1

tasks/tasks.routes.js

@@ -0,0 +1,30 @@
+const TasksController = require('./tasks.controller.js');
+const AuthTool = require('../authorization/auth.tool.js');
+const config = require('../config.js');
+
+const ADMIN = config.permissions.ADMIN; // Highest permission, can read and write all users
+const SERVER = config.permissions.SERVER; // Middle permission, can read all users
+const USER = config.permissions.USER; // Lowest permission, can only do things on same user
+
+exports.route = (app) => {
+  // Get all task configurations
+  app.get('/api/tasks', 
+    AuthTool.isValidJWT,
+    AuthTool.isPermissionLevel(SERVER), 
+    TasksController.getAllTasks
+  );
+
+  // Get player tasks
+  app.get('/api/tasks/:userId', 
+    AuthTool.isValidJWT,
+    AuthTool.isSameUserOr(SERVER),
+    TasksController.getPlayerTasks
+  );
+
+  // Save player tasks
+  app.post('/api/tasks/:userId', 
+    AuthTool.isValidJWT,
+    AuthTool.isSameUserOr(SERVER),
+    TasksController.savePlayerTasks
+  );
+};