From 271777cad1ca8310bac5f8286599c2e9c0b2eb21 Mon Sep 17 00:00:00 2001 From: Dan Gowans Date: Thu, 20 Oct 2022 13:38:37 -0400 Subject: [PATCH] move admin permission check to app --- app.js | 9 +- app.ts | 10 +- handlers/permissions.js | 4 +- handlers/permissions.ts | 6 +- routes/admin.js | 113 ++++++++++--------- routes/admin.ts | 238 ++++++++++------------------------------ 6 files changed, 128 insertions(+), 252 deletions(-) diff --git a/app.js b/app.js index b4fe721d..1e6f0422 100644 --- a/app.js +++ b/app.js @@ -1,12 +1,13 @@ import createError from "http-errors"; import express from "express"; import compression from "compression"; -import path from "path"; +import path from "node:path"; import cookieParser from "cookie-parser"; import csurf from "csurf"; import rateLimit from "express-rate-limit"; import session from "express-session"; import FileStore from "session-file-store"; +import * as permissionHandlers from "./handlers/permissions.js"; import routerLogin from "./routes/login.js"; import routerDashboard from "./routes/dashboard.js"; import routerApi from "./routes/api.js"; @@ -24,9 +25,9 @@ import * as stringFns from "@cityssm/expressjs-server-js/stringFns.js"; import * as htmlFns from "@cityssm/expressjs-server-js/htmlFns.js"; import { version } from "./version.js"; import * as databaseInitializer from "./helpers/initializer.database.js"; -import debug from "debug"; import { apiGetHandler } from "./handlers/permissions.js"; import { getSafeRedirectURL } from "./helpers/functions.authentication.js"; +import debug from "debug"; const debugApp = debug("lot-occupancy-system:app"); databaseInitializer.initializeDatabase(); const __dirname = "."; @@ -73,7 +74,7 @@ const FileStoreSession = FileStore(session); app.use(session({ store: new FileStoreSession({ path: "./data/sessions", - logFn: debug("general-licence-manager:session"), + logFn: debug("lot-occupancy-system:session"), retries: 20 }), name: sessionCookieName, @@ -122,7 +123,7 @@ app.use(urlPrefix + "/lots", sessionChecker, routerLots); app.use(urlPrefix + "/lotOccupancies", sessionChecker, routerLotOccupancies); app.use(urlPrefix + "/workOrders", sessionChecker, routerWorkOrders); app.use(urlPrefix + "/reports", sessionChecker, routerReports); -app.use(urlPrefix + "/admin", sessionChecker, routerAdmin); +app.use(urlPrefix + "/admin", sessionChecker, permissionHandlers.adminGetHandler, routerAdmin); app.all(urlPrefix + "/keepAlive", (_request, response) => { response.json(true); }); diff --git a/app.ts b/app.ts index e3c5bd83..5588a06e 100644 --- a/app.ts +++ b/app.ts @@ -2,7 +2,7 @@ import createError from "http-errors"; import express from "express"; import compression from "compression"; -import path from "path"; +import path from "node:path"; import cookieParser from "cookie-parser"; import csurf from "csurf"; import rateLimit from "express-rate-limit"; @@ -10,6 +10,7 @@ import rateLimit from "express-rate-limit"; import session from "express-session"; import FileStore from "session-file-store"; +import * as permissionHandlers from "./handlers/permissions.js"; import routerLogin from "./routes/login.js"; import routerDashboard from "./routes/dashboard.js"; import routerApi from "./routes/api.js"; @@ -31,9 +32,10 @@ import { version } from "./version.js"; import * as databaseInitializer from "./helpers/initializer.database.js"; -import debug