def api_admin_updateStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
stationName = data.get('name')
capacity = data.get('capacity')
sponsoredBuilding = data.get('sponsoredBuilding')
if type(stationName) is str and type(
capacity) is int and capacity > 0 and type(
sponsoredBuilding) is str:
if not checkExist('Station', '`stationName` = %s', (stationName)):
return ErrorModel({'errno': 0}).json()
numFoodTrucks = mysqlDB.select(
'SELECT COUNT(*) AS numFoodTrucks FROM FoodTruck WHERE stationName = %s',
(stationName))['data'][0]['numFoodTrucks']
if numFoodTrucks > capacity:
return ErrorModel({'errno': 3}).json()
callProcedure('ad_update_station',
[stationName, capacity, sponsoredBuilding])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 2}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 1}).json()
def api_manager_getAvailableStaff():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
username = current_user.id
callProcedure('mn_view_foodTruck_available_staff', [username, None])
data = select('mn_view_foodTruck_available_staff_result', '1 = 1',
'*')['data']
urlData = json.loads(request.args.get('data') or '{}')
foodTruckName = urlData.get('foodTruckName')
if foodTruckName:
callProcedure('mn_view_foodTruck_staff', [foodTruckName])
newData = select('mn_view_foodTruck_staff_result', '1 = 1',
'*')['data']
data = tuple(list(data) + list(newData))
for obj in data:
staffUsername = mysqlDB.select(
'SELECT username from Staff NATURAL JOIN `User` WHERE CONCAT(firstName, " ", lastName) = %s',
(obj.get('availableStaff')
or obj.get('assignedStaff')))['data'][0]['username']
obj['username'] = staffUsername
return SuccessModel(data).json()
def api_customer_explore():
if not hasattr(current_user,
'roles') or 'Customer' not in current_user.roles:
return ErrorModel('No Privilege: Must be Customer').json()
data = json.loads(request.args.get('data') or '{}')
buildingName = data.get('buildingName')
stationName = data.get('stationName')
buildingTag = data.get('buildingTag')
foodTruckName = data.get('foodTruckName')
food = data.get('food')
ret = {}
callProcedure(
'cus_filter_explore',
[buildingName, stationName, buildingTag, foodTruckName, food])
ret['table'] = select('cus_filter_explore_result', '1 = 1', '*')['data']
ret['stationList'] = mysqlDB.select('SELECT stationName from Station;',
())['data']
ret['buildingList'] = mysqlDB.select('SELECT buildingName from Station;',
())['data']
return SuccessModel(ret).json()
def api_admin_manageFood():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = json.loads(request.args.get('data') or '{}')
foodName = data.get('name')
sortBy = data.get('sortBy')
isAsc = data.get('asc')
if sortBy is not None:
if isAsc:
isAsc = 'ASC'
else:
isAsc = 'DESC'
ret = {}
callProcedure('ad_filter_food', [foodName, sortBy, isAsc])
result = select('ad_filter_food_result', '1 = 1', '*')
if not result['okay']:
return ErrorModel({'errno': 0}).json()
ret['table'] = result['data']
result = mysqlDB.select('SELECT * FROM Food;', ())
if not result['okay']:
return ErrorModel({'errno': 1}).json()
ret['foodList'] = result['data']
return SuccessModel(ret).json()
def api_manager_manageFoodTruck():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
username = current_user.id
data = json.loads(request.args.get('data') or '{}')
foodTruckName = data.get('foodTruckName') or ''
stationName = data.get('stationName') or ''
staffCount = data.get('staffCount')
low = None
high = None
if staffCount:
low = staffCount.get('low')
high = staffCount.get('high')
hasRemainingCapacity = data.get('hasRemainingCapacity')
if hasRemainingCapacity is None:
hasRemainingCapacity = False
callProcedure('mn_filter_foodTruck', [
username, foodTruckName, stationName, low, high, hasRemainingCapacity
])
ret = {}
ret['table'] = select('mn_filter_foodTruck_result', '1 = 1', '*')['data']
callProcedure('mn_get_station', [username])
ret['stationList'] = select('mn_get_station_result', '1 = 1', '*')['data']
return SuccessModel(ret).json()
def api_admin_updateBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
oldName = data.get('oldName')
newName = data.get('newName')
description = data.get('description')
tags = data.get('tags')
if oldName and newName and description is not None and tags and len(
tags) > 0:
if checkExist('Building', '`buildingName` = %s', (oldName)):
if oldName.lower() == newName.lower() or not checkExist(
'Building', '`buildingName` = %s', (newName)):
callProcedure('ad_update_building',
[oldName, newName, description])
