Update menu.py

menu.py

@@ -60,6 +60,7 @@ def menu():
     first_letter = user_name[0].upper() if user_name else "A"
     user_image = session.get('user_image')
 
+    # Check if Avatar__c field exists on Customer_Login__c
     try:
         describe_result = sf.Customer_Login__c.describe()
         fields = [field['name'] for field in describe_result['fields']]
@@ -68,11 +69,13 @@ def menu():
         logger.error(f"Error describing Customer_Login__c object: {str(e)}")
         avatar_field_exists = False
 
+    # Build the SOQL query dynamically based on field availability
     query_fields = ["Id", "Referral__c", "Reward_Points__c"]
     if avatar_field_exists:
         query_fields.append("Avatar__c")
     user_query = f"SELECT {', '.join(query_fields)} FROM Customer_Login__c WHERE Email__c = '{user_email}'"
 
+    # Fetch user referral and reward points
     try:
         user_result = sf.query(user_query)
         if not user_result.get('records'):
@@ -87,10 +90,12 @@ def menu():
     referral_code = user_record.get('Referral__c', 'N/A')
     reward_points = user_record.get('Reward_Points__c', 0)
 
+    # If no session image, check Salesforce for stored avatar (if field exists)
     if not user_image and avatar_field_exists and user_record.get('Avatar__c'):
         session['user_image'] = user_record['Avatar__c']
         user_image = session['user_image']
 
+    # Get cart item count
     cart_query = f"SELECT COUNT() FROM Cart_Item__c WHERE Customer_Email__c = '{user_email}'"
     try:
         cart_count_result = sf.query(cart_query)
@@ -99,6 +104,7 @@ def menu():
         logger.error(f"Error fetching cart item count: {str(e)}")
         cart_item_count = 0
 
+    # Fetch all Menu_Item__c records with required fields
     menu_query = """
         SELECT Name, Price__c, Description__c, Image1__c, Image2__c, 
                Veg_NonVeg__c, Section__c, Total_Ordered__c, Video1__c,
@@ -112,6 +118,7 @@ def menu():
         logger.error(f"Error fetching menu items: {str(e)}")
         food_items = []
 
+    # Process menu items
     for item in food_items:
         item['Total_Ordered__c'] = item.get('Total_Ordered__c', 0) or 0
         item['Video1__c'] = get_valid_video_path(item['Name'], item.get('Video1__c'))
@@ -122,6 +129,7 @@ def menu():
         item['Allergens__c'] = item.get('Allergens__c', "None listed")
         item['is_menu_item'] = True
 
+    # Fetch all Custom_Dish__c records with only existing fields
     custom_dish_query = """
         SELECT Name, Price__c, Description__c, Image1__c, Image2__c, 
                Veg_NonVeg__c, Section__c, Total_Ordered__c
@@ -135,6 +143,7 @@ def menu():
         logger.error(f"Error fetching custom dishes: {str(e)}")
         custom_dishes = []
 
+    # Process custom dishes
     for item in custom_dishes:
         item['Total_Ordered__c'] = item.get('Total_Ordered__c', 0) or 0
         item['Video1__c'] = get_valid_video_path(item['Name'])
@@ -142,9 +151,11 @@ def menu():
         item['Description__c'] = item.get('Description__c', "No description available")
         item['is_menu_item'] = False
 
+    # Merge all items
     all_items = food_items + custom_dishes
     ordered_menu = {section: [] for section in SECTION_ORDER}
 
+    # Process best sellers
     best_sellers = sorted(all_items, key=lambda x: x['Total_Ordered__c'], reverse=True)
     if selected_category == "Veg":
         best_sellers = [item for item in best_sellers if item.get("Veg_NonVeg__c") in ["Veg", "both"]]
@@ -152,6 +163,7 @@ def menu():
         best_sellers = [item for item in best_sellers if item.get("Veg_NonVeg__c") in ["Non veg", "both"]]
     ordered_menu["Best Sellers"] = best_sellers[:4]
 
