Spaces:

rohanshaw
/

rajesh-grocery-api

Sleeping

App Files Files Community

rajesh-grocery-api / src /controllers /orderController.js

rohanshaw's picture

Upload 20 files

efb87a5 verified about 2 months ago

history blame contribute delete

4.12 kB

	// src/controllers/orderController.js
	const Order = require('../models/Order');
	const Product = require('../models/Product');
	const sendTelegramAlert = require('../utils/telegram');

	// @desc Create new order
	// @route POST /api/orders
	// @access Private
	const addOrderItems = async (req, res) => {
	const {
	orderItems,
	paymentMethod,
	totalAmount, // In a strict app, calculate this on backend. For now, we trust frontend but verify basics.
	pickupDate
	} = req.body;

	if (orderItems && orderItems.length === 0) {
	return res.status(400).json({ message: 'No order items' });
	}

	try {
	// Optional: You could verify stock here and decrement it
	// For simplicity in this version, we just record the order

	const order = new Order({
	user: req.user._id,
	items: orderItems.map((x) => ({
	...x,
	product: x.product,
	})),
	totalAmount,
	paymentMethod,
	pickupDate
	});

	const createdOrder = await order.save();
	const alertMsg = `
	<b>💰 New Order Received!</b>
	--------------------------------
	<b>Customer:</b> ${req.user.name}
	<b>Amount:</b> ₹${totalAmount}
	<b>Items:</b> ${orderItems.length} items
	<b>Payment:</b> ${paymentMethod === 'ONLINE_UPI' ? 'UPI' : 'Cash'}
	--------------------------------
	<i>Check Admin Panel for details.</i>
	`;
	// We don't await this so it doesn't slow down the user response
	sendTelegramAlert(alertMsg);

	res.status(201).json(createdOrder);
	} catch (error) {
	res.status(500).json({ message: error.message });
	}
	};

	// @desc Get order by ID
	// @route GET /api/orders/:id
	// @access Private
	const getOrderById = async (req, res) => {
	try {
	// Populate user name and email attached to order
	const order = await Order.findById(req.params.id).populate(
	'user',
	'name phone email'
	);

	if (order) {
	// Ensure only Admin or the Order Owner can view it
	if (req.user.role === 'admin' \|\| order.user._id.toString() === req.user._id.toString()) {
	res.json(order);
	} else {
	res.status(401).json({ message: 'Not authorized to view this order' });
	}
	} else {
	res.status(404).json({ message: 'Order not found' });
	}
	} catch (error) {
	res.status(500).json({ message: error.message });
	}
	};

	// @desc Get logged in user orders
	// @route GET /api/orders/myorders
	// @access Private
	const getMyOrders = async (req, res) => {
	try {
	const orders = await Order.find({ user: req.user._id }).sort({ createdAt: -1 });
	res.json(orders);
	} catch (error) {
	res.status(500).json({ message: error.message });
	}
	};

	// @desc Get all orders
	// @route GET /api/orders
	// @access Private/Admin
	const getOrders = async (req, res) => {
	try {
	// Populate user info so Admin knows who ordered
	const orders = await Order.find({})
	.populate('user', 'id name phone')
	.sort({ createdAt: -1 });
	res.json(orders);
	} catch (error) {
	res.status(500).json({ message: error.message });
	}
	};

	// @desc Update order status
	// @route PUT /api/orders/:id/status
	// @access Private/Admin
	const updateOrderStatus = async (req, res) => {
	const { status } = req.body; // e.g. "Ready for Pickup"

	try {
	const order = await Order.findById(req.params.id);

	if (order) {
	order.status = status;
	if (status === 'Completed') {
	// If completed, we assume payment is done (Cash or UPI verified)
	// You can add specific payment logic here if needed
	}
	const updatedOrder = await order.save();
	// 🔥 Cancel Alert
	if (status === 'Cancelled') {
	sendTelegramAlert(`❌ <b>Order Cancelled</b>\nOrder #${order._id} was marked as Cancelled.`);
	}
	res.json(updatedOrder);
	} else {
	res.status(404).json({ message: 'Order not found' });
	}
	} catch (error) {
	res.status(500).json({ message: error.message });
	}
	};

	module.exports = {
	addOrderItems,
	getOrderById,
	getMyOrders,
	getOrders,
	updateOrderStatus,
	};