Task Description for API Endpoints Using Django REST Framework

### Task Description: Extend the Meal Ordering, Table Reservations, and Billing System with API Endpoints Using Django REST Framework **Objective:** In this task, you will extend the Django web application from the previous task to include API endpoints using the Django REST Framework. The system should continue to manage meal orders, table reservations, and billing while maintaining the MVT (Model-View-Template) structure for web views. You will also add pagination and filtering functionality to the API. **API Base URL:** All API endpoints should follow a consistent structure, starting with the base path: `/api/...` For example, the endpoint to list meals will be: `/api/meals/` **Requirements:** ### 1. **User Roles (Using Django Groups and Permissions):** - **Admin**: - Manage all resources (users, meals, orders, reservations, and bills) via both web views and API. - View all reservations, orders, and associated billing details. - **Customer**: - Can browse meals, make table reservations, place meal orders, and view their bills. - Can only view their own reservations, orders, and bills. **Authentication System**: - Continue using Django’s built-in authentication for web views and extend it to handle authentication for API requests. - Leverage **Django groups** and permissions to manage role-based access (Admin and Customer) for both the web views and API: - Users who sign up are automatically added to the **Customer** group. - Admin users are created via the Django admin panel and added to the **Admin** group. - Implement role-based access control for both web views and API: - **Admins** should have access to manage resources. - **Customers** should have access to order meals, make reservations, and view bills (for themselves only). ### 2. **Features:** #### 2.1. **User Authentication:** - Extend the existing user authentication for API endpoints using Django REST Framework's authentication and permissions classes. - Continue using **Django groups** to assign roles: - **Customer** by default for newly registered users. - **Admin** group for users created via the admin panel. #### 2.2. **Meal Management:** - **Admin** users can manage meals through both the web interface and API. - API endpoints should be provided for: - Listing meals (with pagination and filtering options). URL: `/api/meals/` - Adding, editing, and deleting meals (Admin only). URL: `/api/meals/<id>/` - **Customers** can browse meals through the API. URL: `/api/meals/` #### 2.3. **Table Reservations:** - Extend table reservation functionality to the API: - **Customers** can make table reservations via the API. URL: `/api/reservations/` - Ensure table availability is tracked via both web views and the API. - **Customers** can only manage their own reservations via the API. URL: `/api/reservations/<id>/` #### 2.4. **Meal Ordering:** - **Customers** can place meal orders via the API. URL: `/api/orders/` - **Admin** users can manage and view all orders via the API. URL: `/api/orders/<id>/` - Implement pagination and filtering (e.g., by status) for order history API endpoints. #### 2.5. **Billing:** - Extend billing functionality to the API: - **Customers** can view their bills and mark them as paid via the API. URL: `/api/bills/` - **Admins** can manage all bills via the API. URL: `/api/bills/<id>/` - Implement pagination for customer bills API. #### 2.6. **Admin Dashboard:** - Keep the admin dashboard for managing resources in the web view. - Admin users can manage all resources through both the API and web views. ### 3. **API Requirements:** - Create an `api.py` file for implementing API views. - Include the `api.py` file in the project’s URLs to handle API routes under the base path `/api/`. - Use Django REST Framework for building the API: - Implement CRUD operations for meals, reservations, orders, and bills. - Apply authentication, permissions, and role-based access control to API endpoints. - Implement pagination and filtering on API endpoints, especially for meals and orders. - Ensure proper response formatting with status codes and descriptive messages. ### 4. **Database Structure:** - The database structure remains the same as in the previous task: - **User**: Django’s built-in User model with groups (Admin, Customer). - **Meal**: name, description, price, availability. - **Order**: customer (linked to User), list of meals, total price, order status (pending, completed). - **Reservation**: customer (linked to User), table number, date, time. - **Bill**: order (linked to Order), total price, payment status (unpaid, paid). ### 5. **Project Guidelines:** - Maintain Django’s MVT architecture for web views. - Use Django REST Framework to implement API views in the `api.py` file. - Implement pagination and filtering on the meal and order API endpoints. - Use Django forms for user input on meal ordering, table reservations, and bill payments for web views. - Role-based navigation and access control should be applied to both web views and the API. ### Submission Requirements: - Submit the project via GitHub, maintaining the agreed flow for submission. - Ensure your project includes a README.md file detailing setup steps, dependencies, and usage instructions for both the web views and API. - Follow Django and Django REST Framework best practices, including proper use of models, views, templates, forms, groups/permissions, and serializers. ### Deadline: You have **one week** from **2024-10-07** to **2024-10-14 11:59 PM** to complete this task. Focus on writing clean, maintainable code that adheres to Django and Django REST Framework best practices.