refactor(restaurants): add permissions, update views, managers and more

Author: tyronejosee

apps/restaurants/admin.py

@@ -10,6 +10,8 @@ class RestaurantAdmin(admin.ModelAdmin):
     """Admin config for Restaurant model."""
     search_fields = ["name", "user"]
     list_display = ["name", "available",]
+    list_editable = ["available"]
+    list_filter = ["specialty", "is_open"]
     list_per_page = 25
     readonly_fields = ["pk", "slug", "is_open", "created_at", "updated_at",]
     ordering = ["name",]

apps/restaurants/managers.py

@@ -0,0 +1,11 @@
+"""Managers for Restaurants App."""
+
+from django.db import models
+
+
+class RestaurantManager(models.Manager):
+    """Manager for Restaurant model."""
+
+    def get_all(self):
+        """Get all available restaurants"""
+        return self.filter(available=True)

apps/restaurants/migrations/0005_alter_restaurant_options.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.0.4 on 2024-04-23 18:46
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('restaurants', '0004_restaurant_banner'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='restaurant',
+            options={'ordering': ['pk'], 'verbose_name': 'Restaurant', 'verbose_name_plural': 'Restaurants'},
+        ),
+    ]

apps/restaurants/models.py

@@ -7,6 +7,7 @@
 from apps.utilities.paths import image_path, image_banner_path
 from apps.utilities.validators import validate_phone
 from apps.utilities.models import BaseModel
+from .managers import RestaurantManager
 from .choices import Specialty
 
 User = settings.AUTH_USER_MODEL
@@ -34,8 +35,11 @@ class Restaurant(BaseModel):
     website = models.URLField(max_length=255, blank=True)
     is_open = models.BooleanField(default=False)
 
+    objects = RestaurantManager()
+
     class Meta:
         """Meta definition for Restaurant."""
+        ordering = ["pk"]
         verbose_name = "Restaurant"
         verbose_name_plural = "Restaurants"
 

apps/restaurants/permissions.py

@@ -3,10 +3,11 @@
 from rest_framework.permissions import BasePermission, SAFE_METHODS
 
 
-class IsBusinessOwnerOrReadOnly(BasePermission):
+class IsBusinessOrReadOnly(BasePermission):
     """Permission to only allow business owners to edit the restaurant."""
 
-    def has_object_permission(self, request, view, obj):
-        if request.method in SAFE_METHODS:
-            return True
-        return request.user.role == "business"
+    def has_permission(self, request, view):
+        is_safe_method = request.method in SAFE_METHODS
+        is_business = (
+            request.user.is_authenticated and request.user.role == "business")
+        return is_safe_method or is_business

apps/restaurants/urls.py

@@ -5,7 +5,6 @@
 from .views import (
     RestaurantListAPIView, RestaurantDetailAPIView,
     RestaurantCategoriesAPIView, RestaurantFoodsAPIView,
-    RestaurantFoodDetailAPIView
 )
 
 
@@ -17,6 +16,4 @@
          RestaurantCategoriesAPIView.as_view()),
     path("api/v1/restaurants/<uuid:restaurant_id>/foods/",
          RestaurantFoodsAPIView.as_view()),
-    path("api/v1/restaurants/<uuid:restaurant_id>/foods/<uuid:food_id>",
-         RestaurantFoodDetailAPIView.as_view()),
 ]

apps/restaurants/views.py

@@ -1,101 +1,108 @@
 """Views for Restaurants App."""
 
