From 06b4eec8acbacbb1f63665b330d5110dde756a9d Mon Sep 17 00:00:00 2001
From: mahdeesharef <mahdeesharef@gmail.com>
Date: Sat, 6 Nov 2021 18:16:03 +0300
Subject: [PATCH] add solve Task 5

---
 account/migrations/0002_alter_user_options.py | 17 +++++
 commerce/controllers.py                       | 67 ++++++++++++-------
 2 files changed, 61 insertions(+), 23 deletions(-)
 create mode 100644 account/migrations/0002_alter_user_options.py

diff --git a/account/migrations/0002_alter_user_options.py b/account/migrations/0002_alter_user_options.py
new file mode 100644
index 0000000..469f409
--- /dev/null
+++ b/account/migrations/0002_alter_user_options.py
@@ -0,0 +1,17 @@
+# Generated by Django 3.2.8 on 2021-11-06 07:34
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('account', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='user',
+            options={'verbose_name': 'user', 'verbose_name_plural': 'users'},
+        ),
+    ]
diff --git a/commerce/controllers.py b/commerce/controllers.py
index a8a551a..58a6ffe 100644
--- a/commerce/controllers.py
+++ b/commerce/controllers.py
@@ -175,12 +175,12 @@ def delete_city(request, id: UUID4):
     return 204, {'detail': ''}
 
 
-@order_controller.get('cart', response={
+@order_controller.get('cart',auth=GlobalAuth(),response={
     200: List[ItemOut],
     404: MessageOut
 })
 def view_cart(request):
-    cart_items = Item.objects.filter(user=User.objects.first(), ordered=False)
+    cart_items = Item.objects.filter(user= get_object_or_404(User, id=request.auth['pk']), ordered=False)
 
     if cart_items:
         return cart_items
@@ -188,13 +188,13 @@ def view_cart(request):
     return 404, {'detail': 'Your cart is empty, go shop like crazy!'}
 
 
-@order_controller.post('add-to-cart', response={
+@order_controller.post('add-to-cart',auth=GlobalAuth(), response={
     200: MessageOut,
     # 400: MessageOut
 })
 def add_update_cart(request, item_in: ItemCreate):
     try:
-        item = Item.objects.get(product_id=item_in.product_id, user=User.objects.first())
+        item = Item.objects.get(product_id=item_in.product_id,user= get_object_or_404(User, id=request.auth['pk']))
         item.item_qty += 1
         item.save()
     except Item.DoesNotExist:
@@ -203,11 +203,11 @@ def add_update_cart(request, item_in: ItemCreate):
     return 200, {'detail': 'Added to cart successfully'}
 
 
-@order_controller.post('item/{id}/reduce-quantity', response={
+@order_controller.post('item/{id}/reduce-quantity',auth=GlobalAuth(), response={
     200: MessageOut,
 })
 def reduce_item_quantity(request, id: UUID4):
-    item = get_object_or_404(Item, id=id, user=User.objects.first())
+    item = get_object_or_404(Item, id=id,user= get_object_or_404(User, id=request.auth['pk']))
     if item.item_qty <= 1:
         item.delete()
         return 200, {'detail': 'Item deleted!'}
@@ -217,22 +217,24 @@ def reduce_item_quantity(request, id: UUID4):
     return 200, {'detail': 'Item quantity reduced successfully!'}
 
 
-@order_controller.delete('item/{id}', response={
+@order_controller.delete('item/{id}', auth=GlobalAuth(),response={
     204: MessageOut
 })
 def delete_item(request, id: UUID4):
-    item = get_object_or_404(Item, id=id, user=User.objects.first())
+    item = get_object_or_404(Item, id=id, user= get_object_or_404(User, id=request.auth['pk']))
     item.delete()
 
     return 204, {'detail': 'Item deleted!'}
 
 
-def generate_ref_code():
-    return ''.join(random.sample(string.ascii_letters + string.digits, 6))
+def create_ref_code():
+    return ''.join(random.choices(string.ascii_lowercase + string.digits, k=6))
+#def generate_ref_code():
+    #return ''.join(random.sample(string.ascii_letters + string.digits, 6))
 
 
-@order_controller.post('create-order', auth=GlobalAuth(), response=MessageOut)
-def create_order(request):
+#@order_controller.post('create-order', auth=GlobalAuth(), response=MessageOut)
+#def create_order(request):
     '''
     * add items and mark (ordered) field as True
     * add ref_number
@@ -240,18 +242,37 @@ def create_order(request):
     * calculate the total
     '''
 
-    order_qs = Order.objects.create(
-        user=User.objects.first(),
+   # order_qs = Order.objects.create(
+    #    user=User.objects.first(),
+     #   status=OrderStatus.objects.get(is_default=True),
+      #  ref_code=generate_ref_code(),
+       # ordered=False,
+    #)
+
+    #user_items = Item.objects.filter(user=User.objects.first()).filter(ordered=False)
+
+    #order_qs.items.add(*user_items)
+    #order_qs.total = order_qs.order_total
+    #user_items.update(ordered=True)
+    #order_qs.save()
+
+    #return {'detail': 'order created successfully'}
+
+
+@order_controller.post("creatOrder",auth=GlobalAuth(), response=MessageOut)
+def create_order(request):
+    
+    order_q=Order.objects.create(
+        user= get_object_or_404(User, id=request.auth['pk']),
         status=OrderStatus.objects.get(is_default=True),
-        ref_code=generate_ref_code(),
-        ordered=False,
+        ref_code=create_ref_code(),
+        ordered=False ,   
     )
 
-    user_items = Item.objects.filter(user=User.objects.first()).filter(ordered=False)
-
-    order_qs.items.add(*user_items)
-    order_qs.total = order_qs.order_total
+    user_items=Item.objects.filter(user=get_object_or_404(User, id=request.auth['pk'])).filter(ordered=False)
+   
+    order_q.items.add(*user_items)
+    order_q.total=order_q.order_total    
     user_items.update(ordered=True)
-    order_qs.save()
-
-    return {'detail': 'order created successfully'}
+    order_q.save()
+    return{'detels':'suces'}