routes/workflow_routes.py

from flask import Blueprint, request, send_file, Response, jsonify
from controllers.workflow_controller import (
    create_workflow, get_workflow, update_workflow, delete_workflow,
    get_department_workflows, add_data_requirement, remove_data_requirement,
    upload_form, remove_form, add_form_field, remove_form_field
)
from utils.auth import token_required, admin_required
from io import BytesIO
from db import get_gridfs
from bson.objectid import ObjectId
from models.workflow import Workflow

# Create blueprint
workflow_bp = Blueprint('workflow', __name__)

# Department workflows routes
workflow_bp.route('/', methods=['GET'])(token_required(get_department_workflows))
workflow_bp.route('/', methods=['POST'])(admin_required(create_workflow))

# Specific workflow routes
workflow_bp.route('/<workflow_id>', methods=['GET'])(token_required(get_workflow))
workflow_bp.route('/<workflow_id>', methods=['PUT'])(admin_required(update_workflow))
workflow_bp.route('/<workflow_id>', methods=['DELETE'])(admin_required(delete_workflow))

# Data requirements routes
workflow_bp.route('/<workflow_id>/data-requirements', methods=['POST'])(admin_required(add_data_requirement))
workflow_bp.route('/<workflow_id>/data-requirements', methods=['DELETE'])(admin_required(remove_data_requirement))

# Form routes
workflow_bp.route('/<workflow_id>/forms', methods=['POST'])(admin_required(upload_form))
workflow_bp.route('/<workflow_id>/forms', methods=['DELETE'])(admin_required(remove_form))

# Form fields routes
workflow_bp.route('/<workflow_id>/form-fields', methods=['POST'])(admin_required(add_form_field))
workflow_bp.route('/<workflow_id>/form-fields', methods=['DELETE'])(admin_required(remove_form_field))

@workflow_bp.route('/<workflow_id>/template', methods=['GET'])
@token_required
def get_markdown_template(current_user, workflow_id):
    """Get the markdown template for a workflow"""
    try:
        # Verify the workflow exists and user has access
        workflow = Workflow.find_by_id(workflow_id)
        if not workflow:
            return jsonify({'message': 'Workflow not found'}), 404
        
        # Check if user belongs to the workflow's department
        if str(workflow.department_id) != str(current_user.department_id):
            return jsonify({'message': 'Access denied to workflows from other departments'}), 403
        
        # Check if workflow has a markdown template
        if not workflow.markdown_template:
            return jsonify({'message': 'No template found for this workflow'}), 404
        
        # Return the markdown template
        return jsonify({
            'markdown_template': workflow.markdown_template,
            'template_name': workflow.template_name
        }), 200
        
    except Exception as e:
        import traceback
        traceback.print_exc()
        return jsonify({'message': f'Error retrieving template: {str(e)}'}), 500

@workflow_bp.route('/<workflow_id>/files/<file_id>', methods=['GET'])
def get_workflow_file(workflow_id, file_id):
    """Serve a file from GridFS"""
    try:
        # Parse token from query parameters if provided
        token = request.args.get('token')
        current_user = None
        
        if token:
            from utils.auth import decode_token
            try:
                # Decode and verify the token
                user_data = decode_token(token)
                if user_data:
                    from models.user import User
                    current_user = User.find_by_id(user_data.get('user_id'))
            except Exception as e:
                return jsonify({'message': f'Invalid token: {str(e)}'}), 401
        
        # If no token or invalid token, check for Authorization header
        if not current_user:
            auth_header = request.headers.get('Authorization')
            if auth_header and auth_header.startswith('Bearer '):
                from utils.auth import decode_token
                try:
                    token = auth_header.split(' ')[1]
                    user_data = decode_token(token)
                    from models.user import User
                    current_user = User.find_by_id(user_data.get('user_id'))
                except Exception as e:
                    return jsonify({'message': f'Invalid Authorization header: {str(e)}'}), 401
        
        # If still no authenticated user, return 401
        if not current_user:
            return jsonify({'message': 'Authentication required to access this file'}), 401
        
        # Verify the workflow exists and user has access
        workflow = Workflow.find_by_id(workflow_id)
        if not workflow:
            return jsonify({'message': 'Workflow not found'}), 404
        
        # Check if user belongs to the workflow's department
        if str(workflow.department_id) != str(current_user.department_id):
            return jsonify({'message': 'Access denied to workflows from other departments'}), 403
        
        # Get the file from GridFS
        fs = get_gridfs()
        file_obj = fs.get(ObjectId(file_id))
        
        if not file_obj:
            return jsonify({'message': 'File not found'}), 404
        
        # Create a response with the file data
        data = BytesIO(file_obj.read())
        data.seek(0)
        
        response = send_file(
            data,
            mimetype='application/pdf',
            as_attachment=False,
            download_name=file_obj.filename
        )
        
        # Add CORS headers to allow PDF.js to access the file
        response.headers['Access-Control-Allow-Origin'] = '*'
        response.headers['Access-Control-Allow-Headers'] = 'Content-Type, Authorization'
        response.headers['Access-Control-Allow-Methods'] = 'GET, OPTIONS'
        
        return response
        
    except Exception as e:
        import traceback
        traceback.print_exc()
        return jsonify({'message': f'Error retrieving file: {str(e)}'}), 500