import { Router } from 'express'; import { approveChangeRequest, auditExport, changeRequests, reportingOverview, rejectChangeRequest } from '../controllers/governanceController.js'; import { requireAuth } from '../middleware/auth.js'; export const governanceRoutes = Router(); // Phase 6 governance & reporting for Intune tenant write-back. Approve/reject // authorize admins or named approvers inside the controller. governanceRoutes.get('/change-requests', requireAuth, changeRequests); governanceRoutes.post('/change-requests/:id/approve', requireAuth, approveChangeRequest); governanceRoutes.post('/change-requests/:id/reject', requireAuth, rejectChangeRequest); governanceRoutes.get('/reporting/overview', requireAuth, reportingOverview); governanceRoutes.get('/deployments/:id/audit/export', requireAuth, auditExport);