import { Router } from 'express';
import atemschutzController from '../controllers/atemschutz.controller';
import { authenticate } from '../middleware/auth.middleware';
import { requireGroups } from '../middleware/rbac.middleware';

const ADMIN_GROUPS = ['dashboard_admin', 'dashboard_kommando', 'dashboard_atemschutz', 'dashboard_moderator'];
const WRITE_GROUPS = ['dashboard_admin', 'dashboard_kommando', 'dashboard_atemschutz', 'dashboard_moderator'];

const router = Router();

// ── Read-only (any authenticated user) ───────────────────────────────────────

router.get('/',           authenticate, atemschutzController.list.bind(atemschutzController));
router.get('/stats',      authenticate, atemschutzController.getStats.bind(atemschutzController));
router.get('/my-status',  authenticate, atemschutzController.getMyStatus.bind(atemschutzController));
router.get('/:id',        authenticate, atemschutzController.getOne.bind(atemschutzController));

// ── Write — admin + kommandant ───────────────────────────────────────────────

router.post('/',     authenticate, requireGroups(WRITE_GROUPS), atemschutzController.create.bind(atemschutzController));
router.patch('/:id', authenticate, requireGroups(WRITE_GROUPS), atemschutzController.update.bind(atemschutzController));

// ── Delete — admin only ──────────────────────────────────────────────────────

router.delete('/:id', authenticate, requireGroups(ADMIN_GROUPS), atemschutzController.delete.bind(atemschutzController));

export default router;