33 lines
2.8 KiB
TypeScript
33 lines
2.8 KiB
TypeScript
import { Router } from 'express';
|
|
import equipmentController from '../controllers/equipment.controller';
|
|
import { authenticate } from '../middleware/auth.middleware';
|
|
import { requirePermission } from '../middleware/rbac.middleware';
|
|
import { uploadWartung } from '../middleware/upload';
|
|
|
|
const router = Router();
|
|
|
|
// ── Read-only (any authenticated user) ───────────────────────────────────────
|
|
|
|
router.get('/', authenticate, requirePermission('ausruestung:view'), equipmentController.listEquipment.bind(equipmentController));
|
|
router.get('/stats', authenticate, requirePermission('ausruestung:view'), equipmentController.getStats.bind(equipmentController));
|
|
router.get('/alerts', authenticate, requirePermission('ausruestung:view'), equipmentController.getAlerts.bind(equipmentController));
|
|
router.get('/categories', authenticate, requirePermission('ausruestung:view'), equipmentController.getCategories.bind(equipmentController));
|
|
router.get('/vehicle-warnings', authenticate, equipmentController.getVehicleWarnings.bind(equipmentController));
|
|
router.get('/vehicle/:fahrzeugId', authenticate, equipmentController.getByVehicle.bind(equipmentController));
|
|
router.get('/:id', authenticate, equipmentController.getEquipment.bind(equipmentController));
|
|
router.get('/:id/status-history', authenticate, equipmentController.getStatusHistory.bind(equipmentController));
|
|
|
|
// ── Write — gruppenfuehrer+ ────────────────────────────────────────────────
|
|
|
|
router.post('/', authenticate, requirePermission('ausruestung:create'), equipmentController.createEquipment.bind(equipmentController));
|
|
router.patch('/:id', authenticate, requirePermission('ausruestung:create'), equipmentController.updateEquipment.bind(equipmentController));
|
|
router.patch('/:id/status', authenticate, requirePermission('ausruestung:create'), equipmentController.updateStatus.bind(equipmentController));
|
|
router.post('/:id/wartung', authenticate, requirePermission('ausruestung:manage_maintenance'), equipmentController.addWartung.bind(equipmentController));
|
|
router.post('/wartung/:wartungId/upload', authenticate, requirePermission('ausruestung:manage_maintenance'), uploadWartung.single('datei'), equipmentController.uploadWartungFile.bind(equipmentController));
|
|
|
|
// ── Delete — admin only ──────────────────────────────────────────────────────
|
|
|
|
router.delete('/:id', authenticate, requirePermission('ausruestung:delete'), equipmentController.deleteEquipment.bind(equipmentController));
|
|
|
|
export default router;
|