const TasksController = require('./tasks.controller.js');
const AuthTool = require('../authorization/auth.tool.js');
const config = require('../config.js');

const ADMIN = config.permissions.ADMIN; // Highest permission, can read and write all users
const SERVER = config.permissions.SERVER; // Middle permission, can read all users
const USER = config.permissions.USER; // Lowest permission, can only do things on same user

exports.route = (app) => {
  // Get all task configurations
  app.get('/api/tasks', 
    AuthTool.isValidJWT,
    AuthTool.isPermissionLevel(SERVER), 
    TasksController.getAllTasks
  );

  // Get player tasks
  app.get('/api/tasks/:userId', 
    AuthTool.isValidJWT,
    AuthTool.isSameUserOr(SERVER),
    TasksController.getPlayerTasks
  );

  // Save player tasks
  app.post('/api/tasks/:userId', 
    AuthTool.isValidJWT,
    AuthTool.isSameUserOr(SERVER),
    TasksController.savePlayerTasks
  );
};