80 lines
1.7 KiB
JavaScript
80 lines
1.7 KiB
JavaScript
const express = require('express');
|
|
const { check } = require('express-validator');
|
|
const {
|
|
getUsers,
|
|
getUser,
|
|
createUser,
|
|
updateUser,
|
|
deleteUser,
|
|
resetPassword
|
|
} = require('../controllers/userController');
|
|
const { protect, authorize } = require('../middleware/auth');
|
|
const { checkUserManagementAccess } = require('../middleware/companyAuth');
|
|
|
|
const router = express.Router();
|
|
|
|
// Protect all routes
|
|
router.use(protect);
|
|
|
|
// Get all users
|
|
router.get(
|
|
'/',
|
|
authorize('superadmin', 'companyadmin'),
|
|
getUsers
|
|
);
|
|
|
|
// Get single user
|
|
router.get(
|
|
'/:id',
|
|
authorize('superadmin', 'companyadmin'),
|
|
checkUserManagementAccess,
|
|
getUser
|
|
);
|
|
|
|
// Create user
|
|
router.post(
|
|
'/',
|
|
authorize('superadmin', 'companyadmin'),
|
|
[
|
|
check('email', 'Please include a valid email').isEmail(),
|
|
check('password', 'Please enter a password with 6 or more characters').isLength({ min: 6 }),
|
|
check('role', 'Role is required').not().isEmpty(),
|
|
check('companyId', 'Company ID is required for non-superadmin users').custom((value, { req }) => {
|
|
if (req.body.role !== 'superadmin' && !value) {
|
|
throw new Error('Company ID is required for non-superadmin users');
|
|
}
|
|
return true;
|
|
})
|
|
],
|
|
createUser
|
|
);
|
|
|
|
// Update user
|
|
router.put(
|
|
'/:id',
|
|
authorize('superadmin', 'companyadmin'),
|
|
checkUserManagementAccess,
|
|
updateUser
|
|
);
|
|
|
|
// Delete user
|
|
router.delete(
|
|
'/:id',
|
|
authorize('superadmin', 'companyadmin'),
|
|
checkUserManagementAccess,
|
|
deleteUser
|
|
);
|
|
|
|
// Reset password
|
|
router.put(
|
|
'/:id/reset-password',
|
|
authorize('superadmin', 'companyadmin'),
|
|
checkUserManagementAccess,
|
|
[
|
|
check('newPassword', 'Please enter a password with 6 or more characters').isLength({ min: 6 })
|
|
],
|
|
resetPassword
|
|
);
|
|
|
|
module.exports = router;
|