65e5530a6a
- DB: status ENUM 확장 (review_sent, change_request) + reviewed_by/at, change_details - API: POST /review-send (일괄 확인요청), POST /review-respond (수정 승인/거부) - 작업자: pending=검토대기, review_sent=확인/수정요청, rejected=동의(재확인) - 관리자: 필터 탭 확장 + 확인요청 일괄 발송 버튼 - confirm 상태 전환 검증: pending→confirmed 차단 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
39 lines
1.3 KiB
JavaScript
39 lines
1.3 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const ctrl = require('../controllers/monthlyComparisonController');
|
|
const { createRequirePage } = require('../../../shared/middleware/pagePermission');
|
|
const { getDb } = require('../dbPool');
|
|
const requirePage = createRequirePage(getDb);
|
|
|
|
const ADMIN_ROLES = ['support_team', 'admin', 'system'];
|
|
function requireSupportTeam(req, res, next) {
|
|
const role = (req.user?.role || '').toLowerCase();
|
|
if (!ADMIN_ROLES.includes(role)) {
|
|
return res.status(403).json({ success: false, message: '지원팀 이상 권한이 필요합니다.' });
|
|
}
|
|
next();
|
|
}
|
|
|
|
// 본인 월간 비교
|
|
router.get('/my-records', ctrl.getMyRecords);
|
|
|
|
// 특정 작업자 비교 (내부에서 권한 체크)
|
|
router.get('/records', ctrl.getRecords);
|
|
|
|
// 확인/반려
|
|
router.post('/confirm', ctrl.confirm);
|
|
|
|
// 관리자: 확인요청 발송 (pending → review_sent)
|
|
router.post('/review-send', requireSupportTeam, ctrl.reviewSend);
|
|
|
|
// 관리자: 수정요청 응답 (change_request → review_sent 또는 rejected)
|
|
router.post('/review-respond', requireSupportTeam, ctrl.reviewRespond);
|
|
|
|
// 전체 현황 (support_team+)
|
|
router.get('/all-status', requireSupportTeam, ctrl.getAllStatus);
|
|
|
|
// 엑셀 다운로드 (support_team+)
|
|
router.get('/export', requireSupportTeam, ctrl.exportExcel);
|
|
|
|
module.exports = router;
|