web hooks created for the dms team

2025-12-18 21:23:37 +05:30 · 2025-12-18 21:23:37 +05:30 · 1ac169dc7f
commit 1ac169dc7f
parent 8dc7fd3307
16 changed files with 2386 additions and 38 deletions
--- a/docs/DMS_WEBHOOK_API.md
+++ b/docs/DMS_WEBHOOK_API.md
@ -0,0 +1,574 @@
 # DMS Webhook API Documentation
 ## Overview
 This document describes the webhook endpoints that DMS (Document Management System) will call to notify the RE Workflow System after processing invoice and credit note generation requests.
 ---
 ## Table of Contents
 1. [Webhook Overview](#1-webhook-overview)
 2. [Authentication](#2-authentication)
 3. [Invoice Webhook](#3-invoice-webhook)
 4. [Credit Note Webhook](#4-credit-note-webhook)
 5. [Payload Specifications](#5-payload-specifications)
 6. [Error Handling](#6-error-handling)
 7. [Testing](#7-testing)
 ---
 ## 1. Webhook Overview
 ### 1.1 Purpose
 After RE Workflow System pushes invoice/credit note generation requests to DMS, DMS processes them and sends webhook callbacks with the generated document details, tax information, and other metadata.
 ### 1.2 Webhook Flow
 ```
 ┌─────────────────┐                    ┌─────────────────┐
 │ RE Workflow     │                    │ DMS System      │
 │ System          │                    │                 │
 └────────┬────────┘                    └────────┬────────┘
         │                                      │
         │ POST /api/invoices/generate          │
         │ { request_number, dealer_code, ... }│
         ├─────────────────────────────────────►│
         │                                      │
         │                                      │ Process Invoice
         │                                      │ Generate Document
         │                                      │ Calculate GST
         │                                      │
         │                                      │ POST /api/v1/webhooks/dms/invoice
         │                                      │ { document_no, irn_no, ... }
         │◄─────────────────────────────────────┤
         │                                      │
         │ Update Invoice Record                │
         │ Store IRN, GST Details, etc.         │
         │                                      │
 ```
 ---
 ## 2. Authentication
 ### 2.1 Webhook Signature
 DMS must include a signature in the request header for security validation:
 **Header:**
 ```
 X-DMS-Signature: <HMAC-SHA256-signature>
 ```
 **Signature Generation:**
 1. Create HMAC-SHA256 hash of the request body (JSON string)
 2. Use the shared secret key (`DMS_WEBHOOK_SECRET`)
 3. Send the hex-encoded signature in the `X-DMS-Signature` header
 **Example:**
 ```javascript
 const crypto = require('crypto');
 const body = JSON.stringify(payload);
 const signature = crypto
  .createHmac('sha256', DMS_WEBHOOK_SECRET)
  .update(body)
  .digest('hex');
 // Send in header: X-DMS-Signature: <signature>
 ```
 ### 2.2 Environment Variable
 Configure the webhook secret in RE Workflow System:
 ```env
 DMS_WEBHOOK_SECRET=your_shared_secret_key_here
 ```
 **Note:** If `DMS_WEBHOOK_SECRET` is not configured, signature validation is skipped (development mode only).
 ---
 ## 3. Invoice Webhook
 ### 3.1 Endpoint
 **URL:** `POST /api/v1/webhooks/dms/invoice`
 **Base URL Examples:**
 - Development: `http://localhost:5000/api/v1/webhooks/dms/invoice`
 - UAT: `https://reflow-uat.royalenfield.com/api/v1/webhooks/dms/invoice`
 - Production: `https://reflow.royalenfield.com/api/v1/webhooks/dms/invoice`
 ### 3.2 Request Headers
 ```http
 Content-Type: application/json
 X-DMS-Signature: <HMAC-SHA256-signature>
 User-Agent: DMS-Webhook-Client/1.0
 ```
 ### 3.3 Request Payload
 ```json
 {
  "request_number": "REQ-2025-12-0001",
  "document_no": "EINV-2025-001234",
  "document_type": "E-INVOICE",
  "document_date": "2025-12-17T10:30:00.000Z",
  "dealer_code": "DLR001",
  "dealer_name": "ABC Motors",
  "activity_name": "Marketing Campaign",
  "activity_description": "Q4 Marketing Campaign for Royal Enfield",
  "claim_amount": 150000.00,
  "io_number": "IO-2025-001",
  "item_code_no": "ITEM-001",
  "hsn_sac_code": "998314",
  "cgst_percentage": 9.0,
  "sgst_percentage": 9.0,
  "igst_percentage": 0.0,
  "cgst_amount": 13500.00,
  "sgst_amount": 13500.00,
  "igst_amount": 0.00,
