/**
 * Department Routes
 */

const express = require('express');
const router = express.Router();
const departmentController = require('../controllers/departmentController');
const { requireAuth, requireAdminOrPermission } = require('../middleware/auth');

const deptPerm = requireAdminOrPermission('tkuser.departments');

router.get('/', requireAuth, departmentController.getAll);
router.get('/:id', requireAuth, departmentController.getById);
router.post('/', deptPerm, departmentController.create);
router.put('/:id', deptPerm, departmentController.update);
router.delete('/:id', deptPerm, departmentController.remove);

// 승인권한 (Approval Authority)
router.get('/:id/approval-authorities', requireAuth, departmentController.getApprovalAuthorities);
router.post('/:id/approval-authorities', deptPerm, departmentController.createApprovalAuthority);
router.delete('/:id/approval-authorities/:authId', deptPerm, departmentController.deleteApprovalAuthority);

module.exports = router;