 from django.db import transaction
-from django.http import Http404
+from django.core.cache import cache
 from django.shortcuts import get_object_or_404
 from rest_framework.views import APIView
-from rest_framework.permissions import IsAuthenticatedOrReadOnly, AllowAny
 from rest_framework.response import Response
 from rest_framework import status
 
 from apps.utilities.pagination import LargeSetPagination
 from apps.foods.models import Food
-from apps.foods.serializers import FoodSerializer, FoodMiniSerializer
+from apps.foods.serializers import FoodMiniSerializer
 from apps.categories.models import Category
+from apps.categories.serializers import CategoryListSerializer
 from .models import Restaurant
 from .serializers import RestaurantSerializer
-from .permissions import IsBusinessOwnerOrReadOnly
+from .permissions import IsBusinessOrReadOnly
 
 
 class RestaurantListAPIView(APIView):
     """APIView to list and create restaurants."""
     serializer_class = RestaurantSerializer
-    permission_classes = [IsAuthenticatedOrReadOnly]
+    permission_classes = [IsBusinessOrReadOnly]
+    cache_key = "restaurant"
+    cache_timeout = 7200  # 2 hours
 
     def get(self, request):
         # Get a list of restaurants
-        stores = Restaurant.objects.filter(available=True).order_by("id")
-        if stores.exists():
-            paginator = LargeSetPagination()
-            paginated_data = paginator.paginate_queryset(stores, request)
+        paginator = LargeSetPagination()
+        cached_data = cache.get(self.cache_key)
+
+        if cached_data is None:
+            restaurants = Restaurant.objects.get_all()
+            if not restaurants.exists():
+                return Response(
+                    {"detail": "No restaurants available."},
+                    status=status.HTTP_404_NOT_FOUND
+                )
+            # Fetches the data from the database and serializes it
+            paginated_data = paginator.paginate_queryset(restaurants, request)
             serializer = self.serializer_class(paginated_data, many=True)
-            return paginator.get_paginated_response(serializer.data)
-        return Response(
-            {"detail": "No restaurants available."},
-            status=status.HTTP_404_NOT_FOUND
-        )
+            # Set cache
+            cache.set(self.cache_key, serializer.data, self.cache_timeout)
+        else:
+            # Retrieve the cached data and serialize it
+            paginated_cached_data = paginator.paginate_queryset(
+                cached_data, request)
+            serializer = self.serializer_class(
+                paginated_cached_data, many=True)
+
+        return paginator.get_paginated_response(serializer.data)
 
     @transaction.atomic
     def post(self, request):
         # Create a new restaurant
         serializer = self.serializer_class(data=request.data)
         if serializer.is_valid():
             serializer.save()
-            return Response(
-                serializer.data,
-                status=status.HTTP_201_CREATED
-            )
-        return Response(
-            serializer.errors,
-            status=status.HTTP_400_BAD_REQUEST
-        )
+            # Invalidate cache
+            cache.delete(self.cache_key)
+            return Response(serializer.data, status=status.HTTP_201_CREATED)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
 
 
 class RestaurantDetailAPIView(APIView):
     """APIView to retrieve, update, and delete a restaurant."""
     serializer_class = RestaurantSerializer
-    permission_classes = [IsBusinessOwnerOrReadOnly]
+    permission_classes = [IsBusinessOrReadOnly]
 
     def get_object(self, restaurant_id):
         # Get a restaurant instance by id
-        try:
-            return Restaurant.objects.get(pk=restaurant_id)
-        except Restaurant.DoesNotExist:
-            raise Http404
+        return get_object_or_404(Restaurant, pk=restaurant_id)
 
     def get(self, request, restaurant_id):
         # Get details of a restaurant
-        store = self.get_object(restaurant_id)
-        serializer = self.serializer_class(store)
+        restaurant = self.get_object(restaurant_id)
+        serializer = self.serializer_class(restaurant)
         return Response(serializer.data)
 
     @transaction.atomic
     def put(self, request, restaurant_id):
         # Update a restaurant
-        store = self.get_object(restaurant_id)
-        serializer = self.serializer_class(store, data=request.data)
+        restaurant = self.get_object(restaurant_id)
+        serializer = self.serializer_class(restaurant, data=request.data)
         if serializer.is_valid():
             serializer.save()
             return Response(serializer.data)
-        return Response(
-            serializer.errors,
-            status=status.HTTP_400_BAD_REQUEST
-        )
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
 
