diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js
index 1187112..8553517 100644
--- a/src/api/middlewares/authMiddleware.js
+++ b/src/api/middlewares/authMiddleware.js
@@ -1,5 +1,5 @@
import { validateJwtToken } from '#util/jwtUtils.js';
-import { DbUser } from '#db/schemas/index.js';
+import { DbUser, UserType } from '#db/schemas/index.js';
/**
* @param options {AuthValidationOptions}
@@ -15,6 +15,12 @@ export function validateAuth(options) {
const user = (req.user = await DbUser.findById(auth.id).exec());
+ // admin can do everything
+ if (user.type == UserType.ADMIN) {
+ next();
+ return;
+ }
+
if (options.roles && !options.roles.includes(user.type)) {
res.status(401).send('Unauthorized');
return;
diff --git a/src/api/routes/alarmRoutes.js b/src/api/routes/alarmRoutes.js
new file mode 100644
index 0000000..5170327
--- /dev/null
+++ b/src/api/routes/alarmRoutes.js
@@ -0,0 +1,41 @@
+import { validateAuth } from '#api/middlewares/index.js';
+import { UserType } from '#db/schemas/index.js';
+
+export const alarmByUserRoute = {
+ route: '/alarm/:id',
+ onGetValidation: validateAuth({ roles: [UserType.MONITOR] }),
+ async onGet(req, res) {
+ const user = await getUserById(req.query.id);
+ res.send(user.alarm);
+ },
+
+ onDeleteValidation: validateAuth({ roles: [UserType.MONITOR] }),
+ async onDelete(req, res) {
+ const user = await getUserById(req.query.id);
+ user.alarm = null;
+ await user.save();
+ res.status(204).send();
+ }
+};
+
+export const alarmRoute = {
+ onGetValidation: validateAuth({ roles: [UserType.USER] }),
+ async onGet(req, res) {
+ res.send(req.user.alarm);
+ },
+
+ route: '/alarm/@me',
+ onPutValidation: validateAuth({ roles: [UserType.USER] }),
+ async onPut(req, res) {
+ req.user.alarm = req.body;
+ await req.user.save();
+ res.status(204).send();
+ },
+
+ onDeleteValidation: validateAuth({ roles: [UserType.USER] }),
+ async onDelete(req, res) {
+ req.user.alarm = null;
+ await req.user.save();
+ res.status(204).send();
+ }
+};
diff --git a/src/api/routes/budgetRoutes.js b/src/api/routes/budgetRoutes.js
new file mode 100644
index 0000000..ed827e8
--- /dev/null
+++ b/src/api/routes/budgetRoutes.js
@@ -0,0 +1,20 @@
+import { validateAuth } from '#api/middlewares/index.js';
+import { UserType } from '#db/schemas/index.js';
+
+export const getBudgetByUserRoute = {
+ route: '/budget/:id',
+ onGetValidation: validateAuth({ roles: [UserType.MONITOR] }),
+ onGet(req, res) {}
+};
+
+export const addBudgetByUserRoute = {
+ route: '/budget/:id/add',
+ onGetValidation: validateAuth({ roles: [UserType.MONITOR] }),
+ onGet(req, res) {}
+};
+
+export const getBudgetRoute = {
+ route: '/budget/@me',
+ onGetValidation: validateAuth({ roles: [UserType.USER] }),
+ onGet(req, res) {}
+};
diff --git a/src/api/routes/index.js b/src/api/routes/index.js
index 745dd27..4feeb11 100644
--- a/src/api/routes/index.js
+++ b/src/api/routes/index.js
@@ -2,3 +2,5 @@ export * from './statusRoute.js';
export * from './indexRoute.js';
export * from './auth/index.js';
+export * from './budgetRoutes.js';
+export * from './alarmRoutes.js';
|
