/** * 员工路由 * @file employees.js * @description 员工相关的路由定义 */ const express = require('express'); const { body } = require('express-validator'); const { authMiddleware, roleMiddleware, adminMiddleware, managerMiddleware } = require('../middleware/auth'); const employeeController = require('../controllers/employeeController'); const router = express.Router(); // 所有路由都需要认证 router.use(authMiddleware); /** * @swagger * tags: * name: Employees * description: 员工管理 */ /** * @swagger * /api/employees: * get: * summary: 获取员工列表 * tags: [Employees] * security: * - bearerAuth: [] * parameters: * - in: query * name: page * schema: * type: integer * description: 页码 * - in: query * name: limit * schema: * type: integer * description: 每页数量 * - in: query * name: search * schema: * type: string * description: 搜索关键词 * - in: query * name: department * schema: * type: string * description: 部门筛选 * - in: query * name: position * schema: * type: string * description: 职位筛选 * - in: query * name: status * schema: * type: string * enum: [active, inactive, resigned] * description: 状态筛选 * responses: * 200: * description: 获取成功 * content: * application/json: * schema: * type: object * properties: * success: * type: boolean * message: * type: string * data: * type: object * properties: * employees: * type: array * items: * $ref: '#/components/schemas/Employee' * pagination: * $ref: '#/components/schemas/Pagination' * 401: * description: 未授权 * 500: * description: 服务器内部错误 */ router.get('/', roleMiddleware(['admin', 'manager', 'teller']), employeeController.getEmployees); /** * @swagger * /api/employees: * post: * summary: 创建员工 * tags: [Employees] * security: * - bearerAuth: [] * requestBody: * required: true * content: * application/json: * schema: * type: object * required: * - name * - employee_id * - department_id * - position_id * - hire_date * - salary * properties: * name: * type: string * description: 员工姓名 * employee_id: * type: string * description: 员工编号 * department_id: * type: integer * description: 部门ID * position_id: * type: integer * description: 职位ID * phone: * type: string * description: 联系电话 * email: * type: string * description: 邮箱地址 * hire_date: * type: string * format: date * description: 入职日期 * salary: * type: number * description: 薪资 * status: * type: string * enum: [active, inactive, resigned] * description: 员工状态 * responses: * 201: * description: 创建成功 * 400: * description: 请求参数错误 * 401: * description: 未授权 * 403: * description: 权限不足 * 500: * description: 服务器内部错误 */ router.post('/', adminMiddleware, [ body('name').notEmpty().withMessage('员工姓名不能为空'), body('employee_id').notEmpty().withMessage('员工编号不能为空'), body('department_id').isInt().withMessage('部门ID必须是整数'), body('position_id').isInt().withMessage('职位ID必须是整数'), body('phone').optional().isMobilePhone('zh-CN').withMessage('手机号格式不正确'), body('email').optional().isEmail().withMessage('邮箱格式不正确'), body('hire_date').isISO8601().withMessage('入职日期格式不正确'), body('salary').isNumeric().withMessage('薪资必须是数字'), body('status').optional().isIn(['active', 'inactive', 'resigned']).withMessage('状态值无效') ], employeeController.createEmployee ); /** * @swagger * /api/employees/{id}: * get: * summary: 获取员工详情 * tags: [Employees] * security: * - bearerAuth: [] * parameters: * - in: path * name: id * required: true * schema: * type: integer * description: 员工ID * responses: * 200: * description: 获取成功 * 404: * description: 员工不存在 * 401: * description: 未授权 * 500: * description: 服务器内部错误 */ router.get('/:id', roleMiddleware(['admin', 'manager', 'teller']), employeeController.getEmployeeById); /** * @swagger * /api/employees/{id}: * put: * summary: 更新员工 * tags: [Employees] * security: * - bearerAuth: [] * parameters: * - in: path * name: id * required: true * schema: * type: integer * description: 员工ID * requestBody: * required: true * content: * application/json: * schema: * type: object * properties: * name: * type: string * employee_id: * type: string * department_id: * type: integer * position_id: * type: integer * phone: * type: string * email: * type: string * hire_date: * type: string * format: date * salary: * type: number * status: * type: string * enum: [active, inactive, resigned] * responses: * 200: * description: 更新成功 * 400: * description: 请求参数错误 * 404: * description: 员工不存在 * 401: * description: 未授权 * 403: * description: 权限不足 * 500: * description: 服务器内部错误 */ router.put('/:id', adminMiddleware, [ body('name').optional().notEmpty().withMessage('员工姓名不能为空'), body('employee_id').optional().notEmpty().withMessage('员工编号不能为空'), body('department_id').optional().isInt().withMessage('部门ID必须是整数'), body('position_id').optional().isInt().withMessage('职位ID必须是整数'), body('phone').optional().isMobilePhone('zh-CN').withMessage('手机号格式不正确'), body('email').optional().isEmail().withMessage('邮箱格式不正确'), body('hire_date').optional().isISO8601().withMessage('入职日期格式不正确'), body('salary').optional().isNumeric().withMessage('薪资必须是数字'), body('status').optional().isIn(['active', 'inactive', 'resigned']).withMessage('状态值无效') ], employeeController.updateEmployee ); /** * @swagger * /api/employees/{id}: * delete: * summary: 删除员工 * tags: [Employees] * security: * - bearerAuth: [] * parameters: * - in: path * name: id * required: true * schema: * type: integer * description: 员工ID * responses: * 200: * description: 删除成功 * 404: * description: 员工不存在 * 401: * description: 未授权 * 403: * description: 权限不足 * 500: * description: 服务器内部错误 */ router.delete('/:id', adminMiddleware, employeeController.deleteEmployee); /** * @swagger * /api/employees/stats/overview: * get: * summary: 获取员工统计 * tags: [Employees] * security: * - bearerAuth: [] * responses: * 200: * description: 获取成功 * 401: * description: 未授权 * 500: * description: 服务器内部错误 */ router.get('/stats/overview', roleMiddleware(['admin', 'manager', 'teller']), employeeController.getEmployeeStats); module.exports = router;