from "debug"; import { apiGetHandler } from "./handlers/permissions.js"; import { getSafeRedirectURL } from "./helpers/functions.authentication.js"; + +import debug from "debug"; const debugApp = debug("lot-occupancy-system:app"); /* @@ -144,7 +146,7 @@ app.use( session({ store: new FileStoreSession({ path: "./data/sessions", - logFn: debug("general-licence-manager:session"), + logFn: debug("lot-occupancy-system:session"), retries: 20 }), name: sessionCookieName, @@ -221,7 +223,7 @@ app.use(urlPrefix + "/lotOccupancies", sessionChecker, routerLotOccupancies); app.use(urlPrefix + "/workOrders", sessionChecker, routerWorkOrders); app.use(urlPrefix + "/reports", sessionChecker, routerReports); -app.use(urlPrefix + "/admin", sessionChecker, routerAdmin); +app.use(urlPrefix + "/admin", sessionChecker, permissionHandlers.adminGetHandler, routerAdmin); app.all(urlPrefix + "/keepAlive", (_request, response) => { response.json(true); diff --git a/handlers/permissions.js b/handlers/permissions.js index 2b727b9c..d68032d0 100644 --- a/handlers/permissions.js +++ b/handlers/permissions.js @@ -11,7 +11,7 @@ export const adminGetHandler = (request, response, next) => { if (userFunctions.userIsAdmin(request)) { return next(); } - return response.redirect(urlPrefix + "/dashboard"); + return response.redirect(urlPrefix + "/dashboard/?error=accessDenied"); }; export const adminPostHandler = (request, response, next) => { if (userFunctions.userIsAdmin(request)) { @@ -23,7 +23,7 @@ export const updateGetHandler = (request, response, next) => { if (userFunctions.userCanUpdate(request)) { return next(); } - return response.redirect(urlPrefix + "/dashboard"); + return response.redirect(urlPrefix + "/dashboard/?error=accessDenied"); }; export const updatePostHandler = (request, response, next) => { if (userFunctions.userCanUpdate(request)) { diff --git a/handlers/permissions.ts b/handlers/permissions.ts index 2383c6ac..b6c189fc 100644 --- a/handlers/permissions.ts +++ b/handlers/permissions.ts @@ -18,7 +18,7 @@ export const adminGetHandler: RequestHandler = (request, response, next) => { return next(); } - return response.redirect(urlPrefix + "/dashboard"); + return response.redirect(urlPrefix + "/dashboard/?error=accessDenied"); }; export const adminPostHandler: RequestHandler = (request, response, next) => { @@ -34,7 +34,7 @@ export const updateGetHandler: RequestHandler = (request, response, next) => { return next(); } - return response.redirect(urlPrefix + "/dashboard"); + return response.redirect(urlPrefix + "/dashboard/?error=accessDenied"); }; export const updatePostHandler: RequestHandler = (request, response, next) => { @@ -51,4 +51,4 @@ export const apiGetHandler: RequestHandler = async (request, response, next) => } return response.redirect(urlPrefix + "/login"); -}; \ No newline at end of file +}; diff --git a/routes/admin.js b/routes/admin.js index 3557d9ce..80c77e35 100644 --- a/routes/admin.js +++ b/routes/admin.js @@ -1,5 +1,4 @@ import { Router } from "express"; -import * as permissionHandlers from "../handlers/permissions.js"; import handler_fees from "../handlers/admin-get/fees.js"; import handler_doAddFeeCategory from "../handlers/admin-post/doAddFeeCategory.js"; import handler_doUpdateFeeCategory from "../handlers/admin-post/doUpdateFeeCategory.js"; @@ -57,60 +56,60 @@ import handler_doDeleteLotOccupantType from "../handlers/admin-post/doDeleteLotO import handler_cleanup from "../handlers/admin-get/cleanup.js"; import handler_doCleanupDatabase from "../handlers/admin-post/doCleanupDatabase.js"; export const router = Router(); -router.get("/fees", permissionHandlers.adminGetHandler, handler_fees); -router.post("/doAddFeeCategory", permissionHandlers.adminPostHandler, handler_doAddFeeCategory); -router.post("/doUpdateFeeCategory", permissionHandlers.adminPostHandler, handler_doUpdateFeeCategory); -router.post("/doMoveFeeCategoryUp", permissionHandlers.adminPostHandler, handler_doMoveFeeCategoryUp); -router.post("/doMoveFeeCategoryDown", permissionHandlers.adminPostHandler, handler_doMoveFeeCategoryDown); -router.post("/doDeleteFeeCategory", permissionHandlers.adminPostHandler, handler_doDeleteFeeCategory); -router.post("/doAddFee", permissionHandlers.adminPostHandler, handler_doAddFee); -router.post("/doUpdateFee", permissionHandlers.adminPostHandler, handler_doUpdateFee); -router.post("/doMoveFeeUp", permissionHandlers.adminPostHandler, handler_doMoveFeeUp); -router.post("/doMoveFeeDown", permissionHandlers.adminPostHandler, handler_doMoveFeeDown); -router.post("/doDeleteFee", permissionHandlers.adminPostHandler, handler_doDeleteFee); -router.get("/occupancyTypes", permissionHandlers.adminGetHandler, handler_occupancyTypes); -router.post("/doAddOccupancyType", permissionHandlers.adminPostHandler, handler_doAddOccupancyType); -router.post("/doUpdateOccupancyType", permissionHandlers.adminPostHandler, handler_doUpdateOccupancyType); -router.post("/doMoveOccupancyTypeUp", permissionHandlers.adminPostHandler, handler_doMoveOccupancyTypeUp); -router.post("/doMoveOccupancyTypeDown", permissionHandlers.adminPostHandler, handler_doMoveOccupancyTypeDown); -router.post("/doDeleteOccupancyType", permissionHandlers.adminPostHandler, handler_doDeleteOccupancyType); -router.post("/doAddOccupancyTypeField", permissionHandlers.adminPostHandler, handler_doAddOccupancyTypeField); -router.post("/doUpdateOccupancyTypeField", permissionHandlers.adminPostHandler, handler_doUpdateOccupancyTypeField); -router.post("/doMoveOccupancyTypeFieldUp", permissionHandlers.adminPostHandler, handler_doMoveOccupancyTypeFieldUp); -router.post("/doMoveOccupancyTypeFieldDown", permissionHandlers.adminPostHandler, handler_doMoveOccupancyTypeFieldDown); -router.post("/doDeleteOccupancyTypeField", permissionHandlers.adminPostHandler, handler_doDeleteOccupancyTypeField); -router.get("/lotTypes", permissionHandlers.adminGetHandler, handler_lotTypes); -router.post("/doAddLotType", permissionHandlers.adminPostHandler, handler_doAddLotType); -router.post("/doUpdateLotType", permissionHandlers.adminPostHandler, handler_doUpdateLotType); -router.post("/doMoveLotTypeUp", permissionHandlers.adminPostHandler, handler_doMoveLotTypeUp); -router.post("/doMoveLotTypeDown", permissionHandlers.adminPostHandler, handler_doMoveLotTypeDown); -router.post("/doDeleteLotType", permissionHandlers.adminPostHandler, handler_doDeleteLotType); -router.post("/doAddLotTypeField", permissionHandlers.adminPostHandler, handler_doAddLotTypeField); -router.post("/doUpdateLotTypeField", permissionHandlers.adminPostHandler, handler_doUpdateLotTypeField); -router.post("/doMoveLotTypeFieldUp", permissionHandlers.adminPostHandler, handler_doMoveLotTypeFieldUp); -router.post("/doMoveLotTypeFieldDown", permissionHandlers.adminPostHandler, handler_doMoveLotTypeFieldDown); -router.post("/doDeleteLotTypeField", permissionHandlers.adminPostHandler, handler_doDeleteLotTypeField); -router.get("/tables", permissionHandlers.adminGetHandler, handler_tables); -router.post("/doAddWorkOrderType", permissionHandlers.adminPostHandler, handler_doAddWorkOrderType); -router.post("/doUpdateWorkOrderType", permissionHandlers.adminPostHandler, handler_doUpdateWorkOrderType); -router.post("/doMoveWorkOrderTypeUp", permissionHandlers.adminPostHandler, handler_doMoveWorkOrderTypeUp); -router.post("/doMoveWorkOrderTypeDown", permissionHandlers.adminPostHandler, handler_doMoveWorkOrderTypeDown); -router.post("/doDeleteWorkOrderType", permissionHandlers.adminPostHandler, handler_doDeleteWorkOrderType); -router.post("/doAddWorkOrderMilestoneType", permissionHandlers.adminPostHandler, handler_doAddWorkOrderMilestoneType); -router.post("/doUpdateWorkOrderMilestoneType", permissionHandlers.adminPostHandler, handler_doUpdateWorkOrderMilestoneType); -router.post("/doMoveWorkOrderMilestoneTypeUp", permissionHandlers.adminPostHandler, handler_doMoveWorkOrderMilestoneTypeUp); -router.post("/doMoveWorkOrderMilestoneTypeDown", permissionHandlers.adminPostHandler, handler_doMoveWorkOrderMilestoneTypeDown); -router.post("/doDeleteWorkOrderMilestoneType", permissionHandlers.adminPostHandler, handler_doDeleteWorkOrderMilestoneType); -router.post("/doAddLotStatus", permissionHandlers.adminPostHandler, handler_doAddLotStatus); -router.post("/doUpdateLotStatus", permissionHandlers.adminPostHandler, handler_doUpdateLotStatus); -router.post("/doMoveLotStatusUp", permissionHandlers.adminPostHandler, handler_doMoveLotStatusUp); -router.post("/doMoveLotStatusDown", permissionHandlers.adminPostHandler, handler_doMoveLotStatusDown); -router.post("/doDeleteLotStatus", permissionHandlers.adminPostHandler, handler_doDeleteLotStatus); -router.post("/doAddLotOccupantType", permissionHandlers.adminPostHandler, handler_doAddLotOccupantType); -router.post("/doUpdateLotOccupantType", permissionHandlers.adminPostHandler, handler_doUpdateLotOccupantType); -router.post("/doMoveLotOccupantTypeUp", permissionHandlers.adminPostHandler, handler_doMoveLotOccupantTypeUp); -router.post("/doMoveLotOccupantTypeDown", permissionHandlers.adminPostHandler, handler_doMoveLotOccupantTypeDown); -router.post("/doDeleteLotOccupantType", permissionHandlers.adminPostHandler, handler_doDeleteLotOccupantType); -router.get("/cleanup", permissionHandlers.adminGetHandler, handler_cleanup); -router.post("/doCleanupDatabase", permissionHandlers.adminPostHandler, handler_doCleanupDatabase); +router.get("/fees", handler_fees); +router.post("/doAddFeeCategory", handler_doAddFeeCategory); +router.post("/doUpdateFeeCategory", handler_doUpdateFeeCategory); +router.post("/doMoveFeeCategoryUp", handler_doMoveFeeCategoryUp); +router.post("/doMoveFeeCategoryDown", handler_doMoveFeeCategoryDown); +router.post("/doDeleteFeeCategory", handler_doDeleteFeeCategory); +router.post("/doAddFee", handler_doAddFee); +router.post("/doUpdateFee", handler_doUpdateFee); +router.post("/doMoveFeeUp", handler_doMoveFeeUp); +router.post("/doMoveFeeDown", handler_doMoveFeeDown); +router.post("/doDeleteFee", handler_doDeleteFee); +router.get("/occupancyTypes", handler_occupancyTypes); +router.post("/doAddOccupancyType", handler