bp/app/Config/Routes.php

<?php

use CodeIgniter\Router\RouteCollection;

/**
 * @var RouteCollection $routes
 */
# =============================================================================
# ПУБЛИЧНЫЕ МАРШРУТЫ (без фильтров)
# =============================================================================
$routes->get('/', 'Home::index');
$routes->get('login', 'Auth::login');
$routes->post('login', 'Auth::login');
$routes->get('register', 'Auth::register');
$routes->post('register', 'Auth::register');
$routes->get('register/success', 'Auth::registerSuccess');
$routes->get('logout', 'Auth::logout');
$routes->get('auth/verify/(:any)', 'Auth::verify/$1');
$routes->get('auth/resend-verification', 'Auth::resendVerification');
$routes->post('auth/resend-verification', 'Auth::resendVerification');

# Маршруты для восстановления пароля
$routes->get('forgot-password', 'ForgotPassword::index');
$routes->post('forgot-password/send', 'ForgotPassword::sendResetLink');
$routes->get('forgot-password/reset/(:any)', 'ForgotPassword::reset/$1');
$routes->post('forgot-password/update', 'ForgotPassword::updatePassword');

# Маршруты для приглашений (публичные)
$routes->group('invitation', static function ($routes) {
    $routes->get('accept/(:any)', 'InvitationController::accept/$1');
    $routes->post('accept/(:any)', 'InvitationController::processAccept');
    $routes->post('decline/(:any)', 'InvitationController::decline/$1');
    $routes->match(['GET', 'POST'], 'complete/(:any)', 'InvitationController::complete/$1');
});

# =============================================================================
# АВТОРИЗОВАННЫЕ МАРШРУТЫ (требуется auth, НЕ требуется org)
# =============================================================================
$routes->group('', ['filter' => 'auth'], static function ($routes) {
    # Профиль (доступен без выбора организации)
    $routes->get('profile', 'Profile::index');
    $routes->get('profile/organizations', 'Profile::organizations');
    $routes->get('profile/security', 'Profile::security');
    $routes->post('profile/update-name', 'Profile::updateName');
    $routes->post('profile/upload-avatar', 'Profile::uploadAvatar');
    $routes->post('profile/change-password', 'Profile::changePassword');
    $routes->post('profile/session/revoke', 'Profile::revokeSession');
    $routes->post('profile/sessions/revoke-all', 'Profile::revokeAllSessions');
    $routes->post('profile/leave-org/(:num)', 'Profile::leaveOrganization/$1');

    # Выбор организации (доступен без выбора организации)
    $routes->get('organizations', 'Organizations::index');
    $routes->get('organizations/create', 'Organizations::create');
    $routes->post('organizations/create', 'Organizations::create');
    $routes->get('organizations/switch/(:num)', 'Organizations::switch/$1');
});

# =============================================================================
# ЗАЩИЩЁННЫЕ МАРШУТЫ (требуется auth И org)
# =============================================================================
$routes->group('', ['filter' => 'auth'], static function ($routes) {
    $routes->group('', ['filter' => 'org'], static function ($routes) {
        $routes->get('organizations/(:num)/dashboard', 'Organizations::dashboard/$1');
        $routes->get('organizations/edit/(:num)', 'Organizations::edit/$1');
        $routes->post('organizations/edit/(:num)', 'Organizations::edit/$1');
        $routes->get('organizations/delete/(:num)', 'Organizations::delete/$1');
        $routes->post('organizations/delete/(:num)', 'Organizations::delete/$1');

        # Управление пользователями организации
        $routes->get('organizations/(:num)/users', 'Organizations::users/$1');
        $routes->get('organizations/(:num)/users/table', 'Organizations::usersTable/$1');
        $routes->post('organizations/(:num)/users/invite', 'Organizations::inviteUser/$1');
        $routes->post('organizations/(:num)/users/role', 'Organizations::updateUserRole/$1');
        $routes->post('organizations/(:num)/users/(:num)/block', 'Organizations::blockUser/$1/$2');
        $routes->post('organizations/(:num)/users/(:num)/unblock', 'Organizations::unblockUser/$1/$2');
        $routes->post('organizations/(:num)/users/(:num)/remove', 'Organizations::removeUser/$1/$2');
        $routes->post('organizations/(:num)/leave', 'Organizations::leaveOrganization/$1');
        $routes->post('organizations/(:num)/users/leave', 'Organizations::leaveOrganization/$1');
        $routes->post('organizations/(:num)/users/(:num)/resend', 'Organizations::resendInvite/$1/$2');
        $routes->post('organizations/(:num)/users/(:num)/cancel', 'Organizations::cancelInvite/$1/$2');
    });
});

# =============================================================================
# ПОДКЛЮЧЕНИЕ РОУТОВ МОДУЛЕЙ (требуется auth)
# =============================================================================
$routes->group('', ['filter' => 'auth'], static function ($routes) {
    require_once APPPATH . 'Modules/Clients/Config/Routes.php';
    require_once APPPATH . 'Modules/CRM/Config/Routes.php';
    require_once APPPATH . 'Modules/Tasks/Config/Routes.php';
});

# =============================================================================
# СУПЕРАДМИН ПАНЕЛЬ (требуется system_role: superadmin)
# =============================================================================
$routes->group('superadmin', ['filter' => 'role:system:superadmin'], static function ($routes) {
    $routes->get('/', 'Superadmin::index');

    # Управление модулями
    $routes->get('modules', 'Superadmin::modules');
    $routes->post('modules/update', 'Superadmin::updateModule');

    # Управление подписками
    $routes->get('subscriptions', 'Superadmin::subscriptions');
    $routes->get('subscriptions/table', 'Superadmin::subscriptionsTable');
    $routes->get('subscriptions/create', 'Superadmin::createSubscription');
    $routes->post('subscriptions/store', 'Superadmin::storeSubscription');
    $routes->get('subscriptions/delete/(:num)', 'Superadmin::deleteSubscription/$1');

    # Поиск организаций
    $routes->get('organizations/search', 'Superadmin::searchOrganizations');

    # Управление организациями
    $routes->get('organizations', 'Superadmin::organizations');
    $routes->get('organizations/table', 'Superadmin::organizationsTable');
    $routes->get('organizations/view/(:num)', 'Superadmin::viewOrganization/$1');
    $routes->post('organizations/(:num)/add-subscription', 'Superadmin::addOrganizationSubscription/$1');
    $routes->get('organizations/(:num)/remove-subscription/(:num)', 'Superadmin::removeOrganizationSubscription/$1/$2');
    $routes->get('organizations/block/(:num)', 'Superadmin::blockOrganization/$1');
    $routes->get('organizations/unblock/(:num)', 'Superadmin::unblockOrganization/$1');
    $routes->get('organizations/delete/(:num)', 'Superadmin::deleteOrganization/$1');

    # Управление пользователями
    $routes->get('users', 'Superadmin::users');
    $routes->get('users/table', 'Superadmin::usersTable');
    $routes->post('users/update-role/(:num)', 'Superadmin::updateUserRole/$1');
    $routes->get('users/block/(:num)', 'Superadmin::blockUser/$1');
    $routes->get('users/unblock/(:num)', 'Superadmin::unblockUser/$1');
    $routes->get('users/delete/(:num)', 'Superadmin::deleteUser/$1');

    $routes->get('statistics', 'Superadmin::statistics');
});