not valid, see func_schema.sql to see the inner workings
if result[0][0] == "error":
print("ERROR FOUND")
error_msg = "Given event cannot be performed on this order."
return jsonify(error={"success" : False, "message" : error_msg})
return None
def validate_waiter(request):
error = validate_user(request)
if error:
return error
error = vf.sent_expected_values(["phone_number"], request)
if error:
return error
phone_number = request.json.get('phone_number')
# if the phone number is not an integer and of length 11
if len(phone_number) != 11 and isinstance(phone_number, int):
error_msg = "Phone number was not a valid input must be 07 followed by 9 digits"
return jsonify(error={"success": False, "message": error_msg})
email = request.json.get('email')
query = "SELECT email FROM waiter WHERE email = %s;"
result = connector.execute_query(query, (email, ))
# if there is someone in the database with that email already
if len(result) == 1:
error_msg = "Email given is already in use"
return jsonify(error={"success": False, "message": error_msg})
return None
def validate_get_cust_order(request):
error = vf.sent_expected_values(["cust_id"], request)
if error:
return error
cust_id = request.json.get("cust_id")
query = "SELECT email FROM customer where email = %s"
result = connector.execute_query(query, (cust_id,))
if result is None or result == []:
error_msg = "No customer with id = " + cust_id
return jsonify({"success":False, "message": error_msg})
return None
def validate_get_orders(request):
error = vf.sent_expected_values(["states"], request)
if error:
return error
states = request.json.get("states")
for state in states:
if state not in valid_states:
error_msg = "given event is not a valid event type, see this objects 'valid_states'"
error_msg += " for a list of valid events"
return jsonify(error={"success" : False, "message" : error_msg, "valid_states" : valid_states})
return None
def change_availability():
error = vf.sent_expected_values(["newState", "menuId"], request)
if error:
return error
newState = request.json.get("newState")
menuId = request.json.get("menuId")
query = "UPDATE menu SET available = %s WHERE id = (%s)"
result = connector.execute_insert_query(query, (newState, menuId))
if result is False:
return jsonify(error={
"success": False,
"message": "Error MenuId does not exist"
})
return jsonify(data={"success": True})
def validate_table(request):
error = vf.sent_expected_values(["table_id"], request)
if error:
return error
table_id = request.json.get("table_id")
if table_id is None:
error_msg = "Nothing was given as the value of table_id"
return jsonify(error={"success": False, "message": error_msg})
query = "SELECT table_number FROM table_details WHERE table_number = %s"
result = connector.execute_query(query, (table_id, ))
if len(result) == 0:
error_msg = "Table number does not exist in the database"
return jsonify(error={"success": False, "message": error_msg})
return None
def validate_get_waiters_orders(request):
# using validate functions to do common checking, here we are checking if the user exists
error = validate_get_orders(request)
if error is not None:
return error
error = vf.sent_expected_values(["waiter_id"], request)
if error:
return error
waiter_id = request.json.get("waiter_id")
query = "SELECT email from waiter where email = %s"
result = connector.execute_query(query, (waiter_id,))
if len(result) is 0:
error_msg = "Given waiter email was not found in the table"
return jsonify(error={"success":False, "message":error_msg})
return None
def validate_get_order(request):
# using validate functions to do common checking, if the user exists
error = validate_get_cust_order(request)
if error is not None:
return error
error = vf.sent_expected_values(["order_id"], request)
if error:
return error
order_id = request.json.get("order_id")
query = "SELECT id from orders where id = %s"
result = connector.execute_query(query, (order_id,))
if result is None or result == []:
error_msg = "No order exists with id = " + order_id
return jsonify(error={"success": False, "message": error_msg})
return None
def validate_event(request):
error = validate_table(request)
if error:
return error
error = vf.sent_expected_values(["waiter_id"], request)
if error:
return error
waiter = request.json.get("waiter_id")
if waiter is not None:
result = connector.execute_query("SELECT * FROM waiter WHERE email=%s",
(waiter, ))
if len(result) == 0:
error_msg = "Given waiter email does not appear in waiter table"
return jsonify(error={"success": False, "message": error_msg})
return None
def validate_payments(request):
error = vf.sent_expected_values(
["card_num", "cvv", "sort_num", "expiry_date"], request)
if error:
return error
# checks if its of a valid length
credit_card_num = request.json.get("card_num")
if (len(credit_card_num) != 15 and len(credit_card_num) != 16):
error_msg = "Card number not a valid size, expected size 15 or 16 got " + str(
len(credit_card_num))
return jsonify(error={"success": False, "message": error_msg})
#############################################################################################
#--------------- NEED TO IMPLEMENT CHECKSUM TEST OF CREDIT CARD NUMBER ---------------------#
#############################################################################################
cvv = request.json.get("cvv")
if (len(cvv) != 3):
error_msg = "CVV not a valid"
return jsonify(error={"success": False, "message": error_msg})
sort_num = request.json.get("sort_num")
if (len(sort_num) != 6):
error_msg = "Sort number not a valid size"
return jsonify(error={"success": False, "message": error_msg})
expiry_date = request.json.get("expiry_date")
try:
date = datetime.datetime.strptime(expiry_date, '%m%y')
except ValueError:
error_msg = "Date not in correct format should be month year with not separation '1020' is october 2020"
return jsonify(error={"success": False, "message": error_msg})
if date < datetime.datetime.now():
error_msg = "Not a valid date"
return jsonify(error={"success": False, "message": error_msg})
def validate_user(request):
error = vf.sent_expected_values(
["email", "firstname", "lastname", "password"], request)
if error:
return error
return None