+    # Organize items into sections
     added_item_names = set()
     for item in all_items:
         section = item['Section__c']
@@ -170,6 +182,7 @@ def menu():
         ordered_menu[section].append(item)
         added_item_names.add(item['Name'])
 
+    # Remove empty sections
     ordered_menu = {section: items for section, items in ordered_menu.items() if items}
     categories = ["All", "Veg", "Non veg"]
 
@@ -206,7 +219,7 @@ def search():
         logger.error(f"Error fetching cart item count: {str(e)}")
         cart_item_count = 0
 
-    # Fetch all menu items for search functionality
+    # Fetch all Menu_Item__c records with required fields
     menu_query = """
         SELECT Name, Price__c, Description__c, Image1__c, Image2__c, 
                Veg_NonVeg__c, Section__c, Total_Ordered__c, Video1__c,
@@ -230,6 +243,7 @@ def search():
         item['Allergens__c'] = item.get('Allergens__c', "None listed")
         item['is_menu_item'] = True
 
+    # Fetch all Custom_Dish__c records
     custom_dish_query = """
         SELECT Name, Price__c, Description__c, Image1__c, Image2__c, 
                Veg_NonVeg__c, Section__c, Total_Ordered__c
@@ -261,24 +275,233 @@ def search():
         user_image=user_image
     )
 
-# Existing routes remain unchanged...
-
 @menu_blueprint.route('/upload_avatar', methods=['POST'])
 def upload_avatar():
-    # ... (unchanged)
-    pass
+    try:
+        data = request.get_json()
+        if not data or 'image' not in data:
+            logger.error("No image data provided in request")
+            return jsonify({'success': False, 'error': 'No image data provided'}), 400
+
+        image_data = data['image']
+        logger.debug(f"Received image data with length: {len(image_data)}")
+
+        # Validate base64 image
+        if not image_data.startswith('data:image/'):
+            logger.error("Invalid image format: does not start with 'data:image/'")
+            return jsonify({'success': False, 'error': 'Invalid image format'}), 400
+
+        # Check size limit (~1.5MB for base64, roughly 1MB actual image)
+        if len(image_data) > 2_000_000:
+            logger.error(f"Image too large: {len(image_data)} characters (max 2,000,000)")
+            return jsonify({'success': False, 'error': 'Image too large (max ~1.5MB)'}), 400
+
+        # Validate base64 decoding
+        try:
+            base64_string = image_data.split(',')[1]
+            base64.b64decode(base64_string)
+        except Exception as e:
+            logger.error(f"Invalid base64 data: {str(e)}")
+            return jsonify({'success': False, 'error': 'Invalid base64 data'}), 400
+
+        # Store in session
+        session['user_image'] = image_data
+        logger.info("Image stored in session successfully")
+
+        # Store in Salesforce (if Avatar__c field exists)
+        user_email = session.get('user_email')
+        if user_email:
+            try:
+                user_query = f"SELECT Id FROM Customer_Login__c WHERE Email__c = '{user_email}'"
+                user_result = sf.query(user_query)
+                if user_result.get('records'):
+                    user_id = user_result['records'][0]['Id']
+                    describe_result = sf.Customer_Login__c.describe()
+                    fields = [field['name'] for field in describe_result['fields']]
+                    if 'Avatar__c' in fields:
+                        sf.Customer_Login__c.update(user_id, {'Avatar__c': image_data})
+                        logger.info(f"Image stored in Salesforce for user {user_email}")
+                    else:
+                        logger.warning("Avatar__c field does not exist; skipping Salesforce update")
+                else:
+                    logger.warning(f"User not found in Salesforce: {user_email}")
+            except Exception as e:
+                logger.error(f"Failed to store image in Salesforce: {str(e)}")
+
+        return jsonify({'success': True, 'image': image_data})
+
+    except Exception as e:
+        logger.error(f"Error in upload_avatar: {str(e)}", exc_info=True)
+        return jsonify({'success': False, 'error': f'Server error: {str(e)}'}), 500
 
