const express = require('express'); const path = require('path'); const router = express.Router(); const authMiddleware = require('../middleware/authMiddleware'); const UserSettingsController = require('../controller/auth/UserSettingsController'); const ReferralTokenController = require('../controller/referral/ReferralTokenController'); const ReferralRegistrationController = require('../controller/referral/ReferralRegistrationController'); const PermissionController = require('../controller/permissions/PermissionController'); const DocumentTemplateController = require('../controller/documentTemplate/DocumentTemplateController'); const AdminUserController = require('../controller/admin/AdminUserController'); const UserDocumentController = require('../controller/documents/UserDocumentController'); const ServerStatusController = require('../controller/admin/ServerStatusController'); const UserController = require('../controller/auth/UserController'); const UserStatusController = require('../controller/auth/UserStatusController'); const CompanyStampController = require('../controller/companyStamp/CompanyStampController'); // <-- added const MatrixController = require('../controller/matrix/MatrixController'); // <-- added // small helpers copied from original files function adminOnly(req, res, next) { if (!req.user || !['admin', 'super_admin'].includes(req.user.role)) { return res.status(403).json({ error: 'Forbidden: Admins only' }); } next(); } function requireAdmin(req, res, next) { if (!req.user || req.user.role !== 'admin') { return res.status(403).json({ success: false, message: 'Forbidden: Admins only.' }); } next(); } // NEW helper used by company-stamp routes function forceCompanyForAdmin(req, res, next) { if (req.user && ['admin','super_admin'].includes(req.user.role) && req.user.user_type !== 'company') { req.user.user_type = 'company'; } next(); } // === GET routes moved from other files === // auth.js GETs router.get('/me', authMiddleware, UserController.getMe); router.get('/user/status', authMiddleware, UserStatusController.getStatus); router.get('/user/status-progress', authMiddleware, UserStatusController.getStatusProgress); router.get('/users/:id/full', authMiddleware, UserController.getFullUserData); router.get('/user/settings', authMiddleware, UserSettingsController.getSettings); router.get('/users/:id/permissions', authMiddleware, PermissionController.getUserPermissions); router.get('/admin/users/:id/full', authMiddleware, AdminUserController.getFullUserAccountDetails); router.get('/admin/users/:id/detailed', authMiddleware, requireAdmin, AdminUserController.getDetailedUserInfo); router.get('/users/:id/documents', authMiddleware, UserController.getUserDocumentsAndContracts); router.get('/verify-password-reset', (req, res) => { /* Note: was moved from PasswordResetController.verifyPasswordResetToken */ res.status(204).end(); }); // keep placeholder if controller already registered via other verb // admin.js GETs router.get('/admin/user-stats', authMiddleware, requireAdmin, AdminUserController.getUserStats); router.get('/admin/user-list', authMiddleware, requireAdmin, AdminUserController.getUserList); router.get('/admin/verification-pending-users', authMiddleware, requireAdmin, AdminUserController.getVerificationPendingUsers); router.get('/admin/unverified-users', authMiddleware, requireAdmin, AdminUserController.getUnverifiedUsers); router.get('/admin/user/:id/documents', authMiddleware, requireAdmin, UserDocumentController.getAllDocumentsForUser); router.get('/admin/server-status', authMiddleware, requireAdmin, ServerStatusController.getStatus); // permissions.js GETs router.get('/permissions', authMiddleware, PermissionController.list); // referral.js GETs router.get('/referral/list', authMiddleware, ReferralTokenController.list); router.get('/referral/stats', authMiddleware, ReferralTokenController.stats); router.get('/referral/info/:token', ReferralRegistrationController.getReferrerInfo); router.get('/referral/referred-users', authMiddleware, ReferralTokenController.referredUsers); // userSettings.js GETs router.get('/settings', authMiddleware, UserSettingsController.getSettings); // contracts.js (file downloads) router.get('/contracts/personal', authMiddleware, (req, res) => { const filePath = path.join(__dirname, '../contractTemplates/personal/test.pdf'); res.download(filePath, 'personal-service-contract.pdf', (err) => { if (err) res.status(404).json({ success: false, message: 'Personal contract not found' }); }); }); router.get('/contracts/company', authMiddleware, (req, res) => { const filePath = path.join(__dirname, '../contractTemplates/company/test.pdf'); res.download(filePath, 'company-service-contract.pdf', (err) => { if (err) res.status(404).json({ success: false, message: 'Company contract not found' }); }); }); // documentTemplates.js GETs router.get('/document-templates', authMiddleware, DocumentTemplateController.listTemplates); router.get('/document-templates/:id', authMiddleware, DocumentTemplateController.getTemplate); router.get('/document-templates-public', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesPublic); router.get('/document-templates/:id/generate-pdf', authMiddleware, DocumentTemplateController.generatePdf); router.get('/document-templates/:id/preview', authMiddleware, DocumentTemplateController.previewTemplate); router.get('/document-templates/:id/download-pdf', authMiddleware, DocumentTemplateController.downloadPdf); router.get('/api/document-templates', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesFiltered); // Company-stamp GETs router.get('/company-stamps/mine', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.listMine); router.get('/company-stamps/mine/active', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.activeMine); router.get('/company-stamps/all', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.listAll); // Matrix GETs router.get('/matrix/create', authMiddleware, adminOnly, MatrixController.create); // ?name=...&email=...&force=true router.get('/matrix/stats', authMiddleware, adminOnly, MatrixController.stats); // NEW: real stats for dashboard // export module.exports = router;