51 lines
953 B
JavaScript
51 lines
953 B
JavaScript
const express = require('express');
|
|
const { check } = require('express-validator');
|
|
const {
|
|
getCompanies,
|
|
getCompany,
|
|
createCompany,
|
|
updateCompany,
|
|
deleteCompany
|
|
} = require('../controllers/companyController');
|
|
const { protect, authorize } = require('../middleware/auth');
|
|
|
|
const router = express.Router();
|
|
|
|
// Protect all routes
|
|
router.use(protect);
|
|
|
|
// Get all companies
|
|
router.get('/', getCompanies);
|
|
|
|
// Get single company
|
|
router.get('/:id', getCompany);
|
|
|
|
// Create company - superadmin only
|
|
router.post(
|
|
'/',
|
|
authorize('superadmin'),
|
|
[
|
|
check('name', 'Company name is required').not().isEmpty()
|
|
],
|
|
createCompany
|
|
);
|
|
|
|
// Update company - superadmin only
|
|
router.put(
|
|
'/:id',
|
|
authorize('superadmin'),
|
|
[
|
|
check('name', 'Company name is required').not().isEmpty()
|
|
],
|
|
updateCompany
|
|
);
|
|
|
|
// Delete company - superadmin only
|
|
router.delete(
|
|
'/:id',
|
|
authorize('superadmin'),
|
|
deleteCompany
|
|
);
|
|
|
|
module.exports = router;
|