# The provided stored proecedure API is different. Let's do a vinilla style!
mysqlDB.modify(
'DELETE FROM `BuildingTag` WHERE `buildingName` = %s;',
newName)
for tag in tags:
if not checkExist('BuildingTag',
'`buildingName` = %s AND `tag` = %s',
(newName, tag)):
callProcedure('ad_add_building_tag', [newName, tag])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 3}).json()
else:
return ErrorModel({'errno': 2}).json()
return ErrorModel({'errno': 1}).json()
def api_admin_getAvailableBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
callProcedure('ad_get_available_building', [])
return SuccessModel(
select('ad_get_available_building_result', '1 = 1',
'*')['data']).json()
def api_customer_foodTruckMenu():
if not hasattr(current_user, 'roles') or 'Customer' not in current_user.roles:
return ErrorModel('No Privilege: Must be Customer').json()
data = json.loads(request.args.get('data') or '{}')
foodTruck = data.get('foodTruck')
callProcedure('mn_view_foodTruck_menu', [foodTruck])
ret = select('mn_view_foodTruck_menu_result', '1 = 1', 'foodName, price')['data']
cleanDecimal(ret, 'price', 2)
return SuccessModel(ret).json()
def api_customer_selectLocation():
if not hasattr(current_user, 'roles') or 'Customer' not in current_user.roles:
return ErrorModel('No Privilege: Must be Customer').json()
data = request.get_json()
station = data.get('station')
username = current_user.id
callProcedure('cus_select_location', [username, station])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
return SuccessModel({}).json()
def api_customer_orderHistory():
if not hasattr(current_user, 'roles') or 'Customer' not in current_user.roles:
return ErrorModel('No Privilege: Must be Customer').json()
username = current_user.id
callProcedure('cus_order_history', [username])
ret = select('cus_order_history_result', '1 = 1', '*')['data']
cleanDecimal(ret, 'orderTotal', 2)
formatDate(ret, 'date')
formatOrderID(ret, 'orderID')
return SuccessModel(ret).json()
def api_customer_currentInformation():
if not hasattr(current_user, 'roles') or 'Customer' not in current_user.roles:
return ErrorModel('No Privilege: Must be Customer').json()
username = current_user.id
ret = {}
callProcedure('cus_current_information_basic', [username])
ret['basic'] = select('cus_current_information_basic_result', '1 = 1', '*')['data']
cleanDecimal(ret['basic'], 'balance', 2)
callProcedure('cus_current_information_foodTruck', [username])
ret['foodTrucks'] = select('cus_current_information_foodTruck_result', '1 = 1', '*')['data']
return SuccessModel(ret).json()
def api_admin_deleteBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
buildingName = data.get('building')
if buildingName:
callProcedure('ad_delete_building', [buildingName])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
else:
return ErrorModel({'errno': 1}).json()
return SuccessModel({}).json()
def api_manager_summaryDetail():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
urlData = json.loads(request.args.get('data') or '{}')
foodTruckName = urlData.get('foodTruckName')
username = current_user.id
callProcedure('mn_summary_detail', [username, foodTruckName])
ret = select('mn_summary_detail_result', '1 = 1', '*')['data']
cleanDecimal(ret, 'totalPurchase', 2)
formatDate(ret, 'date')
return SuccessModel(ret).json()
def api_manager_deleteFoodTruck():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
data = request.get_json()
name = data.get('foodTruck')
if type(name) is not str:
return ErrorModel({'errno': 0}).json()
callProcedure('mn_delete_foodTruck', [name])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 1}).json()
return SuccessModel({}).json()
def api_admin_getStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = json.loads(request.args.get('data') or '{}')
buildingName = data.get('buildingName')
res = mysqlDB.select(
'SELECT `stationName` FROM `Station` WHERE `buildingName` = %s;',
(buildingName))['data']
if len(res) == 0:
return ErrorModel({'errno': 1}).json()
stationName = res[0]['stationName']
callProcedure('ad_view_station', [stationName])
res = select('ad_view_station_result', '1 = 1', '*')
return SuccessModel(
select('ad_view_station_result', '1 = 1', '*')['data'][0]).json()
def api_admin_deleteFood():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
name = data.get('name')
if not name or type(name) is not str:
return ErrorModel({'errno': 1}).json()
if not checkExist('Food', '`foodName` = %s', (name)):
return ErrorModel({'errno': 0}).json()
callProcedure('ad_delete_food', [name])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 2}).json()
return SuccessModel({}).json()
def api_customer_makeOrder():
