combined_summary.py

from flask import Blueprint, render_template, session, redirect, url_for
from salesforce import get_salesforce_connection
from datetime import datetime
from num2words import num2words

combined_summary_blueprint = Blueprint('combined_summary', __name__)

# Initialize Salesforce connection
sf = get_salesforce_connection()

def escape_soql(value):
    """Escape single quotes in SOQL query values to prevent injection."""
    if value:
        return value.replace("'", "\\'")
    return value

def number_to_words(number):
    """Convert a number to words for invoice amount in words."""
    integer_part = int(number)
    decimal_part = int((number - integer_part) * 100)
    words = num2words(integer_part, lang='en_IN').replace(',', '').title() + " Rupees"
    if decimal_part > 0:
        words += " And " + num2words(decimal_part, lang='en_IN').replace(',', '').title() + " Paisa Only"
    return words

@combined_summary_blueprint.route('/combined_summary')
def combined_summary():
    email = session.get('user_email')
    if not email:
        print("No user email in session, redirecting to login")
        return redirect(url_for('login'))

    try:
        # Sanitize email for SOQL query
        safe_email = escape_soql(email)

        # ====== FETCH CUSTOMER DETAILS ======
        customer_query = f"""
            SELECT Id, Name, Email__c, Phone_Number__c
            FROM Customer_Login__c
            WHERE Email__c = '{safe_email}'
            LIMIT 1
        """
        customer_result = sf.query_all(customer_query)
        if not customer_result.get("records"):
            print(f"No customer found for email: {email}")
            return "Customer not found", 404

        customer = customer_result["records"][0]
        customer_data = {
            "name": customer.get("Name", "SATHVIK GANTA"),
            "email": customer.get("Email__c", "sathvik@example.com"),
            "phone": customer.get("Phone_Number__c", "9876543210")
        }

        # ====== FETCH ORDER SUMMARY ======
        order_query = f"""
            SELECT Id, Customer_Name__c, Customer_Email__c, Order_Details__c, CreatedDate
            FROM Order__c
            WHERE Customer_Email__c = '{safe_email}'
            ORDER BY CreatedDate DESC
            LIMIT 1
        """
        order_result = sf.query_all(order_query)
        if not order_result.get("records"):
            print(f"No order found for email: {email}")
            return "No order found", 404

        order = order_result["records"][0]
        order_details = order.get("Order_Details__c", "")
        order_items = []

        # Calculate total
        total_amount = 0

        for line in order_details.split('\n'):
            item_parts = line.split('|')
            if len(item_parts) >= 5:
                item_name_raw = item_parts[0].strip()
                item_name = ' '.join(item_name_raw.split(' ')[:-1]).strip()
                safe_item_name = escape_soql(item_name)

                menu_query = f"""
                    SELECT Name, Price__c, Image1__c
                    FROM Menu_Item__c
                    WHERE Name = '{safe_item_name}'
                """
                menu_result = sf.query_all(menu_query)

                if menu_result.get("records"):
                    menu_item = menu_result["records"][0]
                    price = menu_item.get("Price__c", 0)
                    total_amount += price

                    order_items.append({
                        "name": item_name,
                        "price": price,
                        "image_url": menu_item.get("Image1__c", '')
                    })

        # Fetch restaurant details
        restaurant_query = f"""
            SELECT Legal_Name__c, Name, Address__c, GSTIN__c, FSSAI__c
            FROM Restaurant__c
            WHERE Name = 'Pista House'
            LIMIT 1
        """
        restaurant_result = sf.query_all(restaurant_query)
        restaurant = restaurant_result["records"][0] if restaurant_result.get("records") else {
            "legal_name": "DOUBLE TREE BY KVP HOSPITALITY LLP",
            "name": "Pista House",
            "address": "52 To 57, 69 & 70, 5-5-162 & 5-5-163, 5-5-164 & 5-5-165, Plot 1, Vanasthali Hills, Saheb Nagar, LB Nagar Circle 4, Vanasthalipuram, Hyderabad",
            "gstin": "36AATFD1209K1Z9",
            "fssai": "13622012000022"
        }

        # Convert total amount to words
        total_amount_in_words = number_to_words(total_amount)

        # Prepare template data
        order_data = {
            "id": order.get("Id", "247JD92F00043965"),
            "created_date": order.get("CreatedDate", "2024-12-12").split("T")[0]
        }

        template_data = {
            "order_id": order_data["id"],
            "order_items": order_items,
            "customer": customer_data,
            "restaurant": restaurant,
            "order": order_data,
            "total_amount": total_amount,
            "total_amount_in_words": total_amount_in_words
        }

        return render_template("combined_summary.html", **template_data)

    except Exception as e:
        print(f"Error in combined_summary: {str(e)}")
        return f"Error: {str(e)}", 500