  "total_amount": 177000.00,
  "irn_no": "IRN123456789012345678901234567890123456789012345678901234567890",
  "invoice_file_path": "https://dms.example.com/invoices/EINV-2025-001234.pdf",
  "error_message": null,
  "timestamp": "2025-12-17T10:30:00.000Z"
 }
 ```
 ### 3.4 Payload Field Descriptions
 | Field | Type | Required | Description |
 |-------|------|----------|-------------|
 | `request_number` | string | ✅ Yes | Original request number from RE Workflow System (e.g., "REQ-2025-12-0001") |
 | `document_no` | string | ✅ Yes | Generated invoice/document number from DMS |
 | `document_type` | string | ✅ Yes | Type of document: "E-INVOICE" or "INVOICE" |
 | `document_date` | string (ISO 8601) | ✅ Yes | Date when invoice was generated |
 | `dealer_code` | string | ✅ Yes | Dealer code (should match original request) |
 | `dealer_name` | string | ✅ Yes | Dealer name (should match original request) |
 | `activity_name` | string | ✅ Yes | Activity name from original request |
 | `activity_description` | string | ✅ Yes | Activity description from original request |
 | `claim_amount` | number | ✅ Yes | Original claim amount (before tax) |
 | `io_number` | string | No | Internal Order number (if provided in original request) |
 | `item_code_no` | string | ✅ Yes | Item code number (provided by DMS team based on activity list) |
 | `hsn_sac_code` | string | ✅ Yes | HSN/SAC code for the invoice |
 | `cgst_percentage` | number | ✅ Yes | CGST percentage (e.g., 9.0 for 9%) |
 | `sgst_percentage` | number | ✅ Yes | SGST percentage (e.g., 9.0 for 9%) |
 | `igst_percentage` | number | ✅ Yes | IGST percentage (0.0 for intra-state, >0 for inter-state) |
 | `cgst_amount` | number | ✅ Yes | CGST amount in INR |
 | `sgst_amount` | number | ✅ Yes | SGST amount in INR |
 | `igst_amount` | number | ✅ Yes | IGST amount in INR |
 | `total_amount` | number | ✅ Yes | Total invoice amount (claim_amount + all taxes) |
 | `irn_no` | string | No | Invoice Reference Number (IRN) from GST portal (if generated) |
 | `invoice_file_path` | string | ✅ Yes | URL or path to the generated invoice PDF/document file |
 | `error_message` | string | No | Error message if invoice generation failed |
 | `timestamp` | string (ISO 8601) | ✅ Yes | Timestamp when webhook is sent |
 ### 3.5 Success Response
 **Status Code:** `200 OK`
 ```json
 {
  "success": true,
  "message": "Invoice webhook processed successfully",
  "data": {
    "message": "Invoice webhook processed successfully",
    "invoiceNumber": "EINV-2025-001234",
    "requestNumber": "REQ-2025-12-0001"
  }
 }
 ```
 ### 3.6 Error Response
 **Status Code:** `400 Bad Request` or `500 Internal Server Error`
 ```json
 {
  "success": false,
  "message": "Failed to process invoice webhook",
  "error": "Request not found: REQ-2025-12-0001"
 }
 ```
 ---
 ## 4. Credit Note Webhook
 ### 4.1 Endpoint
 **URL:** `POST /api/v1/webhooks/dms/credit-note`
 **Base URL Examples:**
 - Development: `http://localhost:5000/api/v1/webhooks/dms/credit-note`
 - UAT: `https://reflow-uat.royalenfield.com/api/v1/webhooks/dms/credit-note`
 - Production: `https://reflow.royalenfield.com/api/v1/webhooks/dms/credit-note`
 ### 4.2 Request Headers
 ```http
 Content-Type: application/json
 X-DMS-Signature: <HMAC-SHA256-signature>
 User-Agent: DMS-Webhook-Client/1.0
 ```
 ### 4.3 Request Payload
 ```json
 {
  "request_number": "REQ-2025-12-0001",
  "document_no": "CN-2025-001234",
  "document_type": "CREDIT_NOTE",
  "document_date": "2025-12-17T11:00:00.000Z",
  "dealer_code": "DLR001",
  "dealer_name": "ABC Motors",
  "activity_name": "Marketing Campaign",
  "activity_description": "Q4 Marketing Campaign for Royal Enfield",
  "claim_amount": 150000.00,
  "io_number": "IO-2025-001",
  "item_code_no": "ITEM-001",
  "hsn_sac_code": "998314",
  "cgst_percentage": 9.0,
  "sgst_percentage": 9.0,
  "igst_percentage": 0.0,
  "cgst_amount": 13500.00,
  "sgst_amount": 13500.00,
  "igst_amount": 0.00,
  "total_amount": 177000.00,
  "credit_type": "GST",
  "irn_no": "IRN987654321098765432109876543210987654321098765432109876543210",
  "sap_credit_note_no": "SAP-CN-2025-001234",
  "credit_note_file_path": "https://dms.example.com/credit-notes/CN-2025-001234.pdf",
  "error_message": null,
  "timestamp": "2025-12-17T11:00:00.000Z"
 }
 ```