if not hasattr(current_user,
'roles') or 'Customer' not in current_user.roles:
return ErrorModel('No Privilege: Must be Customer').json()
username = current_user.id
data = request.get_json()
foodTruck = data.get('foodTruck')
date = data.get('date')
menuItems = data.get('menuItems')
if type(foodTruck) is not str or type(date) is not str or type(
menuItems) is not list:
return ErrorModel({'errno': 0}).json()
totalPrice = 0
for menuItem in menuItems:
thisPrice = mysqlDB.select(
'SELECT price FROM MenuItem WHERE foodTruckName = %s AND foodName = %s;',
(foodTruck, menuItem['food']))['data'][0]['price']
totalPrice = totalPrice + thisPrice * menuItem['quantity']
balance = mysqlDB.select(
'SELECT balance FROM Customer WHERE username = %s;',
(username))['data'][0]['balance']
if totalPrice > balance:
return ErrorModel({'errno': 2}).json()
callProcedure('cus_order', [date, username])
currOrderIDArr = mysqlDB.select(
'SELECT MAX(orderID) AS currOrderID FROM Orders WHERE orderID NOT IN (SELECT DISTINCT orderID FROM OrderDetail);',
())['data']
if len(currOrderIDArr) == 0:
return ErrorModel({'errno': 1}).json()
currOrderID = currOrderIDArr[0]['currOrderID']
for menuItem in menuItems:
callProcedure(
'cus_add_item_to_order',
[foodTruck, menuItem['food'], menuItem['quantity'], currOrderID])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 3}).json()
return SuccessModel({}).json()
def api_user_login():
data = request.get_json()
username = data.get('username')
password = data.get('password')
if username and password:
callProcedure('login', [username, password])
if checkExist('login_result', '1 = 1', ()):
username = select('login_result', '1 = 1',
'`username`')['data'][0]['username']
user = User.get(username)
if user is None:
user = User(username, getUserRoles(username))
login_user(user)
resp = make_response(SuccessModel().json())
resp.set_cookie('user-roles', json.dumps(user.roles))
return resp
return ErrorModel('Login Failed').json()
def api_admin_getBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = json.loads(request.args.get('data') or '{}')
buildingName = data.get('buildingName')
if buildingName:
res = {}
callProcedure('ad_view_building_general', [buildingName])
res['general'] = select('ad_view_building_general_result', '1 = 1',
'*')['data'][0]
callProcedure('ad_view_building_tags', [buildingName])
res['tags'] = select('ad_view_building_tags_result', '1 = 1',
'*')['data']
return SuccessModel(res).json()
return ErrorModel({'errno': 0}).json()
def api_manager_getAvailableStation():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
data = json.loads(request.args.get('data') or '{}')
foodTruckName = data.get('foodTruckName')
callProcedure('mn_get_available_station', [foodTruckName])
data = select('mn_get_available_station_result', '1 = 1', '*')['data']
if foodTruckName:
data = tuple(
list(
mysqlDB.select(
'SELECT stationName FROM FoodTruck WHERE foodTruckName = %s;',
(foodTruckName))['data']) + list(data))
return SuccessModel(data).json()
def api_admin_createStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
stationName = data.get('name')
capacity = data.get('capacity')
sponsoredBuilding = data.get('sponsoredBuilding')
if type(stationName) is str and type(
capacity) is int and capacity > 0 and type(
sponsoredBuilding) is str:
if checkExist('Station', '`stationName` = %s', (stationName)):
return ErrorModel({'errno': 0}).json()
callProcedure('ad_create_station',
[stationName, sponsoredBuilding, capacity])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 2}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 1}).json()
def api_manager_createFoodTruck():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
username = current_user.id
data = request.get_json()
foodTruckName = data.get('name')
station = data.get('station')
staffs = data.get('assignedStaff')
menuItems = data.get('menuItems')
if not (type(foodTruckName) is str and type(station) is str
and type(staffs) is list and type(menuItems) is list):
return ErrorModel({'errno': 0}).json()
callProcedure('mn_create_foodTruck_add_station',
[foodTruckName, station, username])
for staff in staffs:
callProcedure('mn_create_foodTruck_add_staff', [foodTruckName, staff])
for menuItem in menuItems:
callProcedure(
'mn_create_foodTruck_add_menu_item',
[foodTruckName,
float(menuItem['price']), menuItem['food']])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 1}).json()
return SuccessModel({}).json()
def api_admin_deleteStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
buildingName = data.get('building')
res = mysqlDB.select(
'SELECT `stationName` FROM `Station` WHERE `buildingName` = %s;',