 @menu_blueprint.route('/delete_avatar', methods=['POST'])
 def delete_avatar():
-    # ... (unchanged)
-    pass
+    try:
+        user_email = session.get('user_email')
+        if not user_email:
+            logger.error("No user email in session")
+            return jsonify({'success': False, 'error': 'User not authenticated'}), 401
+
+        if 'user_image' in session:
+            session.pop('user_image', None)
+            logger.info("Image removed from session")
+
+        try:
+            user_query = f"SELECT Id FROM Customer_Login__c WHERE Email__c = '{user_email}'"
+            user_result = sf.query(user_query)
+            if user_result.get('records'):
+                user_id = user_result['records'][0]['Id']
+                describe_result = sf.Customer_Login__c.describe()
+                fields = [field['name'] for field in describe_result['fields']]
+                if 'Avatar__c' in fields:
+                    sf.Customer_Login__c.update(user_id, {'Avatar__c': None})
+                    logger.info(f"Image removed from Salesforce for user {user_email}")
+                else:
+                    logger.warning("Avatar__c field does not exist; skipping Salesforce update")
+            else:
+                logger.warning(f"User not found in Salesforce: {user_email}")
+        except Exception as e:
+            logger.error(f"Failed to remove image from Salesforce: {str(e)}")
+
+        return jsonify({'success': True})
+
+    except Exception as e:
+        logger.error(f"Error in delete_avatar: {str(e)}", exc_info=True)
+        return jsonify({'success': False, 'error': f'Server error: {str(e)}'}), 500
 
 @menu_blueprint.route('/api/addons', methods=['GET'])
 def get_addons():
-    # ... (unchanged)
-    pass
+    item_name = request.args.get('item_name')
+    item_section = request.args.get('item_section')
+
+    if not item_name or not item_section:
+        return jsonify({"success": False, "error": "Item name and section are required."}), 400
+
+    try:
+        query = f"""
+            SELECT Name, Customization_Type__c, Options__c, Max_Selections__c, Extra_Charge__c, Extra_Charge_Amount__c
+            FROM Customization_Options__c
+            WHERE Section__c = '{item_section}'
+        """
+        result = sf.query_all(query)
+        addons = result.get('records', [])
+
+        if not addons:
+            return jsonify({"success": False, "error": "No customization options found for the given section."}), 404
+
+        formatted_addons = []
+        for addon in addons:
+            options = addon.get("Options__c", "")
+            options = options.split(", ") if options else []
+            formatted_addons.append({
+                "name": addon.get("Name", ""),
+                "type": addon.get("Customization_Type__c", ""),
+                "options": options,
+                "max_selections": addon.get("Max_Selections__c", 1),
+                "extra_charge": addon.get("Extra_Charge__c", False),
+                "extra_charge_amount": addon.get("Extra_Charge_Amount__c", 0)
+            })
+
+        return jsonify({"success": True, "addons": formatted_addons})
+
+    except Exception as e:
+        logger.error(f"Error fetching addons: {str(e)}")
+        return jsonify({"success": False, "error": "An error occurred while fetching customization options."}), 500
 