     @transaction.atomic
     def delete(self, request, restaurant_id):
         # Delete a restaurant
-        store = self.get_object(restaurant_id)
-        store.delete()
+        restaurant = self.get_object(restaurant_id)
+        restaurant.available = False  # Logical deletion
+        restaurant.save()
         return Response(status=status.HTTP_204_NO_CONTENT)
 
 
 class RestaurantCategoriesAPIView(APIView):
-    permission_classes = [IsAuthenticatedOrReadOnly]
+    permission_classes = [IsBusinessOrReadOnly]
+    serializer_class = CategoryListSerializer
 
-    def get(self, request, restaurant_id, formate=None):
+    def get(self, request, restaurant_id, format=None):
         # Get a list of categories associated with a restaurant
-        categories = Category.filter(restaurant=restaurant_id)
+        categories = Category.objects.filter(restaurant=restaurant_id)
         if categories.exists():
             paginator = LargeSetPagination()
             paginated_data = paginator.paginate_queryset(categories, request)
@@ -108,12 +115,12 @@ def get(self, request, restaurant_id, formate=None):
 
 
 class RestaurantFoodsAPIView(APIView):
-    permission_classes = [IsAuthenticatedOrReadOnly]
+    permission_classes = [IsBusinessOrReadOnly]
 
     def get(self, request, restaurant_id, format=None):
         # Get a list of foods for a restaurant
         restaurant = get_object_or_404(Restaurant, id=restaurant_id)
-        foods = Food.objects.filter(restaurant=restaurant)
+        foods = Food.objects.get_foods_by_restaurant(restaurant)
         if foods.exists():
             paginator = LargeSetPagination()
             paginated_data = paginator.paginate_queryset(foods, request)
@@ -123,52 +130,3 @@ def get(self, request, restaurant_id, format=None):
             {"detail": "No foods available."},
             status=status.HTTP_404_NOT_FOUND
         )
-
-    @transaction.atomic
-    def post(self, request, restaurant_id, format=None):
-        # Create a new food item for a restaurant
-        restaurant = get_object_or_404(Restaurant, id=restaurant_id)
-        serializer = FoodSerializer(data=request.data)
-        if serializer.is_valid():
-            serializer.save(restaurant=restaurant)
-            return Response(
-                serializer.data,
-                status=status.HTTP_201_CREATED
-            )
-        return Response(
-            serializer.errors,
-            status=status.HTTP_400_BAD_REQUEST
-        )
-
-
-class RestaurantFoodDetailAPIView(APIView):
-    permission_classes = [AllowAny]
-
-    def get(self, request, restaurant_id, food_id, format=None):
-        # Retrieve details for a food item associated with a restaurant
-        restaurant = get_object_or_404(Restaurant, id=restaurant_id)
-        food = get_object_or_404(Food, id=food_id, restaurant=restaurant)
-        serializer = FoodSerializer(food)
-        return Response(serializer.data)
-
-    def put(self, request, restaurant_id, food_id, format=None):
-        # Update details for a food item associated with a restaurant
-        restaurant = get_object_or_404(Restaurant, id=restaurant_id)
-        food = get_object_or_404(Food, id=food_id, restaurant=restaurant)
-        serializer = FoodSerializer(food, data=request.data)
-        if serializer.is_valid():
-            serializer.save()
-            return Response(serializer.data)
-        return Response(
-            serializer.errors,
-            status=status.HTTP_400_BAD_REQUEST
-        )
-
-    def delete(self, request, restaurant_id, food_id, format=None):
-        # Delete a food item associated with a restaurant
-        restaurant = get_object_or_404(Restaurant, id=restaurant_id)
-        food = get_object_or_404(Food, id=food_id, restaurant=restaurant)
-        food.delete()
-        return Response(status=status.HTTP_204_NO_CONTENT)
-
-# TODO: Add new permission