def addRestaurantMenuItem(restaurant_id):
'''Serve form to add a restaurant menu item to a restaurant's menu
'''
restaurant = DataManager.getRestaurant(restaurant_id)
if restaurant.user_id != login_session['user_id']:
flash("You do not have permission to add an item to "+\
" this restaurant's menu")
return redirect(url_for('restaurantMenu', restaurant_id=restaurant.id))
client_login_session = getClientLoginSession()
baseMenuItems = DataManager.getBaseMenuItems()
for item in baseMenuItems:
pic = DataManager.getPicture(item.picture_id)
item.picText = pic.text
item.picServeType = pic.serve_type
menuSections = DataManager.getMenuSections()
# display nicely
for item in baseMenuItems:
item.price = Decimal(item.price).quantize(Decimal('0.01'))
if request.method == 'POST':
if isCSRFAttack(request.form['hiddenToken']):
return redirect(url_for('restaurantManagerIndex'))
validBaseMenuItemIDs = {}
for item in baseMenuItems:
validBaseMenuItemIDs[str(item.id)] = True
baseMenuItem_id = validateUserInput(request.form['baseMenuItemID'],
'baseMenuItem_id',
'create',
'restaurant menu item',
columnNameForMsg='base menu item',
validInputs=validBaseMenuItemIDs,
required=True)
if baseMenuItem_id is None:
return redirect(
url_for('restaurantMenu', restaurant_id=restaurant_id))
baseMenuItem = DataManager.\
getBaseMenuItem(baseMenuItem_id=baseMenuItem_id)
# if a field is provided, use it, else use the base menu item's attr
if request.form['name']:
name = validateUserInput(request.form['name'],
'name',
'create',
'restaurant menu item',
maxlength=80,
required=True)
if name is None:
return redirect(
url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
name = baseMenuItem.name
if request.form['description']:
description = validateUserInput(request.form['description'],
'description',
'create',
'restaurant menu item',
maxlength=250,
required=True)
if description is None:
return redirect(
url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
description = baseMenuItem.description
if request.form['price']:
price = validateUserInput(request.form['price'],
'price',
'create',
'restaurant menu item',
maxlength=20,
required=True,
priceFormat=True)
if price is None:
return redirect(
url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
price = baseMenuItem.price
if request.files['pictureFile'] or request.form['pictureLink']:
providedPic = validateUserPicture(
'create',
'restaurant menu item',
file=request.files['pictureFile'],
link=request.form['pictureLink'],
maxlength=300,
required=True)
if providedPic is None:
return redirect(
url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
picture_id = DataManager.\
addPicture(text=providedPic['text'],
serve_type=providedPic['serve_type'])
else:
picture_id = baseMenuItem.picture_id
validMenuSectionIDs = {}
for menuSection in menuSections:
validMenuSectionIDs[str(menuSection.id)] = True
# if this is somehow None,
# the add function defaults to base item's attr
menuSection_id = validateUserInput(request.form['menuSectionID'],
'menuSection_id',
'create',
'restaurant menu item',
columnNameForMsg='menu section',
validInputs=validMenuSectionIDs,
required=True)
restaurantMenuItem_id = DataManager.\
addRestaurantMenuItem(name=name, restaurant_id=restaurant_id,
description=description, price=price,
baseMenuItem_id=baseMenuItem_id, picture_id=picture_id,
menuSection_id=menuSection_id)
# if pic was uploaded, now that we know item id,
# save actual file for serving and set the name in the database
if (request.files['pictureFile']
and providedPic['serve_type'] == 'upload'):
picfilename = 'restaurantMenuItem' + str(restaurantMenuItem_id)
request.files['pictureFile'].save(os.path.\
join(app.config['UPLOAD_FOLDER'], picfilename))
DataManager.editPicture(picture_id=picture_id, newText=picfilename)
flash("menu item '" + name + "' added to the menu!")