 @menu_blueprint.route('/cart/add', methods=['POST'])
 def add_to_cart():
-    # ... (unchanged)
-    pass
+    try:
+        data = request.json
+        item_name = data.get('itemName', '').strip()
+        item_price = float(data.get('itemPrice', 0))
+        item_image = data.get('itemImage', '')
+        addons = data.get('addons', [])
+        instructions = data.get('instructions', '')
+        category = data.get('category', '')
+        section = data.get('section', '')
+        quantity = int(data.get('quantity', 1))
+        customer_email = session.get('user_email')
+
+        if not item_name or not item_price or not customer_email:
+            logger.error(f"Missing required fields: item_name={item_name}, item_price={item_price}, customer_email={customer_email}")
+            return jsonify({"success": False, "error": "Item name, price, and user email are required."}), 400
+
+        # Sanitize inputs to prevent SOQL injection
+        item_name = item_name.replace("'", "''")
+        customer_email = customer_email.replace("'", "''")
+
+        query = f"""
+            SELECT Id, Quantity__c, Add_Ons__c, Add_Ons_Price__c, Instructions__c, Price__c
+            FROM Cart_Item__c
+            WHERE Customer_Email__c = '{customer_email}' AND Name = '{item_name}'
+        """
+        result = sf.query(query)
+        cart_items = result.get("records", [])
+
+        addons_price = sum(float(addon.get('price', 0)) for addon in addons)
+        new_addons = "; ".join([f"{addon['name']} (${addon['price']})" for addon in addons]) if addons else "None"
+
+        if cart_items:
+            cart_item = cart_items[0]
+            cart_item_id = cart_item['Id']
+            existing_quantity = int(cart_item.get('Quantity__c', 0))
+            existing_addons = cart_item.get('Add_Ons__c', "None")
+            existing_addons_price = float(cart_item.get('Add_Ons_Price__c', 0))
+            existing_instructions = cart_item.get('Instructions__c', "")
+
+            combined_addons = existing_addons if existing_addons != "None" else ""
+            if new_addons != "None":
+                combined_addons = f"{combined_addons}; {new_addons}".strip("; ")
+
+            combined_instructions = existing_instructions
+            if instructions:
+                combined_instructions = f"{combined_instructions} | {instructions}".strip(" | ")
+
+            combined_addons_list = combined_addons.split("; ")
+            combined_addons_price = sum(
+                float(addon.split("($")[1][:-1]) for addon in combined_addons_list if "($" in addon
+            )
+
+            total_price = (existing_quantity + quantity) * item_price + combined_addons_price
+
+            sf.Cart_Item__c.update(cart_item_id, {
+                "Quantity__c": existing_quantity + quantity,
+                "Add_Ons__c": combined_addons,
+                "Add_Ons_Price__c": combined_addons_price,
+                "Instructions__c": combined_instructions,
+                "Price__c": total_price,
+                "Category__c": category,
+                "Section__c": section
+            })
+        else:
+            total_price = item_price * quantity + addons_price
+            sf.Cart_Item__c.create({
+                "Name": item_name,
+                "Price__c": total_price,
+                "Base_Price__c": item_price,
+                "Quantity__c": quantity,
+                "Add_Ons_Price__c": addons_price,
+                "Add_Ons__c": new_addons,
+                "Image1__c": item_image,
+                "Customer_Email__c": customer_email,
+                "Instructions__c": instructions,
+                "Category__c": category,
+                "Section__c": section
+            })
+
+        # Fetch updated cart for UI update
+        cart_query = f"SELECT Name, Quantity__c FROM Cart_Item__c WHERE Customer_Email__c = '{customer_email}'"
+        cart_result = sf.query_all(cart_query)
+        cart = [{"itemName": item["Name"], "quantity": item["Quantity__c"]} for item in cart_result.get("records", [])]
+        
+        logger.info(f"Item '{item_name}' added to cart for {customer_email}")
+        return jsonify({"success": True, "message": "Item added to cart successfully.", "cart": cart})
+
+    except ValueError as e:
+        logger.error(f"Invalid data format: {str(e)}")
+        return jsonify({"success": False, "error": f"Invalid data format: {str(e)}"}), 400
+    except Exception as e:
+        logger.error(f"Error adding item to cart: {str(e)}", exc_info=True)
+        return jsonify({"success": False, "error": f"An error occurred while adding the item to the cart: {str(e)}"}), 500
+
+# Note: Ensure 'login' route exists in your app or adjust redirect accordingly