diff --git a/src/server/routes/recruitCRM.js b/src/server/routes/recruitCRM.js index 11b193c756..d523744a3f 100644 --- a/src/server/routes/recruitCRM.js +++ b/src/server/routes/recruitCRM.js @@ -24,19 +24,42 @@ const routes = express.Router(); // Enables CORS on those routes according config above // ToDo configure CORS for set of our trusted domains -routes.use(cors()); -routes.options('*', cors()); - -routes.get('/jobs', (req, res, next) => new RecruitCRMService().getAllJobs(req, res, next)); -routes.get('/jobs/cache', (req, res, next) => new RecruitCRMService().getJobsCacheStats(req, res, next)); -routes.get('/jobs/cache/flush', (req, res, next) => authenticator(authenticatorOptions)(req, res, next), (req, res, next) => new RecruitCRMService().getJobsCacheFlush(req, res, next)); -routes.get('/jobs/search', (req, res, next) => new RecruitCRMService().getJobs(req, res, next)); -routes.get('/jobs/:id', (req, res, next) => new RecruitCRMService().getJob(req, res, next)); -routes.post('/jobs/:id/apply', (req, res, next) => authenticator(authenticatorOptions)(req, res, next), upload.single('resume'), (req, res, next) => new RecruitCRMService().applyForJob(req, res, next)); -routes.get('/candidates/search', (req, res, next) => new RecruitCRMService().searchCandidates(req, res, next)); +// routes.use(cors()); +// routes.options('*', cors()); + +routes.options('/jobs', cors()); +routes.get('/jobs', cors(), (req, res, next) => new RecruitCRMService().getAllJobs(req, res, next)); + +routes.options('/jobs/cache', cors()); +routes.get('/jobs/cache', cors(), (req, res, next) => new RecruitCRMService().getJobsCacheStats(req, res, next)); + +routes.options('/jobs/cache/flush', cors()); +routes.get('/jobs/cache/flush', cors(), (req, res, next) => authenticator(authenticatorOptions)(req, res, next), (req, res, next) => new RecruitCRMService().getJobsCacheFlush(req, res, next)); + +routes.options('/jobs/search', cors()); +routes.get('/jobs/search', cors(), (req, res, next) => new RecruitCRMService().getJobs(req, res, next)); + +routes.options('/jobs/:id', cors()); +routes.get('/jobs/:id', cors(), (req, res, next) => new RecruitCRMService().getJob(req, res, next)); + +const applyOptions = { + origin: true, + methods: ['POST'], + credentials: true, + maxAge: 3600, + allowedHeaders: ['Content-Type', 'Authorization'], +}; +routes.options('/jobs/:id/apply', cors(applyOptions)); +routes.post('/jobs/:id/apply', cors(applyOptions), (req, res, next) => authenticator(authenticatorOptions)(req, res, next), upload.single('resume'), (req, res, next) => new RecruitCRMService().applyForJob(req, res, next)); + +routes.options('/candidates/search', cors()); +routes.get('/candidates/search', cors(), (req, res, next) => new RecruitCRMService().searchCandidates(req, res, next)); // new router added -routes.get('/profile', (req, res, next) => authenticator(authenticatorOptions)(req, res, next), (req, res, next) => new RecruitCRMService().getProfile(req, res, next)); -routes.post('/profile', (req, res, next) => authenticator(authenticatorOptions)(req, res, next), upload.single('resume'), (req, res, next) => new RecruitCRMService().updateProfile(req, res, next)); -routes.get('/taasjobs', (req, res, next) => new RecruitCRMService().getJobsFromTaas(req, res, next)); +routes.options('/profile', cors()); +routes.get('/profile', cors(), (req, res, next) => authenticator(authenticatorOptions)(req, res, next), (req, res, next) => new RecruitCRMService().getProfile(req, res, next)); +routes.post('/profile', cors(), (req, res, next) => authenticator(authenticatorOptions)(req, res, next), upload.single('resume'), (req, res, next) => new RecruitCRMService().updateProfile(req, res, next)); + +routes.options('/taasjobs', cors()); +routes.get('/taasjobs', cors(), (req, res, next) => new RecruitCRMService().getJobsFromTaas(req, res, next)); export default routes;