def addRestaurantMenuItem(restaurant_id): '''Serve form to add a restaurant menu item to a restaurant's menu ''' restaurant = DataManager.getRestaurant(restaurant_id) if restaurant.user_id != login_session['user_id']: flash("You do not have permission to add an item to "+\ " this restaurant's menu") return redirect(url_for('restaurantMenu', restaurant_id=restaurant.id)) client_login_session = getClientLoginSession() baseMenuItems = DataManager.getBaseMenuItems() for item in baseMenuItems: pic = DataManager.getPicture(item.picture_id) item.picText = pic.text item.picServeType = pic.serve_type menuSections = DataManager.getMenuSections() # display nicely for item in baseMenuItems: item.price = Decimal(item.price).quantize(Decimal('0.01')) if request.method == 'POST': if isCSRFAttack(request.form['hiddenToken']): return redirect(url_for('restaurantManagerIndex')) validBaseMenuItemIDs = {} for item in baseMenuItems: validBaseMenuItemIDs[str(item.id)] = True baseMenuItem_id = validateUserInput(request.form['baseMenuItemID'], 'baseMenuItem_id', 'create', 'restaurant menu item', columnNameForMsg='base menu item', validInputs=validBaseMenuItemIDs, required=True) if baseMenuItem_id is None: return redirect( url_for('restaurantMenu', restaurant_id=restaurant_id)) baseMenuItem = DataManager.\ getBaseMenuItem(baseMenuItem_id=baseMenuItem_id) # if a field is provided, use it, else use the base menu item's attr if request.form['name']: name = validateUserInput(request.form['name'], 'name', 'create', 'restaurant menu item', maxlength=80, required=True) if name is None: return redirect( url_for('restaurantMenu', restaurant_id=restaurant_id)) else: name = baseMenuItem.name if request.form['description']: description = validateUserInput(request.form['description'], 'description', 'create', 'restaurant menu item', maxlength=250, required=True) if description is None: return redirect( url_for('restaurantMenu', restaurant_id=restaurant_id)) else: description = baseMenuItem.description if request.form['price']: price = validateUserInput(request.form['price'], 'price', 'create', 'restaurant menu item', maxlength=20, required=True, priceFormat=True) if price is None: return redirect( url_for('restaurantMenu', restaurant_id=restaurant_id)) else: price = baseMenuItem.price if request.files['pictureFile'] or request.form['pictureLink']: providedPic = validateUserPicture( 'create', 'restaurant menu item', file=request.files['pictureFile'], link=request.form['pictureLink'], maxlength=300, required=True) if providedPic is None: return redirect( url_for('restaurantMenu', restaurant_id=restaurant_id)) else: picture_id = DataManager.\ addPicture(text=providedPic['text'], serve_type=providedPic['serve_type']) else: picture_id = baseMenuItem.picture_id validMenuSectionIDs = {} for menuSection in menuSections: validMenuSectionIDs[str(menuSection.id)] = True # if this is somehow None, # the add function defaults to base item's attr menuSection_id = validateUserInput(request.form['menuSectionID'], 'menuSection_id', 'create', 'restaurant menu item', columnNameForMsg='menu section', validInputs=validMenuSectionIDs, required=True) restaurantMenuItem_id = DataManager.\ addRestaurantMenuItem(name=name, restaurant_id=restaurant_id, description=description, price=price, baseMenuItem_id=baseMenuItem_id, picture_id=picture_id, menuSection_id=menuSection_id) # if pic was uploaded, now that we know item id, # save actual file for serving and set the name in the database if (request.files['pictureFile'] and providedPic['serve_type'] == 'upload'): picfilename = 'restaurantMenuItem' + str(restaurantMenuItem_id) request.files['pictureFile'].save(os.path.\ join(app.config['UPLOAD_FOLDER'], picfilename)) DataManager.editPicture(picture_id=picture_id, newText=picfilename) flash("menu item '" + name + "' added to the menu!") return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: return render_template('AddRestaurantMenuItem.html', restaurant=restaurant, baseMenuItems=baseMenuItems, menuSections=menuSections, hiddenToken=login_session['state'], client_login_session=client_login_session)
