const express = require('express');
const UserController = require('../controllers/users.controller');
const verifyToken = require('../middleware/verifyToken');
const verifyAccess = require('../middleware/verifyAccess');

const router = express.Router();

router.route('/')
    .get(verifyToken.verifyAccessToken, UserController.getAllUsers)
    .post(verifyToken.verifyAccessToken, verifyAccess(), UserController.createUser);

router.route('/:id')
    .get(verifyToken.verifyAccessToken, UserController.getUserById)
    .put(verifyToken.verifyAccessToken, verifyAccess(), UserController.updateUser)
    .delete(verifyToken.verifyAccessToken, verifyAccess(), UserController.deleteUser);

router.route('/change-password/:id')
    .put(verifyToken.verifyAccessToken, verifyAccess(), UserController.changePassword);

router.route('/:id/approve')
    .put(verifyToken.verifyAccessToken, verifyAccess(), UserController.approveUser);

module.exports = router;