return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
return render_template('AddRestaurantMenuItem.html',
restaurant=restaurant,
baseMenuItems=baseMenuItems,
menuSections=menuSections,
hiddenToken=login_session['state'],
client_login_session=client_login_session)
def editRestaurantMenuItem(restaurant_id, restaurantMenuItem_id):
'''Serve a form to edit a restaurant menu item
'''
restaurant = DataManager.getRestaurant(restaurant_id)
if restaurant.user_id != login_session['user_id']:
flash("You do not have permission to edit this item")
return redirect(url_for('restaurantMenu', restaurant_id=restaurant.id))
client_login_session = getClientLoginSession()
user_id = restaurant.user_id
restaurantMenuItem = DataManager.\
getRestaurantMenuItem(restaurantMenuItem_id)
restaurantMenuItem.price = Decimal(restaurantMenuItem.price).\
quantize(Decimal('0.01'))
picture = DataManager.getPicture(restaurantMenuItem.picture_id)
menuSections = DataManager.getMenuSections()
if request.method == 'POST':
if isCSRFAttack(request.form['hiddenToken']):
return redirect(url_for('restaurantManagerIndex'))
oldName = restaurantMenuItem.name
oldDescription = restaurantMenuItem.description
oldPrice = restaurantMenuItem.price
oldMenuSection_id = restaurantMenuItem.menuSection_id
oldPicture = picture
newName = validateUserInput(request.form['name'],
'name',
'edit',
'restaurant menu item',
maxlength=80,
oldInput=oldName)
newDescription = validateUserInput(request.form['description'],
'description',
'edit',
'restaurant menu item',
maxlength=250,
oldInput=oldDescription)
newPrice = validateUserInput(request.form['price'],
'price',
'edit',
'restaurant menu item',
maxlength=20,
oldInput=oldPrice,
priceFormat=True)
validMenuSectionIDs = {}
for menuSection in menuSections:
validMenuSectionIDs[str(menuSection.id)] = True
# for 'do not change'
validMenuSectionIDs['-1'] = True
newMenuSection_id = validateUserInput(request.form['menuSection'],
'menuSection_id',
'edit',
'restaurant menu item',
columnNameForMsg='menu section',
oldInput=str(oldMenuSection_id),
validInputs=validMenuSectionIDs)
if newMenuSection_id == '-1':
newMenuSection_id = None
providedPic = validateUserPicture('edit',
'restaurant menu item',
file=request.files['pictureFile'],
link=request.form['pictureLink'],
maxlength=300)
if providedPic is not None:
# delete the old pic if it was an upload and new is a link
# or save the new pic if it was an upload
if (providedPic['serve_type'] == 'link'
and oldPicture.serve_type == 'upload'):
path = app.config['UPLOAD_FOLDER'] + '/' + oldPicture.text
os.remove(path)
flash("deleted old uploaded pic")
elif providedPic['serve_type'] == 'upload':
picfilename = 'restaurantMenuItem' + \
str(restaurantMenuItem_id)
request.files['pictureFile'].save(os.path.\
join(app.config['UPLOAD_FOLDER'], picfilename))
providedPic['text'] = picfilename
# edit the pic
DataManager.editPicture(restaurantMenuItem.picture_id,
newText=providedPic['text'],
newServe_Type=providedPic['serve_type'])
flash("updated restaurant menu item picture")
# we edited the pic directly, no need to include here
DataManager.editRestaurantMenuItem(restaurantMenuItem.id,
newName=newName,
newDescription=newDescription,
newPrice=newPrice,
newMenuSection_id=newMenuSection_id)
if newName is not None:
flash("changed restaurant menu item " + \
str(restaurantMenuItem.id) + \
"'s name from '" + oldName + "' to '" + newName + "'")
if newDescription is not None:
flash("changed restaurant menu item " + \
str(restaurantMenuItem.id) + \
"'s description from '"+ oldDescription + "' to '" + \
newDescription + "'")
if newPrice is not None:
flash("changed restaurant menu item " + \
str(restaurantMenuItem.id) + \
"'s price from '" + str(oldPrice) + "' to '" + \
str(newPrice) + "'")
if newMenuSection_id is not None:
flash("changed the restaurant menu item's menu section")
return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id))
else:
return render_template('EditRestaurantMenuItem.html',
restaurant=restaurant,
restaurantMenuItem=restaurantMenuItem,
menuSections=menuSections,
hiddenToken=login_session['state'],
picture=picture,
client_login_session=client_login_session)
def menuSectionsJSON():
'''JSON endpoint for menu sections
'''
menuSections = DataManager.getMenuSections()
return jsonify(MenuSections=[i.serialize for i in menuSections])
def editBaseMenuItem(cuisine_id, baseMenuItem_id):
'''Serve form to edit a base menu item
'''
client_login_session = getClientLoginSession()
baseMenuItem = DataManager.\
getBaseMenuItem(baseMenuItem_id=baseMenuItem_id)
cuisine = DataManager.getCuisine(cuisine_id=cuisine_id)
baseMenuItem.price = Decimal(baseMenuItem.price).quantize(Decimal('0.01'))
picture = DataManager.getPicture(baseMenuItem.picture_id)
menuSections = DataManager.getMenuSections()
if request.method == 'POST':
