// routes/toolsRoute.js
const express = require('express');
const router = express.Router();
const controller = require('../controllers/toolsController');
const { requireAuth, requireMinLevel } = require('../middlewares/auth');

// 읽기 작업: 인증된 사용자
router.get('/', requireAuth, controller.getAll);
router.get('/:id', requireAuth, controller.getById);

// 쓰기 작업: group_leader 이상 권한 필요
router.post('/', requireAuth, requireMinLevel('group_leader'), controller.create);
router.put('/:id', requireAuth, requireMinLevel('group_leader'), controller.update);
router.delete('/:id', requireAuth, requireMinLevel('admin'), controller.delete);

module.exports = router;