def editRestaurantMenuItem(restaurant_id, restaurantMenuItem_id): '''Serve a form to edit a restaurant menu item ''' restaurant = DataManager.getRestaurant(restaurant_id) if restaurant.user_id != login_session['user_id']: flash("You do not have permission to edit this item") return redirect(url_for('restaurantMenu', restaurant_id=restaurant.id)) client_login_session = getClientLoginSession() user_id = restaurant.user_id restaurantMenuItem = DataManager.\ getRestaurantMenuItem(restaurantMenuItem_id) restaurantMenuItem.price = Decimal(restaurantMenuItem.price).\ quantize(Decimal('0.01')) picture = DataManager.getPicture(restaurantMenuItem.picture_id) menuSections = DataManager.getMenuSections() if request.method == 'POST': if isCSRFAttack(request.form['hiddenToken']): return redirect(url_for('restaurantManagerIndex')) oldName = restaurantMenuItem.name oldDescription = restaurantMenuItem.description oldPrice = restaurantMenuItem.price oldMenuSection_id = restaurantMenuItem.menuSection_id oldPicture = picture newName = validateUserInput(request.form['name'], 'name', 'edit', 'restaurant menu item', maxlength=80, oldInput=oldName) newDescription = validateUserInput(request.form['description'], 'description', 'edit', 'restaurant menu item', maxlength=250, oldInput=oldDescription) newPrice = validateUserInput(request.form['price'], 'price', 'edit', 'restaurant menu item', maxlength=20, oldInput=oldPrice, priceFormat=True) validMenuSectionIDs = {} for menuSection in menuSections: validMenuSectionIDs[str(menuSection.id)] = True # for 'do not change' validMenuSectionIDs['-1'] = True newMenuSection_id = validateUserInput(request.form['menuSection'], 'menuSection_id', 'edit', 'restaurant menu item', columnNameForMsg='menu section', oldInput=str(oldMenuSection_id), validInputs=validMenuSectionIDs) if newMenuSection_id == '-1': newMenuSection_id = None providedPic = validateUserPicture('edit', 'restaurant menu item', file=request.files['pictureFile'], link=request.form['pictureLink'], maxlength=300) if providedPic is not None: # delete the old pic if it was an upload and new is a link # or save the new pic if it was an upload if (providedPic['serve_type'] == 'link' and oldPicture.serve_type == 'upload'): path = app.config['UPLOAD_FOLDER'] + '/' + oldPicture.text os.remove(path) flash("deleted old uploaded pic") elif providedPic['serve_type'] == 'upload': picfilename = 'restaurantMenuItem' + \ str(restaurantMenuItem_id) request.files['pictureFile'].save(os.path.\ join(app.config['UPLOAD_FOLDER'], picfilename)) providedPic['text'] = picfilename # edit the pic DataManager.editPicture(restaurantMenuItem.picture_id, newText=providedPic['text'], newServe_Type=providedPic['serve_type']) flash("updated restaurant menu item picture") # we edited the pic directly, no need to include here DataManager.editRestaurantMenuItem(restaurantMenuItem.id, newName=newName, newDescription=newDescription, newPrice=newPrice, newMenuSection_id=newMenuSection_id) if newName is not None: flash("changed restaurant menu item " + \ str(restaurantMenuItem.id) + \ "'s name from '" + oldName + "' to '" + newName + "'") if newDescription is not None: flash("changed restaurant menu item " + \ str(restaurantMenuItem.id) + \ "'s description from '"+ oldDescription + "' to '" + \ newDescription + "'") if newPrice is not None: flash("changed restaurant menu item " + \ str(restaurantMenuItem.id) + \ "'s price from '" + str(oldPrice) + "' to '" + \ str(newPrice) + "'") if newMenuSection_id is not None: flash("changed the restaurant menu item's menu section") return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: return render_template('EditRestaurantMenuItem.html', restaurant=restaurant, restaurantMenuItem=restaurantMenuItem, menuSections=menuSections, hiddenToken=login_session['state'], picture=picture, client_login_session=client_login_session)
def menuSectionsJSON(): '''JSON endpoint for menu sections ''' menuSections = DataManager.getMenuSections() return jsonify(MenuSections=[i.serialize for i in menuSections])
def editBaseMenuItem(cuisine_id, baseMenuItem_id): '''Serve form to edit a base menu item ''' client_login_session = getClientLoginSession() baseMenuItem = DataManager.\ getBaseMenuItem(baseMenuItem_id=baseMenuItem_id) cuisine = DataManager.getCuisine(cuisine_id=cuisine_id) baseMenuItem.price = Decimal(baseMenuItem.price).quantize(Decimal('0.01')) picture = DataManager.getPicture(baseMenuItem.picture_id) menuSections = DataManager.getMenuSections() if request.method == 'POST': if isCSRFAttack(request.form['hiddenToken']): return redirect(url_for('restaurantManagerIndex')) oldName = baseMenuItem.name oldDescription = baseMenuItem.description oldPrice = baseMenuItem.price oldPicture = picture oldMenuSection_id = baseMenuItem.menuSection_id newName = validateUserInput(request.form['name'], 'name', 'edit', 'base menu item', maxlength=80, unique=True, oldInput=oldName) newDescription = validateUserInput(request.form['description'], 'description', 'edit', 'base menu item', maxlength=250, oldInput=oldDescription) newPrice = validateUserInput(request.form['price'], 'price', 'edit', 'base menu item', maxlength=20, priceFormat=True, oldInput=str(oldPrice)) validMenuSectionIDs = {} for menuSection in menuSections: validMenuSectionIDs[str(menuSection.id)] = True # for 'do not change' validMenuSectionIDs['-1'] = True newMenuSection_id = validateUserInput(request.form['menuSection'], 'menuSection_id', 'edit', 'base menu item', columnNameForMsg='menu section', oldInput=str(oldMenuSection_id), validInputs=validMenuSectionIDs) if newMenuSection_id == '-1': newMenuSection_id = None providedPic = validateUserPicture('edit', 'base menu item', file=request.files['pictureFile'], link=request.form['pictureLink'], maxlength=300) if providedPic is not None: # delete the old pic if it was an upload and new is a link # or save the new pic if it was an upload if (providedPic['serve_type'] == 'link' and oldPicture.serve_type == 'upload'): path = app.config['UPLOAD_FOLDER']+'/'+oldPicture.text os.remove(path) flash("deleted old uploaded pic") elif providedPic['serve_type'] == 'upload': picfilename = 'baseMenuItem' + str(baseMenuItem_id) request.files['pictureFile'].save(os.path.\ join(app.config['UPLOAD_FOLDER'], picfilename)) providedPic['text'] = picfilename # edit the pic DataManager.editPicture(baseMenuItem.picture_id, newText=providedPic['text'], newServe_Type=providedPic['serve_type']) flash("updated base menu item picture") # we edited the pic directly, no need to include here DataManager.editBaseMenuItem(baseMenuItem.id, newName=newName, newDescription=newDescription, newPrice=newPrice, newMenuSection_id=newMenuSection_id) if newName is not None: flash("changed name from '"+oldName+"' to '"+newName+"'") if newDescription is not None: flash("changed description from '"+ oldDescription + "' to '" + \ newDescription + "'") if newPrice is not None: flash("changed price from '" + str(oldPrice) + "' to '" + \ str(newPrice) + "'") if newMenuSection_id is not None: flash("changed menu section") return redirect(url_for('baseMenuItem', cuisine_id=cuisine_id, baseMenuItem_id=baseMenuItem_id)) else: return render_template("EditBaseMenuItem.html", baseMenuItem=baseMenuItem, cuisine=cuisine, hiddenToken=login_session['state'], picture=picture, menuSections=menuSections, client_login_session=client_login_session)
def addBaseMenuItem(cuisine_id): '''Serve form to add a base menu item ''' client_login_session = getClientLoginSession() cuisine = DataManager.getCuisine(cuisine_id=cuisine_id) menuSections = DataManager.getMenuSections() if request.method == 'POST': if isCSRFAttack(request.form['hiddenToken']): return redirect(url_for('restaurantManagerIndex')) name = validateUserInput(request.form['name'], 'name', 'create', 'base menu item', maxlength=80, required=True, unique=True, tableName='BaseMenuItem') if name is None: return redirect(url_for('cuisine', cuisine_id=cuisine.id)) description = \ validateUserInput(request.form['description'], 'description', 'create', 'base menu item', maxlength=250, required=True) if description is None: return redirect(url_for('cuisine', cuisine_id=cuisine.id)) price = validateUserInput(request.form['price'], 'price', 'create', 'base menu item', maxlength=20, required=True, priceFormat=True) if price is None: return redirect(url_for('cuisine', cuisine_id=cuisine.id)) validMenuSectionIDs = {} for menuSection in menuSections: validMenuSectionIDs[str(menuSection.id)] = True menuSection_id = validateUserInput(request.form['menuSection'], 'menuSection_id', 'create', 'base menu item', columnNameForMsg='menu section', required=True, validInputs=validMenuSectionIDs) if menuSection_id is None: return redirect(url_for('cuisine', cuisine_id=cuisine.id)) providedPic = validateUserPicture('create', 'base menu item', file=request.files['pictureFile'], link=request.form['pictureLink'], maxlength=300, required=True) if providedPic is None: return redirect(url_for('cuisine', cuisine_id=cuisine.id)) picture_id = DataManager.addPicture(text=providedPic['text'], serve_type=providedPic['serve_type']) baseMenuItem_id = DataManager.\ addBaseMenuItem(name, cuisine_id, description=description, price=price, menuSection_id=menuSection_id, picture_id=picture_id) # if pic was uploaded, now that we know item id, # save actual file for serving and set the name in the database if providedPic['serve_type'] == 'upload': picfilename = 'baseMenuItem' + str(baseMenuItem_id) request.files['pictureFile'].save(os.path.\ join(app.config['UPLOAD_FOLDER'], picfilename)) DataManager.editPicture(picture_id=picture_id, newText=picfilename) flash("added '" + name + "' to " + cuisine.name + \ "'s base menu") return redirect(url_for('cuisine', cuisine_id=cuisine.id)) else: return render_template('AddBaseMenuItem.html', cuisine=cuisine, menuSections=menuSections, hiddenToken=login_session['state'], client_login_session=client_login_session)