_doAddOccupancyType); +router.post("/doUpdateOccupancyType", handler_doUpdateOccupancyType); +router.post("/doMoveOccupancyTypeUp", handler_doMoveOccupancyTypeUp); +router.post("/doMoveOccupancyTypeDown", handler_doMoveOccupancyTypeDown); +router.post("/doDeleteOccupancyType", handler_doDeleteOccupancyType); +router.post("/doAddOccupancyTypeField", handler_doAddOccupancyTypeField); +router.post("/doUpdateOccupancyTypeField", handler_doUpdateOccupancyTypeField); +router.post("/doMoveOccupancyTypeFieldUp", handler_doMoveOccupancyTypeFieldUp); +router.post("/doMoveOccupancyTypeFieldDown", handler_doMoveOccupancyTypeFieldDown); +router.post("/doDeleteOccupancyTypeField", handler_doDeleteOccupancyTypeField); +router.get("/lotTypes", handler_lotTypes); +router.post("/doAddLotType", handler_doAddLotType); +router.post("/doUpdateLotType", handler_doUpdateLotType); +router.post("/doMoveLotTypeUp", handler_doMoveLotTypeUp); +router.post("/doMoveLotTypeDown", handler_doMoveLotTypeDown); +router.post("/doDeleteLotType", handler_doDeleteLotType); +router.post("/doAddLotTypeField", handler_doAddLotTypeField); +router.post("/doUpdateLotTypeField", handler_doUpdateLotTypeField); +router.post("/doMoveLotTypeFieldUp", handler_doMoveLotTypeFieldUp); +router.post("/doMoveLotTypeFieldDown", handler_doMoveLotTypeFieldDown); +router.post("/doDeleteLotTypeField", handler_doDeleteLotTypeField); +router.get("/tables", handler_tables); +router.post("/doAddWorkOrderType", handler_doAddWorkOrderType); +router.post("/doUpdateWorkOrderType", handler_doUpdateWorkOrderType); +router.post("/doMoveWorkOrderTypeUp", handler_doMoveWorkOrderTypeUp); +router.post("/doMoveWorkOrderTypeDown", handler_doMoveWorkOrderTypeDown); +router.post("/doDeleteWorkOrderType", handler_doDeleteWorkOrderType); +router.post("/doAddWorkOrderMilestoneType", handler_doAddWorkOrderMilestoneType); +router.post("/doUpdateWorkOrderMilestoneType", handler_doUpdateWorkOrderMilestoneType); +router.post("/doMoveWorkOrderMilestoneTypeUp", handler_doMoveWorkOrderMilestoneTypeUp); +router.post("/doMoveWorkOrderMilestoneTypeDown", handler_doMoveWorkOrderMilestoneTypeDown); +router.post("/doDeleteWorkOrderMilestoneType", handler_doDeleteWorkOrderMilestoneType); +router.post("/doAddLotStatus", handler_doAddLotStatus); +router.post("/doUpdateLotStatus", handler_doUpdateLotStatus); +router.post("/doMoveLotStatusUp", handler_doMoveLotStatusUp); +router.post("/doMoveLotStatusDown", handler_doMoveLotStatusDown); +router.post("/doDeleteLotStatus", handler_doDeleteLotStatus); +router.post("/doAddLotOccupantType", handler_doAddLotOccupantType); +router.post("/doUpdateLotOccupantType", handler_doUpdateLotOccupantType); +router.post("/doMoveLotOccupantTypeUp", handler_doMoveLotOccupantTypeUp); +router.post("/doMoveLotOccupantTypeDown", handler_doMoveLotOccupantTypeDown); +router.post("/doDeleteLotOccupantType", handler_doDeleteLotOccupantType); +router.get("/cleanup", handler_cleanup); +router.post("/doCleanupDatabase", handler_doCleanupDatabase); export default router; diff --git a/routes/admin.ts b/routes/admin.ts index 63f2cb48..0c421115 100644 --- a/routes/admin.ts +++ b/routes/admin.ts @@ -1,7 +1,5 @@ import { Router } from "express"; -import * as permissionHandlers from "../handlers/permissions.js"; - // Fee Management import handler_fees from "../handlers/admin-get/fees.js"; @@ -89,269 +87,145 @@ export const router = Router(); * Fees */ -router.get("/fees", permissionHandlers.adminGetHandler, handler_fees); +router.get("/fees", handler_fees); -router.post("/doAddFeeCategory", permissionHandlers.adminPostHandler, handler_doAddFeeCategory); +router.post("/doAddFeeCategory", handler_doAddFeeCategory); -router.post( - "/doUpdateFeeCategory", - permissionHandlers.adminPostHandler, - handler_doUpdateFeeCategory -); +router.post("/doUpdateFeeCategory", handler_doUpdateFeeCategory); -router.post( - "/doMoveFeeCategoryUp", - permissionHandlers.adminPostHandler, - handler_doMoveFeeCategoryUp -); +router.post("/doMoveFeeCategoryUp", handler_doMoveFeeCategoryUp); -router.post( - "/doMoveFeeCategoryDown", - permissionHandlers.adminPostHandler, - handler_doMoveFeeCategoryDown -); +router.post("/doMoveFeeCategoryDown", handler_doMoveFeeCategoryDown); -router.post( - "/doDeleteFeeCategory", - permissionHandlers.adminPostHandler, - handler_doDeleteFeeCategory -); +router.post("/doDeleteFeeCategory", handler_doDeleteFeeCategory); -router.post("/doAddFee", permissionHandlers.adminPostHandler, handler_doAddFee); +router.post("/doAddFee", handler_doAddFee); -router.post("/doUpdateFee", permissionHandlers.adminPostHandler, handler_doUpdateFee); +router.post("/doUpdateFee", handler_doUpdateFee); -router.post("/doMoveFeeUp", permissionHandlers.adminPostHandler, handler_doMoveFeeUp); +router.post("/doMoveFeeUp", handler_doMoveFeeUp); -router.post("/doMoveFeeDown", permissionHandlers.adminPostHandler, handler_doMoveFeeDown); +router.post("/doMoveFeeDown", handler_doMoveFeeDown); -router.post("/doDeleteFee", permissionHandlers.adminPostHandler, handler_doDeleteFee); +router.post("/doDeleteFee", handler_doDeleteFee); /* * Occupancy Type Management */ -router.get("/occupancyTypes", permissionHandlers.adminGetHandler, handler_occupancyTypes); +router.get("/occupancyTypes", handler_occupancyTypes); -router.post("/doAddOccupancyType", permissionHandlers.adminPostHandler, handler_doAddOccupancyType); +router.post("/doAddOccupancyType", handler_doAddOccupancyType); -router.post( - "/doUpdateOccupancyType", - permissionHandlers.adminPostHandler, - handler_doUpdateOccupancyType -); +router.post("/doUpdateOccupancyType", handler_doUpdateOccupancyType); -router.post( - "/doMoveOccupancyTypeUp", - permissionHandlers.adminPostHandler, - handler_doMoveOccupancyTypeUp -); +router.post("/doMoveOccupancyTypeUp", handler_doMoveOccupancyTypeUp); -router.post( - "/doMoveOccupancyTypeDown", - permissionHandlers.adminPostHandler, - handler_doMoveOccupancyTypeDown -); +router.post("/doMoveOccupancyTypeDown", handler_doMoveOccupancyTypeDown); -router.post( - "/doDeleteOccupancyType", - permissionHandlers.adminPostHandler, - handler_doDeleteOccupancyType -); +router.post("/doDeleteOccupancyType", handler_doDeleteOccupancyType); // Occupancy Type Fields -router.post( - "/doAddOccupancyTypeField", - permissionHandlers.adminPostHandler, - handler_doAddOccupancyTypeField -); +router.post("/doAddOccupancyTypeField", handler_doAddOccupancyTypeField); -router.post( - "/doUpdateOccupancyTypeField", - permissionHandlers.adminPostHandler, - handler_doUpdateOccupancyTypeField -); +router.post("/doUpdateOccupancyTypeField", handler_doUpdateOccupancyTypeField); -router.post( - "/doMoveOccupancyTypeFieldUp", - permissionHandlers.adminPostHandler, - handler_doMoveOccupancyTypeFieldUp -); +router.post("/doMoveOccupancyTypeFieldUp", handler_doMoveOccupancyTypeFieldUp); -router.post( - "/doMoveOccupancyTypeFieldDown", - permissionHandlers.adminPostHandler, - handler_doMoveOccupancyTypeFieldDown -); +router.post("/doMoveOccupancyTypeFieldDown", handler_doMoveOccupancyTypeFieldDown); -router.post( - "/doDeleteOccupancyTypeField", - permissionHandlers.adminPostHandler, - handler_doDeleteOccupancyTypeField -); +router.post("/doDeleteOccupancyTypeField", handler_doDeleteOccupancyTypeField); /* * Lot Type Management */ -router.get("/lotTypes", permissionHandlers.adminGetHandler, handler_lotTypes); +router.get("/lotTypes", handler_lotTypes); -router.post("/doAddLotType", permissionHandlers.adminPostHandler, handler_doAddLotType); +router.post("/doAddLotType", handler_doAddLotType); -router.post("/doUpdateLotType", permissionHandlers.adminPostHandler, handler_doUpdateLotType); +router.post("/doUpdateLotType", handler_doUpdateLotType); -router.post("/doMoveLotTypeUp", permissionHandlers.adminPostHandler, handler_doMoveLotTypeUp); +router.post("/doMoveLotTypeUp", handler_doMoveLotTypeUp); -router.post("/doMoveLotTypeDown", permissionHandlers.adminPostHandler, handler_doMoveLotTypeDown); +router.post("/doMoveLotTypeDown", handler_doMoveLotTypeDown); -router.post("/doDeleteLotType", permissionHandlers.adminPostHandler, handler_doDeleteLotType); +router.post("/doDeleteLotType", handler_doDeleteLotType); // Lot Type Fields -router.post("/doAddLotTypeField", permissionHandlers.adminPostHandler, handler_doAddLotTypeField); +router.post("/doAddLotTypeField", handler_doAddLotTypeField); -router.post( - "/doUpdateLotTypeField", - permissionHandlers.adminPostHandler, - handler_doUpdateLotTypeField -); +router.post("/doUpdateLotTypeField", handler_doUpdateLotTypeField); -router.post( - "/doMoveLotTypeFieldUp", - permissionHandlers.adminPostHandler, - handler_doMoveLotTypeFieldUp -); +router.post("/doMoveLotTypeFieldUp", handler_doMoveLotTypeFieldUp); -router.post( - "/doMoveLotTypeFieldDown", - permissionHandlers.adminPostHandler, - handler_doMoveLotTypeFieldDown -); +router.post("/doMoveLotTypeFieldDown", handler_doMoveLotTypeFieldDown); -router.post( - "/doDeleteLotTypeField", - permissionHandlers.adminPostHandler, - handler_doDeleteLotTypeField -); +router.post("/doDeleteLotTypeField", handler_doDeleteLotTypeField); /* * Config Tables */ -router.get("/tables", permissionHandlers.adminGetHandler, handler_tables); +router.get("/tables", handler_tables); // Config Tables - Work Order Types -router.post("/doAddWorkOrderType", permissionHandlers.adminPostHandler, handler_doAddWorkOrderType); +router.post("/doAddWorkOrderType", handler_doAddWorkOrderType); -router.post( - "/doUpdateWorkOrderType", - permissionHandlers.adminPostHandler, - handler_doUpdateWorkOrderType -); +router.post("/doUpdateWorkOrderType", handler_doUpdateWorkOrderType); -router.post( - "/doMoveWorkOrderTypeUp", - permissionHandlers.adminPostHandler, - handler_doMoveWorkOrderTypeUp -); +router.post("/doMoveWorkOrderTypeUp", handler_doMoveWorkOrderTypeUp); -router.post( - "/doMoveWorkOrderTypeDown", - permissionHandlers.adminPostHandler, - handler_doMoveWorkOrderTypeDown -); +router.post("/doMoveWorkOrderTypeDown", handler_doMoveWorkOrderTypeDown); -router.post( - "/doDeleteWorkOrderType", - permissionHandlers.adminPostHandler, - handler_doDeleteWorkOrderType -); +router.post("/doDeleteWorkOrderType", handler_doDeleteWorkOrderType); // Config Tables - Work Order Milestone Types router.post( "/doAddWorkOrderMilestoneType", - permissionHandlers.adminPostHandler, + handler_doAddWorkOrderMilestoneType ); -router.post( - "/doUpdateWorkOrderMilestoneType", - permissionHandlers.adminPostHandler, - handler_doUpdateWorkOrderMilestoneType -); +router.post("/doUpdateWorkOrderMilestoneType", handler_doUpdateWorkOrderMilestoneType); -router.post( - "/doMoveWorkOrderMilestoneTypeUp", - permissionHandlers.adminPostHandler, - handler_doMoveWorkOrderMilestoneTypeUp -); +router.post("/doMoveWorkOrderMilestoneTypeUp", handler_doMoveWorkOrderMilestoneTypeUp); -router.post( - "/doMoveWorkOrderMilestoneTypeDown", - permissionHandlers.adminPostHandler, - handler_doMoveWorkOrderMilestoneTypeDown -); +router.post("/doMoveWorkOrderMilestoneTypeDown", handler_doMoveWorkOrderMilestoneTypeDown); -router.post( - "/doDeleteWorkOrderMilestoneType", - permissionHandlers.adminPostHandler, - handler_doDeleteWorkOrderMilestoneType -); +router.post("/doDeleteWorkOrderMilestoneType", handler_doDeleteWorkOrderMilestoneType); // Config Tables - Lot Statuses -router.post("/doAddLotStatus", permissionHandlers.adminPostHandler, handler_doAddLotStatus); +router.post("/doAddLotStatus", handler_doAddLotStatus); -router.post("/doUpdateLotStatus", permissionHandlers.adminPostHandler, handler_doUpdateLotStatus); +router.post("/doUpdateLotStatus", handler_doUpdateLotStatus); -router.post("/doMoveLotStatusUp", permissionHandlers.adminPostHandler, handler_doMoveLotStatusUp); +router.post("/doMoveLotStatusUp", handler_doMoveLotStatusUp); -router.post( - "/doMoveLotStatusDown", - permissionHandlers.adminPostHandler, - handler_doMoveLotStatusDown -); +router.post("/doMoveLotStatusDown", handler_doMoveLotStatusDown); -router.post("/doDeleteLotStatus", permissionHandlers.adminPostHandler, handler_doDeleteLotStatus); +router.post("/doDeleteLotStatus", handler_doDeleteLotStatus); // Config Tables - Lot Occupant Types -router.post( - "/doAddLotOccupantType", - permissionHandlers.adminPostHandler, - handler_doAddLotOccupantType -); +router.post("/doAddLotOccupantType", handler_doAddLotOccupantType); -router.post( - "/doUpdateLotOccupantType", - permissionHandlers.adminPostHandler, - handler_doUpdateLotOccupantType -); +router.post("/doUpdateLotOccupantType", handler_doUpdateLotOccupantType); -router.post( - "/doMoveLotOccupantTypeUp", - permissionHandlers.adminPostHandler, - handler_doMoveLotOccupantTypeUp -); +router.post("/doMoveLotOccupantTypeUp", handler_doMoveLotOccupantTypeUp); -router.post( - "/doMoveLotOccupantTypeDown", - permissionHandlers.adminPostHandler, - handler_doMoveLotOccupantTypeDown -); +router.post("/doMoveLotOccupantTypeDown", handler_doMoveLotOccupantTypeDown); -router.post( - "/doDeleteLotOccupantType", - permissionHandlers.adminPostHandler, - handler_doDeleteLotOccupantType -); +router.post("/doDeleteLotOccupantType", handler_doDeleteLotOccupantType); // Cleanup -router.get("/cleanup", permissionHandlers.adminGetHandler, handler_cleanup); +router.get("/cleanup", handler_cleanup); -router.post("/doCleanupDatabase", permissionHandlers.adminPostHandler, handler_doCleanupDatabase); +router.post("/doCleanupDatabase", handler_doCleanupDatabase); export default router;