(buildingName))['data']
if len(res) == 0:
return ErrorModel({'errno': 2}).json()
stationName = res[0]['stationName']
if stationName:
callProcedure('ad_delete_station', [stationName])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
else:
return ErrorModel({'errno': 1}).json()
return SuccessModel({}).json()
def api_manager_foodTruckSummary():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
urlData = json.loads(request.args.get('data') or '{}')
username = current_user.id
foodTruckName = urlData.get('foodTruckName')
stationName = urlData.get('stationName')
dateRange = urlData.get('dateRange')
dateFrom = None
dateTo = None
if dateRange:
dateFrom = dateRange.get('dateFrom')
dateTo = dateRange.get('dateTo')
sortBy = urlData.get('sortBy')
asc = urlData.get('asc')
if sortBy:
if not (asc == True):
asc = 'DESC'
else:
asc = 'ASC'
else:
asc = None
ret = {}
callProcedure(
'mn_filter_summary',
[username, foodTruckName, stationName, dateFrom, dateTo, sortBy, asc])
ret['table'] = select('mn_filter_summary_result', '1 = 1', '*')['data']
cleanDecimal(ret['table'], 'totalRevenue', 2)
callProcedure('mn_get_station', [username])
ret['stationList'] = select('mn_get_station_result', '1 = 1', '*')['data']
return SuccessModel(ret).json()
def api_admin_manageBuildingAndStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = json.loads(request.args.get('data') or '{}')
buildingName = data.get('buildingName')
buildingTag = data.get('buildingTag')
stationName = data.get('stationName')
capacity = data.get('capacity')
low = None
high = None
if capacity:
low = capacity.get('low')
high = capacity.get('high')
callProcedure('ad_filter_building_station',
[buildingName, buildingTag, stationName, low, high])
ret = {}
ret['table'] = select('ad_filter_building_station_result', '1 = 1',
'*')['data']
ret['buildingList'] = select('Building', '1 = 1', 'buildingName')['data']
ret['stationList'] = select('Station', '1 = 1', 'stationName')['data']
cleanDecimal(ret['table'], 'capacity', 0)
return SuccessModel(ret).json()
def api_user_regiser():
data = request.get_json()
username = data.get('username')
password = data.get('password')
firstName = data.get('firstName')
lastName = data.get('lastName')
email = data.get('email')
balance = data.get('balance')
employeeType = data.get('employeeType')
# call register procedure
callProcedure('register', [
username, email, firstName, lastName, password, balance, employeeType
])
roles = getUserRoles(username)
err_no = (select('err_msg', '1 = 1', '`err`')['data'][0]['err'])
if err_no == 0:
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 3}).json()
return SuccessModel({'roles': roles}).json()
return ErrorModel({'errno': int(err_no - 1)}).json()
def api_admin_createBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
name = data.get('name')
description = data.get('description')
tags = data.get('tags')
if name and description is not None and tags and len(tags) > 0:
if not checkExist('Building', '`buildingName` = %s', (name)):
callProcedure('ad_create_building', [name, description])
for tag in tags:
if not checkExist('BuildingTag',
'`buildingName` = %s AND `tag` = %s',
(name, tag)):
callProcedure('ad_add_building_tag', [name, tag])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 2}).json()
return ErrorModel({'errno': 1}).json()
def api_manager_updateFoodTruck():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
username = current_user.id
data = request.get_json()
foodTruckName = data.get('name')
oldFoodTruckName = data.get('oldName')
station = data.get('station')
staffs = data.get('assignedStaff')
menuItems = data.get('menuItems')
if not (type(foodTruckName) is str and type(oldFoodTruckName) is str
and type(station) is str and type(staffs) is list
and type(menuItems) is list):
return ErrorModel({'errno': 0}).json()
mysqlDB.modify(
'UPDATE FoodTruck SET foodTruckName = %s WHERE foodTruckName = %s;',
(foodTruckName, oldFoodTruckName))
callProcedure('mn_update_foodTruck_station', [foodTruckName, station])
mysqlDB.modify(
'UPDATE Staff SET foodTruckName = NULL WHERE foodTruckName = %s;',
(foodTruckName))
for staff in staffs:
callProcedure('mn_update_foodTruck_staff', [foodTruckName, staff])
for menuItem in menuItems:
if not checkExist('MenuItem', 'foodName = %s AND foodTruckName = %s',
[menuItem['food'], foodTruckName]):
callProcedure(
'mn_create_foodTruck_add_menu_item',
[foodTruckName,
float(menuItem['price']), menuItem['food']])
else:
callProcedure(
'mn_update_foodTruck_menu_item',
[foodTruckName,
float(menuItem['price']), menuItem['food']])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 1}).json()
return SuccessModel({}).json()