if isCSRFAttack(request.form['hiddenToken']):
return redirect(url_for('restaurantManagerIndex'))
oldName = baseMenuItem.name
oldDescription = baseMenuItem.description
oldPrice = baseMenuItem.price
oldPicture = picture
oldMenuSection_id = baseMenuItem.menuSection_id
newName = validateUserInput(request.form['name'], 'name',
'edit', 'base menu item', maxlength=80,
unique=True, oldInput=oldName)
newDescription = validateUserInput(request.form['description'],
'description', 'edit', 'base menu item', maxlength=250,
oldInput=oldDescription)
newPrice = validateUserInput(request.form['price'], 'price',
'edit', 'base menu item', maxlength=20,
priceFormat=True, oldInput=str(oldPrice))
validMenuSectionIDs = {}
for menuSection in menuSections:
validMenuSectionIDs[str(menuSection.id)] = True
# for 'do not change'
validMenuSectionIDs['-1'] = True
newMenuSection_id = validateUserInput(request.form['menuSection'],
'menuSection_id', 'edit', 'base menu item',
columnNameForMsg='menu section',
oldInput=str(oldMenuSection_id),
validInputs=validMenuSectionIDs)
if newMenuSection_id == '-1':
newMenuSection_id = None
providedPic = validateUserPicture('edit', 'base menu item',
file=request.files['pictureFile'],
link=request.form['pictureLink'], maxlength=300)
if providedPic is not None:
# delete the old pic if it was an upload and new is a link
# or save the new pic if it was an upload
if (providedPic['serve_type'] == 'link' and
oldPicture.serve_type == 'upload'):
path = app.config['UPLOAD_FOLDER']+'/'+oldPicture.text
os.remove(path)
flash("deleted old uploaded pic")
elif providedPic['serve_type'] == 'upload':
picfilename = 'baseMenuItem' + str(baseMenuItem_id)
request.files['pictureFile'].save(os.path.\
join(app.config['UPLOAD_FOLDER'], picfilename))
providedPic['text'] = picfilename
# edit the pic
DataManager.editPicture(baseMenuItem.picture_id,
newText=providedPic['text'],
newServe_Type=providedPic['serve_type'])
flash("updated base menu item picture")
# we edited the pic directly, no need to include here
DataManager.editBaseMenuItem(baseMenuItem.id,
newName=newName, newDescription=newDescription,
newPrice=newPrice, newMenuSection_id=newMenuSection_id)
if newName is not None:
flash("changed name from '"+oldName+"' to '"+newName+"'")
if newDescription is not None:
flash("changed description from '"+ oldDescription + "' to '" + \
newDescription + "'")
if newPrice is not None:
flash("changed price from '" + str(oldPrice) + "' to '" + \
str(newPrice) + "'")
if newMenuSection_id is not None:
flash("changed menu section")
return redirect(url_for('baseMenuItem',
cuisine_id=cuisine_id,
baseMenuItem_id=baseMenuItem_id))
else:
return render_template("EditBaseMenuItem.html",
baseMenuItem=baseMenuItem,
cuisine=cuisine,
hiddenToken=login_session['state'],
picture=picture,
menuSections=menuSections,
client_login_session=client_login_session)
def addBaseMenuItem(cuisine_id):
'''Serve form to add a base menu item
'''
client_login_session = getClientLoginSession()
cuisine = DataManager.getCuisine(cuisine_id=cuisine_id)
menuSections = DataManager.getMenuSections()
if request.method == 'POST':
if isCSRFAttack(request.form['hiddenToken']):
return redirect(url_for('restaurantManagerIndex'))
name = validateUserInput(request.form['name'],
'name', 'create', 'base menu item', maxlength=80,
required=True, unique=True, tableName='BaseMenuItem')
if name is None:
return redirect(url_for('cuisine', cuisine_id=cuisine.id))
description = \
validateUserInput(request.form['description'],
'description', 'create', 'base menu item',
maxlength=250, required=True)
if description is None:
return redirect(url_for('cuisine', cuisine_id=cuisine.id))
price = validateUserInput(request.form['price'],
'price', 'create', 'base menu item', maxlength=20,
required=True, priceFormat=True)
if price is None:
return redirect(url_for('cuisine', cuisine_id=cuisine.id))
validMenuSectionIDs = {}
for menuSection in menuSections:
validMenuSectionIDs[str(menuSection.id)] = True
menuSection_id = validateUserInput(request.form['menuSection'],
'menuSection_id', 'create', 'base menu item',
columnNameForMsg='menu section', required=True,
validInputs=validMenuSectionIDs)
if menuSection_id is None:
return redirect(url_for('cuisine', cuisine_id=cuisine.id))
providedPic = validateUserPicture('create', 'base menu item',
file=request.files['pictureFile'],
link=request.form['pictureLink'],
maxlength=300, required=True)
if providedPic is None:
return redirect(url_for('cuisine', cuisine_id=cuisine.id))
picture_id = DataManager.addPicture(text=providedPic['text'],
serve_type=providedPic['serve_type'])
baseMenuItem_id = DataManager.\
addBaseMenuItem(name, cuisine_id, description=description,
price=price, menuSection_id=menuSection_id,
picture_id=picture_id)
# if pic was uploaded, now that we know item id,
# save actual file for serving and set the name in the database
if providedPic['serve_type'] == 'upload':
