25 lines
1.6 KiB
TypeScript
25 lines
1.6 KiB
TypeScript
import { Router } from 'express';
|
|
import atemschutzController from '../controllers/atemschutz.controller';
|
|
import { authenticate } from '../middleware/auth.middleware';
|
|
import { requirePermission } from '../middleware/rbac.middleware';
|
|
|
|
const router = Router();
|
|
|
|
// ── Read-only (any authenticated user) ───────────────────────────────────────
|
|
|
|
router.get('/', authenticate, atemschutzController.list.bind(atemschutzController));
|
|
router.get('/stats', authenticate, atemschutzController.getStats.bind(atemschutzController));
|
|
router.get('/my-status', authenticate, atemschutzController.getMyStatus.bind(atemschutzController));
|
|
router.get('/:id', authenticate, atemschutzController.getOne.bind(atemschutzController));
|
|
|
|
// ── Write — gruppenfuehrer+ ─────────────────────────────────────────────────
|
|
|
|
router.post('/', authenticate, requirePermission('atemschutz:write'), atemschutzController.create.bind(atemschutzController));
|
|
router.patch('/:id', authenticate, requirePermission('atemschutz:write'), atemschutzController.update.bind(atemschutzController));
|
|
|
|
// ── Delete — kommandant+ ────────────────────────────────────────────────────
|
|
|
|
router.delete('/:id', authenticate, requirePermission('atemschutz:delete'), atemschutzController.delete.bind(atemschutzController));
|
|
|
|
export default router;
|