const express = require('express'); const router = express.Router(); const Vehicle = require('../models/Vehicle'); const Store = require('../models/Store'); const { authMiddleware, requireRole } = require('../middleware/auth'); const { validate } = require('../middleware/validate'); const { schemas } = require('../middleware/validate'); // 获取所有车辆(公开,仅需登录) router.get('/', authMiddleware, async (req, res) => { try { const filter = {}; // store 角色查询时校验 storeId 归属(只能看自己关联的门店) if (req.user.role === 'store' && req.user.storeId) { // store 用户永远只能看自己门店的数据,忽略前端传的 storeId 参数 filter.storeId = req.user.storeId; } else if (req.query.storeId) { filter.storeId = req.query.storeId; } if (req.query.status) filter.status = req.query.status; const vehicles = await Vehicle.find(filter).populate('currentOrderId'); res.json({ success: true, data: vehicles }); } catch (error) { res.status(500).json({ success: false, message: '服务器内部错误' }); } }); // 获取单个车辆(公开) router.get('/:id', authMiddleware, async (req, res) => { try { const vehicle = await Vehicle.findById(req.params.id).populate('currentOrderId'); if (!vehicle) return res.status(404).json({ success: false, message: '车辆不存在' }); res.json({ success: true, data: vehicle }); } catch (error) { res.status(500).json({ success: false, message: "服务器内部错误" }); } }); // 创建车辆(需 admin 或 store) router.post('/', authMiddleware, requireRole('admin', 'store'), validate(schemas.vehicle), async (req, res) => { try { const data = { ...req.body }; if (data.status === '在租') data.isRented = true; const vehicle = new Vehicle(data); await vehicle.save(); res.status(201).json({ success: true, data: vehicle }); } catch (error) { res.status(400).json({ success: false, message: "服务器内部错误" }); } }); // 更新车辆(需 admin 或 store) router.put('/:id', authMiddleware, requireRole('admin', 'store'), validate(schemas.vehicle), async (req, res) => { try { const data = { ...req.body }; if (data.status !== undefined) data.isRented = data.status === '在租'; const vehicle = await Vehicle.findByIdAndUpdate(req.params.id, data, { new: true, runValidators: true }); if (!vehicle) return res.status(404).json({ success: false, message: '车辆不存在' }); res.json({ success: true, data: vehicle }); } catch (error) { res.status(400).json({ success: false, message: "服务器内部错误" }); } }); // 删除车辆(需 admin) router.delete('/:id', authMiddleware, requireRole('admin'), async (req, res) => { try { const vehicle = await Vehicle.findByIdAndDelete(req.params.id); if (!vehicle) return res.status(404).json({ success: false, message: '车辆不存在' }); res.json({ success: true, message: '车辆已删除' }); } catch (error) { res.status(500).json({ success: false, message: "服务器内部错误" }); } }); // 按状态筛选车辆(公开) router.get('/status/:status', authMiddleware, async (req, res) => { try { const vehicles = await Vehicle.find({ status: req.params.status }); res.json({ success: true, data: vehicles }); } catch (error) { res.status(500).json({ success: false, message: "服务器内部错误" }); } }); // 更新车辆位置(需 admin 或 store) router.patch('/:id/location', authMiddleware, requireRole('admin', 'store'), async (req, res) => { try { const { longitude, latitude } = req.body; const vehicle = await Vehicle.findByIdAndUpdate( req.params.id, { location: { type: 'Point', coordinates: [longitude, latitude] }, lastLocationUpdate: new Date() }, { new: true } ); if (!vehicle) return res.status(404).json({ success: false, message: '车辆不存在' }); res.json({ success: true, data: vehicle }); } catch (error) { res.status(400).json({ success: false, message: "服务器内部错误" }); } }); module.exports = router;