picfilename = 'baseMenuItem' + str(baseMenuItem_id)
request.files['pictureFile'].save(os.path.\
join(app.config['UPLOAD_FOLDER'], picfilename))
DataManager.editPicture(picture_id=picture_id,
newText=picfilename)
flash("added '" + name + "' to " + cuisine.name + \
"'s base menu")
return redirect(url_for('cuisine', cuisine_id=cuisine.id))
else:
return render_template('AddBaseMenuItem.html',
cuisine=cuisine,
menuSections=menuSections,
hiddenToken=login_session['state'],
client_login_session=client_login_session)
def addRestaurantMenuItem(restaurant_id):
'''Serve form to add a restaurant menu item to a restaurant's menu
'''
restaurant = DataManager.getRestaurant(restaurant_id)
if restaurant.user_id != login_session['user_id']:
flash("You do not have permission to add an item to "+\
" this restaurant's menu")
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant.id))
client_login_session = getClientLoginSession()
baseMenuItems = DataManager.getBaseMenuItems()
for item in baseMenuItems:
pic = DataManager.getPicture(item.picture_id)
item.picText = pic.text
item.picServeType = pic.serve_type
menuSections = DataManager.getMenuSections()
# display nicely
for item in baseMenuItems:
item.price = Decimal(item.price).quantize(Decimal('0.01'))
if request.method == 'POST':
if isCSRFAttack(request.form['hiddenToken']):
return redirect(url_for('restaurantManagerIndex'))
validBaseMenuItemIDs = {}
for item in baseMenuItems:
validBaseMenuItemIDs[str(item.id)] = True
baseMenuItem_id = validateUserInput(request.form['baseMenuItemID'],
'baseMenuItem_id', 'create', 'restaurant menu item',
columnNameForMsg='base menu item',
validInputs=validBaseMenuItemIDs, required=True)
if baseMenuItem_id is None:
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant_id))
baseMenuItem = DataManager.\
getBaseMenuItem(baseMenuItem_id=baseMenuItem_id)
# if a field is provided, use it, else use the base menu item's attr
if request.form['name']:
name = validateUserInput(request.form['name'], 'name', 'create',
'restaurant menu item', maxlength=80, required=True)
if name is None:
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant_id))
else:
name = baseMenuItem.name
if request.form['description']:
description = validateUserInput(request.form['description'],
'description', 'create', 'restaurant menu item',
maxlength=250, required=True)
if description is None:
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant_id))
else:
description = baseMenuItem.description
if request.form['price']:
price = validateUserInput(request.form['price'], 'price',
'create', 'restaurant menu item', maxlength=20,
required=True, priceFormat=True)
if price is None:
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant_id))
else:
price = baseMenuItem.price
if request.files['pictureFile'] or request.form['pictureLink']:
providedPic = validateUserPicture('create', 'restaurant menu item',
file=request.files['pictureFile'],
link=request.form['pictureLink'],
maxlength=300, required=True)
if providedPic is None:
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant_id))
else:
picture_id = DataManager.\
addPicture(text=providedPic['text'],
serve_type=providedPic['serve_type'])
else:
picture_id = baseMenuItem.picture_id
validMenuSectionIDs = {}
for menuSection in menuSections:
validMenuSectionIDs[str(menuSection.id)] = True
# if this is somehow None,
# the add function defaults to base item's attr
menuSection_id = validateUserInput(request.form['menuSectionID'],
'menuSection_id', 'create', 'restaurant menu item',
columnNameForMsg='menu section',
validInputs=validMenuSectionIDs, required=True)
restaurantMenuItem_id = DataManager.\
addRestaurantMenuItem(name=name, restaurant_id=restaurant_id,
description=description, price=price,
baseMenuItem_id=baseMenuItem_id, picture_id=picture_id,
menuSection_id=menuSection_id)
# if pic was uploaded, now that we know item id,
# save actual file for serving and set the name in the database
if (request.files['pictureFile'] and
providedPic['serve_type'] == 'upload'):
picfilename = 'restaurantMenuItem' + str(restaurantMenuItem_id)
request.files['pictureFile'].save(os.path.\
join(app.config['UPLOAD_FOLDER'], picfilename))
DataManager.editPicture(picture_id=picture_id,
newText=picfilename)
flash("menu item '" + name + "' added to the menu!")
return redirect(url_for('restaurantMenu',
restaurant_id=restaurant_id))
else:
return render_template('AddRestaurantMenuItem.html',
restaurant=restaurant,
baseMenuItems=baseMenuItems,
menuSections=menuSections,
hiddenToken=login_session['state'],
client_login_session=client_login_session)
def menuSectionsJSON():
'''JSON endpoint for menu sections
'''
menuSections = DataManager.getMenuSections()
return jsonify(MenuSections=[i.serialize for i in menuSections])