Fix: Allow Last Made to be Updated on Locked Recipes (#2140)

* allow certain props to be updated on locked recipe

* pytest

* added "last_made" to hardcoded datetime fields

* refactored last made to its own route

* codegen/types

* updated pytest

mealie/routes/recipe/recipe_crud_routes.py

@@ -24,7 +24,12 @@ from mealie.routes._base.mixins import HttpRepo
 from mealie.routes._base.routers import MealieCrudRoute, UserAPIRouter
 from mealie.schema.cookbook.cookbook import ReadCookBook
 from mealie.schema.recipe import Recipe, RecipeImageTypes, ScrapeRecipe
-from mealie.schema.recipe.recipe import CreateRecipe, CreateRecipeByUrlBulk, RecipeSummary
+from mealie.schema.recipe.recipe import (
+    CreateRecipe,
+    CreateRecipeByUrlBulk,
+    RecipeLastMade,
+    RecipeSummary,
+)
 from mealie.schema.recipe.recipe_asset import RecipeAsset
 from mealie.schema.recipe.recipe_ingredient import RecipeIngredient
 from mealie.schema.recipe.recipe_scraper import ScrapeRecipeTest
@@ -367,6 +372,28 @@ class RecipeController(BaseRecipeController):
 
         return recipe
 
+    @router.patch("/{slug}/last-made")
+    def update_last_made(self, slug: str, data: RecipeLastMade):
+        """Update a recipe's last made timestamp"""
+
+        try:
+            recipe = self.service.update_last_made(slug, data.timestamp)
+        except Exception as e:
+            self.handle_exceptions(e)
+
+        if recipe:
+            self.publish_event(
+                event_type=EventTypes.recipe_updated,
+                document_data=EventRecipeData(operation=EventOperation.update, recipe_slug=recipe.slug),
+                message=self.t(
+                    "notifications.generic-updated-with-url",
+                    name=recipe.name,
+                    url=urls.recipe_url(recipe.slug, self.settings.BASE_URL),
+                ),
+            )
+
+        return recipe
+
     @router.delete("/{slug}")
     def delete_one(self, slug: str):
         """Deletes a recipe by slug"""

mealie/schema/recipe/recipe.py

@@ -200,6 +200,10 @@ class Recipe(RecipeSummary):
         return user_id
 
 
+class RecipeLastMade(BaseModel):
+    timestamp: datetime.datetime
+
+
 from mealie.schema.recipe.recipe_ingredient import RecipeIngredient  # noqa: E402
 
 RecipeSummary.update_forward_refs()

mealie/services/backups_v2/alchemy_exporter.py

@@ -16,7 +16,7 @@ class AlchemyExporter(BaseService):
     engine: base.Engine
     meta: MetaData
 
-    look_for_datetime = {"created_at", "update_at", "date_updated", "timestamp", "expires_at", "locked_at"}
+    look_for_datetime = {"created_at", "update_at", "date_updated", "timestamp", "expires_at", "locked_at", "last_made"}
     look_for_date = {"date_added", "date"}
     look_for_time = {"scheduled_time"}
 

mealie/services/recipe/recipe_service.py

@@ -247,6 +247,7 @@ class RecipeService(BaseService):
 
         Args:
             slug (str): recipe slug
+            new_data (Recipe): the new recipe data
 
         Raises:
             exceptions.PermissionDenied (403)
@@ -275,7 +276,7 @@ class RecipeService(BaseService):
 
     def patch_one(self, slug: str, patch_data: Recipe) -> Recipe:
         recipe: Recipe | None = self._pre_update_check(slug, patch_data)
-        recipe = self.repos.recipes.by_group(self.group.id).get_one(slug)
+        recipe = self._get_recipe(slug)
 
         if recipe is None:
             raise exceptions.NoEntryFound("Recipe not found.")
@@ -285,6 +286,11 @@ class RecipeService(BaseService):
         self.check_assets(new_data, recipe.slug)
         return new_data
 
+    def update_last_made(self, slug: str, timestamp: datetime) -> Recipe:
+        # we bypass the pre update check since any user can update a recipe's last made date, even if it's locked
+        recipe = self._get_recipe(slug)
+        return self.repos.recipes.by_group(self.group.id).patch(recipe.slug, {"last_made": timestamp})
+
     def delete_one(self, slug) -> Recipe:
         recipe = self._get_recipe(slug)