const express = require('express');
const router = express.Router();
const multer = require('multer');
const authMiddleware = require('../middleware/authMiddleware');
const DocumentTemplateController = require('../controller/documentTemplate/DocumentTemplateController');

// Use memory storage for multer (files will be available as buffers)
const upload = multer({ storage: multer.memoryStorage() });

// Role check middleware for admin/super_admin
function adminOnly(req, res, next) {
  if (!req.user || !['admin', 'super_admin'].includes(req.user.role)) {
    return res.status(403).json({ error: 'Forbidden: Admins only' });
  }
  next();
}

// List all templates
router.get('/document-templates', authMiddleware, DocumentTemplateController.listTemplates);

// Upload a new template
router.post(
  '/document-templates',
  authMiddleware,
  upload.single('file'), // file field for template file
  DocumentTemplateController.uploadTemplate
);

// Get a template by ID
router.get('/document-templates/:id', authMiddleware, DocumentTemplateController.getTemplate);

// Update an existing template (edit/upload new version)
router.put(
  '/document-templates/:id',
  authMiddleware,
  upload.single('file'), // optional new file
  DocumentTemplateController.updateTemplate
);

// Delete a template by ID
router.delete('/document-templates/:id', authMiddleware, DocumentTemplateController.deleteTemplate);

// Public route: List all templates for dashboard (admin only)
router.get('/document-templates-public', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesPublic);

// Update template state (active/inactive)
router.patch(
  '/document-templates/:id/state',
  authMiddleware,
  adminOnly,
  DocumentTemplateController.updateTemplateState
);

// List templates with optional state filter (admin only)
router.get('/api/document-templates', authMiddleware, adminOnly, DocumentTemplateController.listTemplatesFiltered);

// Generate PDF from template
router.get(
  '/document-templates/:id/generate-pdf',
  authMiddleware,
  DocumentTemplateController.generatePdf
);

// Serve sanitized HTML preview (avoids direct S3 CORS)
router.get(
  '/document-templates/:id/preview',
  authMiddleware,
  DocumentTemplateController.previewTemplate
);

// Download PDF (sanitized: template variables emptied for download)
router.get(
  '/document-templates/:id/download-pdf',
  authMiddleware,
  DocumentTemplateController.downloadPdf
);

// Generate PDF with signature
router.post(
  '/document-templates/:id/generate-pdf-with-signature',
  authMiddleware,
  DocumentTemplateController.generatePdfWithSignature
);

module.exports = router;