const express = require("express"); const router = express.Router(); const controller = require("../controllers/households.controller"); const listsController = require("../controllers/lists.controller.v2"); const availableItemsController = require("../controllers/available-items.controller"); const storesController = require("../controllers/stores.controller"); const auth = require("../middleware/auth"); const { householdAccess, locationAccess, requireHouseholdAdmin, storeAccess, } = require("../middleware/household"); const { upload, processImage } = require("../middleware/image"); // Public routes (authenticated only) router.get("/", auth, controller.getUserHouseholds); router.post("/", auth, controller.createHousehold); router.post("/join/:inviteCode", auth, controller.joinHousehold); // Household-scoped routes (member access required) router.get("/:householdId", auth, householdAccess, controller.getHousehold); router.patch( "/:householdId", auth, householdAccess, requireHouseholdAdmin, controller.updateHousehold ); router.delete( "/:householdId", auth, householdAccess, requireHouseholdAdmin, controller.deleteHousehold ); router.post( "/:householdId/invite/refresh", auth, householdAccess, requireHouseholdAdmin, controller.refreshInviteCode ); // Household-owned stores and locations router.get( "/:householdId/stores", auth, householdAccess, storesController.getHouseholdStores ); router.post( "/:householdId/stores", auth, householdAccess, requireHouseholdAdmin, storesController.createHouseholdStore ); router.patch( "/:householdId/stores/:householdStoreId", auth, householdAccess, requireHouseholdAdmin, storesController.updateHouseholdStore ); router.delete( "/:householdId/stores/:householdStoreId", auth, householdAccess, requireHouseholdAdmin, storesController.deleteHouseholdStore ); router.post( "/:householdId/stores/:householdStoreId/locations", auth, householdAccess, requireHouseholdAdmin, storesController.addLocationToStore ); router.patch( "/:householdId/locations/:locationId", auth, householdAccess, locationAccess, requireHouseholdAdmin, storesController.updateLocation ); router.delete( "/:householdId/locations/:locationId", auth, householdAccess, locationAccess, requireHouseholdAdmin, storesController.deleteLocation ); router.patch( "/:householdId/locations/:locationId/default", auth, householdAccess, locationAccess, requireHouseholdAdmin, storesController.setDefaultLocation ); router.get( "/:householdId/locations/:locationId/zones", auth, householdAccess, locationAccess, storesController.getLocationZones ); router.post( "/:householdId/locations/:locationId/zones", auth, householdAccess, locationAccess, requireHouseholdAdmin, storesController.createZone ); router.patch( "/:householdId/locations/:locationId/zones/:zoneId", auth, householdAccess, locationAccess, requireHouseholdAdmin, storesController.updateZone ); router.delete( "/:householdId/locations/:locationId/zones/:zoneId", auth, householdAccess, locationAccess, requireHouseholdAdmin, storesController.deleteZone ); router.get( "/:householdId/locations/:locationId/available-items", auth, householdAccess, locationAccess, availableItemsController.getAvailableItems ); router.post( "/:householdId/locations/:locationId/available-items", auth, householdAccess, locationAccess, upload.single("image"), processImage, availableItemsController.createAvailableItem ); router.patch( "/:householdId/locations/:locationId/available-items/:itemId", auth, householdAccess, locationAccess, upload.single("image"), processImage, availableItemsController.updateAvailableItem ); router.delete( "/:householdId/locations/:locationId/available-items/:itemId", auth, householdAccess, locationAccess, requireHouseholdAdmin, availableItemsController.deleteAvailableItem ); router.post( "/:householdId/locations/:locationId/available-items/import-current", auth, householdAccess, locationAccess, requireHouseholdAdmin, availableItemsController.importCurrentItems ); router.get( "/:householdId/stores/:storeId/available-items", auth, householdAccess, storeAccess, availableItemsController.getAvailableItems ); router.post( "/:householdId/stores/:storeId/available-items", auth, householdAccess, storeAccess, requireHouseholdAdmin, upload.single("image"), processImage, availableItemsController.createAvailableItem ); router.patch( "/:householdId/stores/:storeId/available-items/:itemId", auth, householdAccess, storeAccess, requireHouseholdAdmin, upload.single("image"), processImage, availableItemsController.updateAvailableItem ); router.delete( "/:householdId/stores/:storeId/available-items/:itemId", auth, householdAccess, storeAccess, requireHouseholdAdmin, availableItemsController.deleteAvailableItem ); router.post( "/:householdId/stores/:storeId/available-items/import-current", auth, householdAccess, storeAccess, requireHouseholdAdmin, availableItemsController.importCurrentItems ); // Member management routes router.get( "/:householdId/members", auth, householdAccess, controller.getMembers ); router.patch( "/:householdId/members/:userId/role", auth, householdAccess, requireHouseholdAdmin, controller.updateMemberRole ); router.delete( "/:householdId/members/:userId", auth, householdAccess, controller.removeMember ); // ==================== List Operations Routes ==================== // All list routes require household access AND store access // Get grocery list router.get( "/:householdId/locations/:locationId/list", auth, householdAccess, locationAccess, listsController.getList ); router.get( "/:householdId/locations/:locationId/list/item", auth, householdAccess, locationAccess, listsController.getItemByName ); router.post( "/:householdId/locations/:locationId/list/add", auth, householdAccess, locationAccess, upload.single("image"), processImage, listsController.addItem ); router.patch( "/:householdId/locations/:locationId/list/item", auth, householdAccess, locationAccess, listsController.markBought ); router.put( "/:householdId/locations/:locationId/list/item", auth, householdAccess, locationAccess, listsController.updateItem ); router.delete( "/:householdId/locations/:locationId/list/item", auth, householdAccess, locationAccess, listsController.deleteItem ); router.get( "/:householdId/locations/:locationId/list/suggestions", auth, householdAccess, locationAccess, listsController.getSuggestions ); router.get( "/:householdId/locations/:locationId/list/recent", auth, householdAccess, locationAccess, listsController.getRecentlyBought ); router.get( "/:householdId/locations/:locationId/list/classification", auth, householdAccess, locationAccess, listsController.getClassification ); router.post( "/:householdId/locations/:locationId/list/classification", auth, householdAccess, locationAccess, listsController.setClassification ); router.post( "/:householdId/locations/:locationId/list/update-image", auth, householdAccess, locationAccess, upload.single("image"), processImage, listsController.updateItemImage ); router.get( "/:householdId/stores/:storeId/list", auth, householdAccess, storeAccess, listsController.getList ); // Get specific item by name router.get( "/:householdId/stores/:storeId/list/item", auth, householdAccess, storeAccess, listsController.getItemByName ); // Add item to list router.post( "/:householdId/stores/:storeId/list/add", auth, householdAccess, storeAccess, upload.single("image"), processImage, listsController.addItem ); // Mark item as bought/unbought router.patch( "/:householdId/stores/:storeId/list/item", auth, householdAccess, storeAccess, listsController.markBought ); // Update item details (quantity, notes) router.put( "/:householdId/stores/:storeId/list/item", auth, householdAccess, storeAccess, listsController.updateItem ); // Delete item router.delete( "/:householdId/stores/:storeId/list/item", auth, householdAccess, storeAccess, listsController.deleteItem ); // Get suggestions router.get( "/:householdId/stores/:storeId/list/suggestions", auth, householdAccess, storeAccess, listsController.getSuggestions ); // Get recently bought items router.get( "/:householdId/stores/:storeId/list/recent", auth, householdAccess, storeAccess, listsController.getRecentlyBought ); // Get item classification router.get( "/:householdId/stores/:storeId/list/classification", auth, householdAccess, storeAccess, listsController.getClassification ); // Set item classification router.post( "/:householdId/stores/:storeId/list/classification", auth, householdAccess, storeAccess, listsController.setClassification ); // Update item image router.post( "/:householdId/stores/:storeId/list/update-image", auth, householdAccess, storeAccess, upload.single("image"), processImage, listsController.updateItemImage ); module.exports = router;