def api_admin_updateBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
oldName = data.get('oldName')
newName = data.get('newName')
description = data.get('description')
tags = data.get('tags')
if oldName and newName and description is not None and tags and len(
tags) > 0:
if checkExist('Building', '`buildingName` = %s', (oldName)):
if oldName.lower() == newName.lower() or not checkExist(
'Building', '`buildingName` = %s', (newName)):
callProcedure('ad_update_building',
[oldName, newName, description])
# The provided stored proecedure API is different. Let's do a vinilla style!
mysqlDB.modify(
'DELETE FROM `BuildingTag` WHERE `buildingName` = %s;',
newName)
for tag in tags:
if not checkExist('BuildingTag',
'`buildingName` = %s AND `tag` = %s',
(newName, tag)):
callProcedure('ad_add_building_tag', [newName, tag])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 3}).json()
else:
return ErrorModel({'errno': 2}).json()
return ErrorModel({'errno': 1}).json()
def api_admin_updateStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
stationName = data.get('name')
capacity = data.get('capacity')
sponsoredBuilding = data.get('sponsoredBuilding')
if type(stationName) is str and type(
capacity) is int and capacity > 0 and type(
sponsoredBuilding) is str:
if not checkExist('Station', '`stationName` = %s', (stationName)):
return ErrorModel({'errno': 0}).json()
numFoodTrucks = mysqlDB.select(
'SELECT COUNT(*) AS numFoodTrucks FROM FoodTruck WHERE stationName = %s',
(stationName))['data'][0]['numFoodTrucks']
if numFoodTrucks > capacity:
return ErrorModel({'errno': 3}).json()
callProcedure('ad_update_station',
[stationName, capacity, sponsoredBuilding])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 2}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 1}).json()
def api_admin_createBuilding():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
name = data.get('name')
description = data.get('description')
tags = data.get('tags')
if name and description is not None and tags and len(tags) > 0:
if not checkExist('Building', '`buildingName` = %s', (name)):
callProcedure('ad_create_building', [name, description])
for tag in tags:
if not checkExist('BuildingTag',
'`buildingName` = %s AND `tag` = %s',
(name, tag)):
callProcedure('ad_add_building_tag', [name, tag])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 0}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 2}).json()
return ErrorModel({'errno': 1}).json()
def api_admin_deleteFood():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
name = data.get('name')
if not name or type(name) is not str:
return ErrorModel({'errno': 1}).json()
if not checkExist('Food', '`foodName` = %s', (name)):
return ErrorModel({'errno': 0}).json()
callProcedure('ad_delete_food', [name])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 2}).json()
return SuccessModel({}).json()
def api_manager_updateFoodTruck():
if not hasattr(current_user,
'roles') or 'Manager' not in current_user.roles:
return ErrorModel('No Privilege: Must be Manager').json()
username = current_user.id
data = request.get_json()
foodTruckName = data.get('name')
oldFoodTruckName = data.get('oldName')
station = data.get('station')
staffs = data.get('assignedStaff')
menuItems = data.get('menuItems')
if not (type(foodTruckName) is str and type(oldFoodTruckName) is str
and type(station) is str and type(staffs) is list
and type(menuItems) is list):
return ErrorModel({'errno': 0}).json()
mysqlDB.modify(
'UPDATE FoodTruck SET foodTruckName = %s WHERE foodTruckName = %s;',
(foodTruckName, oldFoodTruckName))
callProcedure('mn_update_foodTruck_station', [foodTruckName, station])
mysqlDB.modify(
'UPDATE Staff SET foodTruckName = NULL WHERE foodTruckName = %s;',
(foodTruckName))
for staff in staffs:
callProcedure('mn_update_foodTruck_staff', [foodTruckName, staff])
for menuItem in menuItems:
if not checkExist('MenuItem', 'foodName = %s AND foodTruckName = %s',
[menuItem['food'], foodTruckName]):
callProcedure(
'mn_create_foodTruck_add_menu_item',
[foodTruckName,
float(menuItem['price']), menuItem['food']])
else:
callProcedure(
'mn_update_foodTruck_menu_item',
[foodTruckName,
float(menuItem['price']), menuItem['food']])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 1}).json()
return SuccessModel({}).json()
def api_user_login():
data = request.get_json()
username = data.get('username')
password = data.get('password')
if username and password:
callProcedure('login', [username, password])
if checkExist('login_result', '1 = 1', ()):
username = select('login_result', '1 = 1',
'`username`')['data'][0]['username']
user = User.get(username)
if user is None:
user = User(username, getUserRoles(username))
login_user(user)
resp = make_response(SuccessModel().json())
resp.set_cookie('user-roles', json.dumps(user.roles))
return resp
return ErrorModel('Login Failed').json()
def api_admin_createStation():
if not hasattr(current_user, 'roles') or 'Admin' not in current_user.roles:
return ErrorModel('No Privilege: Must be Admin').json()
data = request.get_json()
stationName = data.get('name')
capacity = data.get('capacity')
sponsoredBuilding = data.get('sponsoredBuilding')
if type(stationName) is str and type(
capacity) is int and capacity > 0 and type(
sponsoredBuilding) is str:
if checkExist('Station', '`stationName` = %s', (stationName)):
return ErrorModel({'errno': 0}).json()
callProcedure('ad_create_station',
[stationName, sponsoredBuilding, capacity])
if not mysqlDB.tryCommit():
return ErrorModel({'errno': 2}).json()
return SuccessModel({}).json()
else:
return ErrorModel({'errno': 1}).json()