106 lines
6.0 KiB
JavaScript
106 lines
6.0 KiB
JavaScript
const express = require('express');
|
|
const path = require('path');
|
|
const router = express.Router();
|
|
|
|
const authMiddleware = require('../middleware/authMiddleware');
|
|
const UserSettingsController = require('../controller/auth/UserSettingsController');
|
|
const ReferralTokenController = require('../controller/referral/ReferralTokenController');
|
|
const ReferralRegistrationController = require('../controller/referral/ReferralRegistrationController');
|
|
const PermissionController = require('../controller/permissions/PermissionController');
|
|
const DocumentTemplateController = require('../controller/documentTemplate/DocumentTemplateController');
|
|
const AdminUserController = require('../controller/admin/AdminUserController');
|
|
const UserDocumentController = require('../controller/documents/UserDocumentController');
|
|
const ServerStatusController = require('../controller/admin/ServerStatusController');
|
|
const UserController = require('../controller/auth/UserController');
|
|
const UserStatusController = require('../controller/auth/UserStatusController');
|
|
const CompanyStampController = require('../controller/companyStamp/CompanyStampController'); // <-- added
|
|
const MatrixController = require('../controller/matrix/MatrixController'); // <-- added
|
|
|
|
// small helpers copied from original files
|
|
function adminOnly(req, res, next) {
|
|
if (!req.user || !['admin', 'super_admin'].includes(req.user.role)) {
|
|
return res.status(403).json({ error: 'Forbidden: Admins only' });
|
|
}
|
|
next();
|
|
}
|
|
function requireAdmin(req, res, next) {
|
|
if (!req.user || req.user.role !== 'admin') {
|
|
return res.status(403).json({ success: false, message: 'Forbidden: Admins only.' });
|
|
}
|
|
next();
|
|
}
|
|
|
|
// NEW helper used by company-stamp routes
|
|
function forceCompanyForAdmin(req, res, next) {
|
|
if (req.user && ['admin','super_admin'].includes(req.user.role) && req.user.user_type !== 'company') {
|
|
req.user.user_type = 'company';
|
|
}
|
|
next();
|
|
}
|
|
|
|
// === GET routes moved from other files ===
|
|
|
|
// auth.js GETs
|
|
router.get('/me', authMiddleware, UserController.getMe);
|
|
router.get('/user/status', authMiddleware, UserStatusController.getStatus);
|
|
router.get('/user/status-progress', authMiddleware, UserStatusController.getStatusProgress);
|
|
router.get('/users/:id/full', authMiddleware, UserController.getFullUserData);
|
|
router.get('/user/settings', authMiddleware, UserSettingsController.getSettings);
|
|
router.get('/users/:id/permissions', authMiddleware, PermissionController.getUserPermissions);
|
|
router.get('/admin/users/:id/full', authMiddleware, AdminUserController.getFullUserAccountDetails);
|
|
router.get('/admin/users/:id/detailed', authMiddleware, requireAdmin, AdminUserController.getDetailedUserInfo);
|
|
router.get('/users/:id/documents', authMiddleware, UserController.getUserDocumentsAndContracts);
|
|
router.get('/verify-password-reset', (req, res) => { /* Note: was moved from PasswordResetController.verifyPasswordResetToken */ res.status(204).end(); }); // keep placeholder if controller already registered via other verb
|
|
|
|
// admin.js GETs
|
|
router.get('/admin/user-stats', authMiddleware, requireAdmin, AdminUserController.getUserStats);
|
|
router.get('/admin/user-list', authMiddleware, requireAdmin, AdminUserController.getUserList);
|
|
router.get('/admin/verification-pending-users', authMiddleware, requireAdmin, AdminUserController.getVerificationPendingUsers);
|
|
router.get('/admin/unverified-users', authMiddleware, requireAdmin, AdminUserController.getUnverifiedUsers);
|
|
router.get('/admin/user/:id/documents', authMiddleware, requireAdmin, UserDocumentController.getAllDocumentsForUser);
|
|
router.get('/admin/server-status', authMiddleware, requireAdmin, ServerStatusController.getStatus);
|
|
|
|
// permissions.js GETs
|
|
router.get('/permissions', authMiddleware, PermissionController.list);
|
|
|
|
// referral.js GETs
|
|
router.get('/referral/list', authMiddleware, ReferralTokenController.list);
|
|
router.get('/referral/stats', authMiddleware, ReferralTokenController.stats);
|
|
router.get('/referral/info/:token', ReferralRegistrationController.getReferrerInfo);
|
|
|
|
// userSettings.js GETs
|
|
router.get('/settings', authMiddleware, UserSettingsController.getSettings);
|
|
|
|
// contracts.js (file downloads)
|
|
router.get('/contracts/personal', authMiddleware, (req, res) => {
|
|
const filePath = path.join(__dirname, '../contractTemplates/personal/test.pdf');
|
|
res.download(filePath, 'personal-service-contract.pdf', (err) => {
|
|
if (err) res.status(404).json({ success: false, message: 'Personal contract not found' });
|
|
});
|
|
});
|
|
router.get('/contracts/company', authMiddleware, (req, res) => {
|
|
const filePath = path.join(__dirname, '../contractTemplates/company/test.pdf');
|
|
res.download(filePath, 'company-service-contract.pdf', (err) => {
|
|
if (err) res.status(404).json({ success: false, message: 'Company contract not found' });
|
|
});
|
|
});
|
|
|
|
// documentTemplates.js GETs
|
|
router.get('/document-templates', authMiddleware, DocumentTemplateController.listTemplates);
|
|
router.get('/document-templates/:id', authMiddleware, DocumentTemplateController.getTemplate);
|
|
router.get('/document-templates-public', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesPublic);
|
|
router.get('/document-templates/:id/generate-pdf', authMiddleware, DocumentTemplateController.generatePdf);
|
|
router.get('/document-templates/:id/preview', authMiddleware, DocumentTemplateController.previewTemplate);
|
|
router.get('/document-templates/:id/download-pdf', authMiddleware, DocumentTemplateController.downloadPdf);
|
|
router.get('/api/document-templates', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesFiltered);
|
|
|
|
// Company-stamp GETs
|
|
router.get('/company-stamps/mine', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.listMine);
|
|
router.get('/company-stamps/mine/active', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.activeMine);
|
|
|
|
// Matrix GETs
|
|
router.get('/matrix/create', authMiddleware, adminOnly, MatrixController.create); // ?name=...&email=...&force=true
|
|
router.get('/matrix/stats', authMiddleware, adminOnly, MatrixController.stats); // NEW: real stats for dashboard
|
|
|
|
// export
|
|
module.exports = router; |