101 lines
2.1 KiB
JavaScript
101 lines
2.1 KiB
JavaScript
const express = require('express');
|
|
const { prisma } = require('../config/database');
|
|
const { protect, authorize } = require('../middleware/auth');
|
|
const orderController = require('../controllers/orderController');
|
|
|
|
const router = express.Router();
|
|
|
|
// @desc Create new order
|
|
// @route POST /api/orders
|
|
// @access Private
|
|
router.post('/', protect, orderController.createOrder);
|
|
|
|
// @desc Get user orders
|
|
// @route GET /api/orders
|
|
// @access Private
|
|
router.get('/', protect, orderController.getUserOrders);
|
|
|
|
// @desc Get single order
|
|
// @route GET /api/orders/:id
|
|
// @access Private
|
|
router.get('/:id', protect, orderController.getOrderById);
|
|
|
|
// @desc Update order status (Admin only)
|
|
// @route PUT /api/orders/:id/status
|
|
// @access Private/Admin
|
|
router.put(
|
|
'/:id/status',
|
|
protect,
|
|
authorize('ADMIN'),
|
|
orderController.updateOrderStatus
|
|
);
|
|
|
|
// @desc Cancel order
|
|
// @route PUT /api/orders/:id/cancel
|
|
// @access Private
|
|
router.put('/:id/cancel', protect, orderController.cancelOrder);
|
|
|
|
// @desc Return order
|
|
// @route PUT /api/orders/:id/return
|
|
// @access Private
|
|
router.put('/:id/return', protect, orderController.returnOrder);
|
|
|
|
|
|
|
|
// @desc Get all orders (Admin only)
|
|
// @route GET /api/orders/admin/all
|
|
// @access Private/Admin
|
|
router.get(
|
|
'/admin/all',
|
|
protect,
|
|
authorize('ADMIN'),
|
|
orderController.getAllOrdersAdmin
|
|
);
|
|
|
|
// Admin approve/reject return
|
|
router.put(
|
|
'/:id/return/status',
|
|
protect,
|
|
authorize('ADMIN'),
|
|
orderController.updateReturnStatus
|
|
);
|
|
|
|
|
|
// Admin: list all return requests
|
|
// router.get(
|
|
// '/admin/returns',
|
|
// protect,
|
|
// authorize('ADMIN'),
|
|
// orderController.getReturnRequestsAdmin
|
|
// );
|
|
|
|
// Admin: list all return requests
|
|
router.get(
|
|
'/admin/returns',
|
|
protect,
|
|
authorize('ADMIN'),
|
|
orderController.getAdminReturnRequests
|
|
);
|
|
|
|
|
|
|
|
// Admin: list all returned products (approved/completed)
|
|
router.get(
|
|
'/admin/returns/list',
|
|
protect,
|
|
authorize('ADMIN'),
|
|
orderController.getReturnedProducts
|
|
);
|
|
|
|
|
|
// Get single return request details
|
|
router.get(
|
|
'/admin/returns/:id',
|
|
protect,
|
|
authorize('ADMIN'),
|
|
orderController.getReturnRequestById
|
|
);
|
|
|
|
|
|
module.exports = router;
|