def addRestaurantMenuItem(restaurant_id): '''Serve form to add a restaurant menu item to a restaurant's menu ''' restaurant = DataManager.getRestaurant(restaurant_id) if restaurant.user_id != login_session['user_id']: flash("You do not have permission to add an item to "+\ " this restaurant's menu") return redirect(url_for('restaurantMenu', restaurant_id=restaurant.id)) client_login_session = getClientLoginSession() baseMenuItems = DataManager.getBaseMenuItems() for item in baseMenuItems: pic = DataManager.getPicture(item.picture_id) item.picText = pic.text item.picServeType = pic.serve_type menuSections = DataManager.getMenuSections() # display nicely for item in baseMenuItems: item.price = Decimal(item.price).quantize(Decimal('0.01')) if request.method == 'POST': if isCSRFAttack(request.form['hiddenToken']): return redirect(url_for('restaurantManagerIndex')) validBaseMenuItemIDs = {} for item in baseMenuItems: validBaseMenuItemIDs[str(item.id)] = True baseMenuItem_id = validateUserInput(request.form['baseMenuItemID'], 'baseMenuItem_id', 'create', 'restaurant menu item', columnNameForMsg='base menu item', validInputs=validBaseMenuItemIDs, required=True) if baseMenuItem_id is None: return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) baseMenuItem = DataManager.\ getBaseMenuItem(baseMenuItem_id=baseMenuItem_id) # if a field is provided, use it, else use the base menu item's attr if request.form['name']: name = validateUserInput(request.form['name'], 'name', 'create', 'restaurant menu item', maxlength=80, required=True) if name is None: return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: name = baseMenuItem.name if request.form['description']: description = validateUserInput(request.form['description'], 'description', 'create', 'restaurant menu item', maxlength=250, required=True) if description is None: return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: description = baseMenuItem.description if request.form['price']: price = validateUserInput(request.form['price'], 'price', 'create', 'restaurant menu item', maxlength=20, required=True, priceFormat=True) if price is None: return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: price = baseMenuItem.price if request.files['pictureFile'] or request.form['pictureLink']: providedPic = validateUserPicture('create', 'restaurant menu item', file=request.files['pictureFile'], link=request.form['pictureLink'], maxlength=300, required=True) if providedPic is None: return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: picture_id = DataManager.\ addPicture(text=providedPic['text'], serve_type=providedPic['serve_type']) else: picture_id = baseMenuItem.picture_id validMenuSectionIDs = {} for menuSection in menuSections: validMenuSectionIDs[str(menuSection.id)] = True # if this is somehow None, # the add function defaults to base item's attr menuSection_id = validateUserInput(request.form['menuSectionID'], 'menuSection_id', 'create', 'restaurant menu item', columnNameForMsg='menu section', validInputs=validMenuSectionIDs, required=True) restaurantMenuItem_id = DataManager.\ addRestaurantMenuItem(name=name, restaurant_id=restaurant_id, description=description, price=price, baseMenuItem_id=baseMenuItem_id, picture_id=picture_id, menuSection_id=menuSection_id) # if pic was uploaded, now that we know item id, # save actual file for serving and set the name in the database if (request.files['pictureFile'] and providedPic['serve_type'] == 'upload'): picfilename = 'restaurantMenuItem' + str(restaurantMenuItem_id) request.files['pictureFile'].save(os.path.\ join(app.config['UPLOAD_FOLDER'], picfilename)) DataManager.editPicture(picture_id=picture_id, newText=picfilename) flash("menu item '" + name + "' added to the menu!") return redirect(url_for('restaurantMenu', restaurant_id=restaurant_id)) else: return render_template('AddRestaurantMenuItem.html', restaurant=restaurant, baseMenuItems=baseMenuItems, menuSections=menuSections, hiddenToken=login_session['state'], client_login_session=client_login_session)