const express = require('express');
const path = require('path');
const router = express.Router();

const authMiddleware = require('../middleware/authMiddleware');
const UserSettingsController = require('../controller/auth/UserSettingsController');
const ReferralTokenController = require('../controller/referral/ReferralTokenController');
const ReferralRegistrationController = require('../controller/referral/ReferralRegistrationController');
const PermissionController = require('../controller/permissions/PermissionController');
const DocumentTemplateController = require('../controller/documentTemplate/DocumentTemplateController');
const AdminUserController = require('../controller/admin/AdminUserController');
const UserDocumentController = require('../controller/documents/UserDocumentController');
const ServerStatusController = require('../controller/admin/ServerStatusController');
const UserController = require('../controller/auth/UserController');
const UserStatusController = require('../controller/auth/UserStatusController');
const CompanyStampController = require('../controller/companyStamp/CompanyStampController'); // <-- added
const MatrixController = require('../controller/matrix/MatrixController'); // <-- added
const CoffeeController = require('../controller/admin/CoffeeController');
const PoolController = require('../controller/pool/PoolController');
const TaxController = require('../controller/tax/taxController');
const AffiliateController = require('../controller/affiliate/AffiliateController');
const AbonemmentController = require('../controller/abonemments/AbonemmentController');

// small helpers copied from original files
function adminOnly(req, res, next) {
  if (!req.user || !['admin', 'super_admin'].includes(req.user.role)) {
    return res.status(403).json({ error: 'Forbidden: Admins only' });
  }
  next();
}
function requireAdmin(req, res, next) {
  if (!req.user || req.user.role !== 'admin') {
    return res.status(403).json({ success: false, message: 'Forbidden: Admins only.' });
  }
  next();
}

// NEW helper used by company-stamp routes
function forceCompanyForAdmin(req, res, next) {
  if (req.user && ['admin','super_admin'].includes(req.user.role) && req.user.user_type !== 'company') {
    req.user.user_type = 'company';
  }
  next();
}

// === GET routes moved from other files ===

// auth.js GETs
router.get('/me', authMiddleware, UserController.getMe);
router.get('/user/status', authMiddleware, UserStatusController.getStatus);
router.get('/user/status-progress', authMiddleware, UserStatusController.getStatusProgress);
router.get('/users/:id/full', authMiddleware, UserController.getFullUserData);
router.get('/user/settings', authMiddleware, UserSettingsController.getSettings);
router.get('/users/:id/permissions', authMiddleware, PermissionController.getUserPermissions);
router.get('/admin/users/:id/full', authMiddleware, AdminUserController.getFullUserAccountDetails);
router.get('/admin/users/:id/detailed', authMiddleware, requireAdmin, AdminUserController.getDetailedUserInfo);
router.get('/users/:id/documents', authMiddleware, UserController.getUserDocumentsAndContracts);
router.get('/verify-password-reset', (req, res) => { /* Note: was moved from PasswordResetController.verifyPasswordResetToken */ res.status(204).end(); }); // keep placeholder if controller already registered via other verb

// admin.js GETs
router.get('/admin/user-stats', authMiddleware, requireAdmin, AdminUserController.getUserStats);
router.get('/admin/user-list', authMiddleware, requireAdmin, AdminUserController.getUserList);
router.get('/admin/verification-pending-users', authMiddleware, requireAdmin, AdminUserController.getVerificationPendingUsers);
router.get('/admin/unverified-users', authMiddleware, requireAdmin, AdminUserController.getUnverifiedUsers);
router.get('/admin/user/:id/documents', authMiddleware, requireAdmin, UserDocumentController.getAllDocumentsForUser);
router.get('/admin/server-status', authMiddleware, requireAdmin, ServerStatusController.getStatus);
// Contract preview for admin: latest active by user type
router.get('/admin/contracts/:id/preview', authMiddleware, requireAdmin, DocumentTemplateController.previewLatestForUser);

// permissions.js GETs
router.get('/permissions', authMiddleware, PermissionController.list);

// referral.js GETs
router.get('/referral/list', authMiddleware, ReferralTokenController.list);
router.get('/referral/stats', authMiddleware, ReferralTokenController.stats);
router.get('/referral/info/:token', ReferralRegistrationController.getReferrerInfo);
router.get('/referral/referred-users', authMiddleware, ReferralTokenController.referredUsers);

