uldp-degree-mangement-system/routes/admin.js

const express = require("express");
const router = express.Router();
const { ensureAuthenticated } = require("../middleware/auth");
const dashboardController = require("../controllers/dashboardController");
const qualificationController = require("../controllers/qualificationController");
const certificateController = require("../controllers/certificateController");
const departmentController = require("../controllers/departmentController");
const levelController = require("../controllers/levelController");
const auditLogController = require("../controllers/auditLogController");
const { uploadDegree } = require("../middleware/upload");

// Dashboard
router.get("/dashboard", ensureAuthenticated, dashboardController.getDashboard);

// Qualification routes
router.get("/qualification", ensureAuthenticated, qualificationController.index);
router.get("/qualification/create", ensureAuthenticated, qualificationController.createForm);
router.post("/qualification/create", ensureAuthenticated, uploadDegree, qualificationController.create);
router.get("/qualification/:id/edit", ensureAuthenticated, qualificationController.editForm);
router.post("/qualification/:id/edit", ensureAuthenticated, uploadDegree, qualificationController.update);
router.post("/qualification/:id/delete", ensureAuthenticated, qualificationController.destroy);

// Certificate routes
router.get("/certificate", ensureAuthenticated, certificateController.index);
router.get("/certificate/create", ensureAuthenticated, certificateController.createForm);
router.post("/certificate/create", ensureAuthenticated, uploadDegree, certificateController.create);
router.get("/certificate/:id/edit", ensureAuthenticated, certificateController.editForm);
router.post("/certificate/:id/edit", ensureAuthenticated, uploadDegree, certificateController.update);
router.post("/certificate/:id/delete", ensureAuthenticated, certificateController.destroy);

// Department routes
router.get("/department", ensureAuthenticated, departmentController.index);
router.post("/department/create", ensureAuthenticated, departmentController.create);
router.post("/department/:id/edit", ensureAuthenticated, departmentController.update);
router.post("/department/:id/delete", ensureAuthenticated, departmentController.destroy);

// Level routes
router.get("/level", ensureAuthenticated, levelController.index);
router.post("/level/create", ensureAuthenticated, levelController.create);
router.post("/level/:id/edit", ensureAuthenticated, levelController.update);
router.post("/level/:id/delete", ensureAuthenticated, levelController.destroy);

// Audit Log routes
router.get("/audit-logs", ensureAuthenticated, auditLogController.index);
router.get("/audit-logs/:id", ensureAuthenticated, auditLogController.show);
router.get("/audit-logs-api", ensureAuthenticated, auditLogController.api);
router.post("/audit-logs/cleanup", ensureAuthenticated, auditLogController.cleanup);

// Protected file preview for admin (session-authenticated)
const path = require('path');
const fs = require('fs');
router.get("/files/:filename", ensureAuthenticated, (req, res) => {
  const filename = path.basename(req.params.filename);
  const filePath = path.join(__dirname, '../private/uploads/degree', filename);
  if (!fs.existsSync(filePath)) return res.status(404).send('File not found');
  res.sendFile(filePath);
});

module.exports = router;