import express from 'express'; import * as serviceController from '../controllers/service.controller.js'; import * as serviceFolderController from '../controllers/service-folder.controller.js'; import * as serviceDocumentController from '../controllers/service-document.controller.js'; import { authenticate } from '../middlewares/auth/authMiddleware.js'; import { requireAdmin } from '../middlewares/auth/roleMiddleware.js'; import { validateBody, validateParams } from '../middlewares/security/validateInput.js'; import { createServiceSchema, updateServiceSchema } from '../validators/crm.validators.js'; import { createUpload } from '../config/upload.js'; import { serviceIdSchema, folderIdSchema, folderDocumentIdSchema, createFolderSchema, updateFolderSchema, } from '../validators/service.validators.js'; const router = express.Router(); const upload = createUpload({ maxSizeMB: 50 }); // All service routes require authentication router.use(authenticate); // ==================== SERVICE FOLDERS (must be before :serviceId routes) ==================== /** * GET /api/services/folders - Get all folders (all authenticated users) */ router.get('/folders', serviceFolderController.getAllFolders); /** * POST /api/services/folders - Create new folder (admin only) */ router.post( '/folders', requireAdmin, validateBody(createFolderSchema), serviceFolderController.createFolder ); /** * GET /api/services/folders/:folderId - Get folder by ID (all authenticated users) */ router.get( '/folders/:folderId', validateParams(folderIdSchema), serviceFolderController.getFolderById ); /** * PUT /api/services/folders/:folderId - Update folder (admin only) */ router.put( '/folders/:folderId', requireAdmin, validateParams(folderIdSchema), validateBody(updateFolderSchema), serviceFolderController.updateFolder ); /** * DELETE /api/services/folders/:folderId - Delete folder (admin only) */ router.delete( '/folders/:folderId', requireAdmin, validateParams(folderIdSchema), serviceFolderController.deleteFolder ); // ==================== SERVICE DOCUMENTS ==================== /** * GET /api/services/folders/:folderId/documents - Get all documents in folder */ router.get( '/folders/:folderId/documents', validateParams(folderIdSchema), serviceDocumentController.getDocumentsByFolderId ); /** * POST /api/services/folders/:folderId/documents - Upload document to folder */ router.post( '/folders/:folderId/documents', validateParams(folderIdSchema), upload.single('file'), serviceDocumentController.uploadDocument ); /** * GET /api/services/folders/:folderId/documents/:documentId/download - Download document */ router.get( '/folders/:folderId/documents/:documentId/download', validateParams(folderDocumentIdSchema), serviceDocumentController.downloadDocument ); /** * DELETE /api/services/folders/:folderId/documents/:documentId - Delete document (admin only) */ router.delete( '/folders/:folderId/documents/:documentId', requireAdmin, validateParams(folderDocumentIdSchema), serviceDocumentController.deleteDocument ); // ==================== SERVICES ==================== /** * GET /api/services - Get all services (all authenticated users) */ router.get('/', serviceController.getAllServices); /** * POST /api/services - Create new service (admin only) */ router.post( '/', requireAdmin, validateBody(createServiceSchema), serviceController.createService ); /** * GET /api/services/:serviceId - Get service by ID (all authenticated users) */ router.get( '/:serviceId', validateParams(serviceIdSchema), serviceController.getServiceById ); /** * PUT /api/services/:serviceId - Update service (admin only) */ router.put( '/:serviceId', requireAdmin, validateParams(serviceIdSchema), validateBody(updateServiceSchema), serviceController.updateService ); /** * DELETE /api/services/:serviceId - Delete service (admin only) */ router.delete( '/:serviceId', requireAdmin, validateParams(serviceIdSchema), serviceController.deleteService ); export default router;