Hugging Face's logo

Spaces:
rohanshaw
/
rajesh-grocery-api
Sleeping

App Files Community
rajesh-grocery-api
File size: 4,116 Bytes 
efb87a5
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
 
// src/controllers/orderController.js
const Order = require('../models/Order');
const Product = require('../models/Product');
const sendTelegramAlert = require('../utils/telegram');

// @desc    Create new order
// @route   POST /api/orders
// @access  Private
const addOrderItems = async (req, res) => {
  const {
    orderItems,
    paymentMethod,
    totalAmount, // In a strict app, calculate this on backend. For now, we trust frontend but verify basics.
    pickupDate
  } = req.body;

  if (orderItems && orderItems.length === 0) {
    return res.status(400).json({ message: 'No order items' });
  }

  try {
    // Optional: You could verify stock here and decrement it
    // For simplicity in this version, we just record the order
    
    const order = new Order({
      user: req.user._id,
      items: orderItems.map((x) => ({
        ...x,
        product: x.product,
      })),
      totalAmount,
      paymentMethod,
      pickupDate
    });

    const createdOrder = await order.save();
    const alertMsg = `
      <b>💰 New Order Received!</b>
      --------------------------------
      <b>Customer:</b> ${req.user.name}
      <b>Amount:</b> ₹${totalAmount}
      <b>Items:</b> ${orderItems.length} items
      <b>Payment:</b> ${paymentMethod === 'ONLINE_UPI' ? 'UPI' : 'Cash'}
      --------------------------------
      <i>Check Admin Panel for details.</i>
    `;
    // We don't await this so it doesn't slow down the user response
    sendTelegramAlert(alertMsg);

    res.status(201).json(createdOrder);
  } catch (error) {
    res.status(500).json({ message: error.message });
  }
};

// @desc    Get order by ID
// @route   GET /api/orders/:id
// @access  Private
const getOrderById = async (req, res) => {
  try {
    // Populate user name and email attached to order
    const order = await Order.findById(req.params.id).populate(
      'user',
      'name phone email'
    );

    if (order) {
      // Ensure only Admin or the Order Owner can view it
      if (req.user.role === 'admin' || order.user._id.toString() === req.user._id.toString()) {
        res.json(order);
      } else {
        res.status(401).json({ message: 'Not authorized to view this order' });
      }
    } else {
      res.status(404).json({ message: 'Order not found' });
    }
  } catch (error) {
    res.status(500).json({ message: error.message });
  }
};

// @desc    Get logged in user orders
// @route   GET /api/orders/myorders
// @access  Private
const getMyOrders = async (req, res) => {
  try {
    const orders = await Order.find({ user: req.user._id }).sort({ createdAt: -1 });
    res.json(orders);
  } catch (error) {
    res.status(500).json({ message: error.message });
  }
};

// @desc    Get all orders
// @route   GET /api/orders
// @access  Private/Admin
const getOrders = async (req, res) => {
  try {
    // Populate user info so Admin knows who ordered
    const orders = await Order.find({})
      .populate('user', 'id name phone')
      .sort({ createdAt: -1 });
    res.json(orders);
  } catch (error) {
    res.status(500).json({ message: error.message });
  }
};

// @desc    Update order status
// @route   PUT /api/orders/:id/status
// @access  Private/Admin
const updateOrderStatus = async (req, res) => {
  const { status } = req.body; // e.g. "Ready for Pickup"

  try {
    const order = await Order.findById(req.params.id);

    if (order) {
      order.status = status;
      if (status === 'Completed') {
        // If completed, we assume payment is done (Cash or UPI verified)
        // You can add specific payment logic here if needed
      }
      const updatedOrder = await order.save();
      // 🔥 Cancel Alert
      if (status === 'Cancelled') {
        sendTelegramAlert(`❌ <b>Order Cancelled</b>\nOrder #${order._id} was marked as Cancelled.`);
      }
      res.json(updatedOrder);
    } else {
      res.status(404).json({ message: 'Order not found' });
    }
  } catch (error) {
    res.status(500).json({ message: error.message });
  }
};

module.exports = {
  addOrderItems,
  getOrderById,
  getMyOrders,
  getOrders,
  updateOrderStatus,
};