// userSettings.js GETs
router.get('/settings', authMiddleware, UserSettingsController.getSettings);

// contracts.js (file downloads)
router.get('/contracts/personal', authMiddleware, (req, res) => {
  const filePath = path.join(__dirname, '../contractTemplates/personal/test.pdf');
  res.download(filePath, 'personal-service-contract.pdf', (err) => {
    if (err) res.status(404).json({ success: false, message: 'Personal contract not found' });
  });
});
router.get('/contracts/company', authMiddleware, (req, res) => {
  const filePath = path.join(__dirname, '../contractTemplates/company/test.pdf');
  res.download(filePath, 'company-service-contract.pdf', (err) => {
    if (err) res.status(404).json({ success: false, message: 'Company contract not found' });
  });
});

// User: preview latest active contract (HTML) for authenticated user
router.get('/contracts/preview/latest', authMiddleware, DocumentTemplateController.previewLatestForMe);

// documentTemplates.js GETs
router.get('/document-templates', authMiddleware, DocumentTemplateController.listTemplates);
router.get('/document-templates/:id', authMiddleware, DocumentTemplateController.getTemplate);
router.get('/document-templates-public', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesPublic);
router.get('/document-templates/:id/generate-pdf', authMiddleware, DocumentTemplateController.generatePdf);
router.get('/document-templates/:id/preview', authMiddleware, DocumentTemplateController.previewTemplate);
router.get('/document-templates/:id/download-pdf', authMiddleware, DocumentTemplateController.downloadPdf);
router.get('/api/document-templates', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesFiltered);

// Company-stamp GETs
router.get('/company-stamps/mine', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.listMine);
router.get('/company-stamps/mine/active', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.activeMine);
router.get('/company-stamps/all', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.listAll);
// Admin: coffee products
router.get('/admin/coffee', authMiddleware, adminOnly, CoffeeController.list);
router.get('/admin/coffee/active', authMiddleware, adminOnly, CoffeeController.listActive);


// Matrix GETs
router.get('/matrix/create', authMiddleware, adminOnly, MatrixController.create);
router.get('/matrix/stats', authMiddleware, adminOnly, MatrixController.stats);
router.get('/admin/matrix/users', authMiddleware, adminOnly, MatrixController.getMatrixUserforAdmin);
router.get('/admin/matrix/user-candidates', authMiddleware, adminOnly, MatrixController.searchCandidates);

// NEW: Matrix overview for authenticated user
router.get('/matrix/me/overview', authMiddleware, MatrixController.getMyOverview);

// NEW: Matrix POST (admin)
router.post('/admin/matrix/add-user', authMiddleware, adminOnly, MatrixController.addUser);

// NEW: Admin list pools
router.get('/admin/pools', authMiddleware, adminOnly, PoolController.list);

// NEW: User matrices list and per-instance overview
router.get('/matrix/me/list', authMiddleware, MatrixController.listMyMatrices);
router.get('/matrix/:id/overview', authMiddleware, MatrixController.getMyOverviewByInstance);
// NEW: User matrix summary (totals and fill)
router.get('/matrix/:id/summary', authMiddleware, MatrixController.getMyMatrixSummary);

// Tax GETs
router.get('/tax/vat-rates', authMiddleware, TaxController.getAllVatRates);
router.get('/tax/vat-history/:countryCode', authMiddleware, adminOnly, TaxController.getVatHistory);

// NEW: Admin list vacancies for a matrix
router.get('/admin/matrix/vacancies', authMiddleware, adminOnly, MatrixController.listVacancies);

// Affiliate Management Routes (Admin)
router.get('/admin/affiliates', authMiddleware, adminOnly, AffiliateController.list);

// Public Affiliates Route (Active only)
router.get('/affiliates/active', AffiliateController.listActive);

// Abonement GETs
router.get('/abonements/mine', authMiddleware, AbonemmentController.getMine);
router.get('/abonements/:id/history', authMiddleware, AbonemmentController.getHistory);
router.get('/admin/abonements', authMiddleware, adminOnly, AbonemmentController.adminList);

module.exports = router;