feat: Add services, company documents, company timesheet export

- Add services table and CRUD endpoints (/api/services) - Add company documents upload/download functionality - Add company timesheet XLSX export endpoint - Remove admin requirement from event routes (all authenticated users can manage events) - Add service validators Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-17 18:45:01 +01:00
parent b542d1d635
commit 514b6c8a92
13 changed files with 866 additions and 11 deletions
--- a/src/routes/service.routes.js
+++ b/src/routes/service.routes.js
@@ -0,0 +1,63 @@
+import express from 'express';
+import * as serviceController from '../controllers/service.controller.js';
+import { authenticate } from '../middlewares/auth/authMiddleware.js';
+import { requireAdmin } from '../middlewares/auth/roleMiddleware.js';
+import { validateBody, validateParams } from '../middlewares/security/validateInput.js';
+import { createServiceSchema, updateServiceSchema } from '../validators/crm.validators.js';
+import { z } from 'zod';
+
+const router = express.Router();
+
+const serviceIdSchema = z.object({
+  serviceId: z.string().uuid(),
+});
+
+// All service routes require authentication
+router.use(authenticate);
+
+/**
+ * GET /api/services - Get all services (all authenticated users)
+ */
+router.get('/', serviceController.getAllServices);
+
+/**
+ * GET /api/services/:serviceId - Get service by ID (all authenticated users)
+ */
+router.get(
+  '/:serviceId',
+  validateParams(serviceIdSchema),
+  serviceController.getServiceById
+);
+
+/**
+ * POST /api/services - Create new service (admin only)
+ */
+router.post(
+  '/',
+  requireAdmin,
+  validateBody(createServiceSchema),
+  serviceController.createService
+);
+
+/**
+ * PUT /api/services/:serviceId - Update service (admin only)
+ */
+router.put(
+  '/:serviceId',
+  requireAdmin,
+  validateParams(serviceIdSchema),
+  validateBody(updateServiceSchema),
+  serviceController.updateService
+);
+
+/**
+ * DELETE /api/services/:serviceId - Delete service (admin only)
+ */
+router.delete(
+  '/:serviceId',
+  requireAdmin,
+  validateParams(serviceIdSchema),
+  serviceController.deleteService
+);
+
+export default router;