const { Worknote, User } = require('../models'); exports.addWorknote = async (req, res) => { try { const { requestId, requestType, message, isInternal } = req.body; if (!requestId || !requestType || !message) { return res.status(400).json({ success: false, message: 'Request ID, type, and message are required' }); } await Worknote.create({ requestId, requestType, userId: req.user.id, content: message, isInternal: isInternal || false }); res.status(201).json({ success: true, message: 'Worknote added successfully' }); } catch (error) { console.error('Add worknote error:', error); res.status(500).json({ success: false, message: 'Error adding worknote' }); } }; exports.getWorknotes = async (req, res) => { try { const { requestId } = req.params; const { requestType } = req.query; const worknotes = await Worknote.findAll({ where: { requestId, requestType }, include: [{ model: User, as: 'author', attributes: ['name', 'role'] }], order: [['createdAt', 'DESC']] }); res.json({ success: true, worknotes }); } catch (error) { console.error('Get worknotes error:', error); res.status(500).json({ success: false, message: 'Error fetching worknotes' }); } }; exports.deleteWorknote = async (req, res) => { try { const { id } = req.params; const worknote = await Worknote.findByPk(id); if (!worknote) { return res.status(404).json({ success: false, message: 'Worknote not found' }); } // Only allow user who created it or admin to delete if (worknote.userId !== req.user.id && req.user.role !== 'Super Admin') { return res.status(403).json({ success: false, message: 'Access denied' }); } await worknote.destroy(); res.json({ success: true, message: 'Worknote deleted successfully' }); } catch (error) { console.error('Delete worknote error:', error); res.status(500).json({ success: false, message: 'Error deleting worknote' }); } };