 ### 4.4 Payload Field Descriptions
 | Field | Type | Required | Description |
 |-------|------|----------|-------------|
 | `request_number` | string | ✅ Yes | Original request number from RE Workflow System |
 | `document_no` | string | ✅ Yes | Generated credit note number from DMS |
 | `document_type` | string | ✅ Yes | Type of document: "CREDIT_NOTE" |
 | `document_date` | string (ISO 8601) | ✅ Yes | Date when credit note was generated |
 | `dealer_code` | string | ✅ Yes | Dealer code (should match original request) |
 | `dealer_name` | string | ✅ Yes | Dealer name (should match original request) |
 | `activity_name` | string | ✅ Yes | Activity name from original request |
 | `activity_description` | string | ✅ Yes | Activity description from original request |
 | `claim_amount` | string | ✅ Yes | Original claim amount (before tax) |
 | `io_number` | string | No | Internal Order number (if provided) |
 | `item_code_no` | string | ✅ Yes | Item code number (provided by DMS team) |
 | `hsn_sac_code` | string | ✅ Yes | HSN/SAC code for the credit note |
 | `cgst_percentage` | number | ✅ Yes | CGST percentage |
 | `sgst_percentage` | number | ✅ Yes | SGST percentage |
 | `igst_percentage` | number | ✅ Yes | IGST percentage |
 | `cgst_amount` | number | ✅ Yes | CGST amount in INR |
 | `sgst_amount` | number | ✅ Yes | SGST amount in INR |
 | `igst_amount` | number | ✅ Yes | IGST amount in INR |
 | `total_amount` | number | ✅ Yes | Total credit note amount (claim_amount + all taxes) |
 | `credit_type` | string | ✅ Yes | Type of credit: "GST" or "Commercial Credit" |
 | `irn_no` | string | No | Invoice Reference Number (IRN) for credit note (if generated) |
 | `sap_credit_note_no` | string | ✅ Yes | SAP Credit Note Number (generated by SAP system) |
 | `credit_note_file_path` | string | ✅ Yes | URL or path to the generated credit note PDF/document file |
 | `error_message` | string | No | Error message if credit note generation failed |
 | `timestamp` | string (ISO 8601) | ✅ Yes | Timestamp when webhook is sent |
 ### 4.5 Success Response
 **Status Code:** `200 OK`
 ```json
 {
  "success": true,
  "message": "Credit note webhook processed successfully",
  "data": {
    "message": "Credit note webhook processed successfully",
    "creditNoteNumber": "CN-2025-001234",
    "requestNumber": "REQ-2025-12-0001"
  }
 }
 ```
 ### 4.6 Error Response
 **Status Code:** `400 Bad Request` or `500 Internal Server Error`
 ```json
 {
  "success": false,
  "message": "Failed to process credit note webhook",
  "error": "Credit note record not found for request: REQ-2025-12-0001"
 }
 ```
 ---
 ## 5. Payload Specifications
 ### 5.1 Data Mapping: RE Workflow → DMS
 When RE Workflow System sends data to DMS, it includes:
 | RE Workflow Field | DMS Receives | Notes |
 |-------------------|--------------|-------|
 | `requestNumber` | `request_number` | Direct mapping |
 | `dealerCode` | `dealer_code` | Direct mapping |
 | `dealerName` | `dealer_name` | Direct mapping |
 | `activityName` | `activity_name` | From claim details |
 | `activityDescription` | `activity_description` | From claim details |
 | `claimAmount` | `claim_amount` | Total claim amount |
 | `ioNumber` | `io_number` | If available |
 ### 5.2 Data Mapping: DMS → RE Workflow
 When DMS sends webhook, RE Workflow System stores:
 | DMS Webhook Field | RE Workflow Database Field | Table |
 |-------------------|---------------------------|-------|
 | `document_no` | `invoice_number` / `credit_note_number` | `claim_invoices` / `claim_credit_notes` |
 | `document_date` | `invoice_date` / `credit_note_date` | `claim_invoices` / `claim_credit_notes` |
 | `total_amount` | `invoice_amount` / `credit_note_amount` | `claim_invoices` / `claim_credit_notes` |
 | `invoice_file_path` | `invoice_file_path` | `claim_invoices` |
 | `credit_note_file_path` | `credit_note_file_path` | `claim_credit_notes` |
 | `irn_no` | Stored in `description` field | Both tables |
 | `sap_credit_note_no` | `sap_document_number` | `claim_credit_notes` |
 | `item_code_no` | Stored in `description` field | Both tables |
 | `hsn_sac_code` | Stored in `description` field | Both tables |
 | GST amounts | Stored in `description` field | Both tables |
 | `credit_type` | Stored in `description` field | `claim_credit_notes` |
 ### 5.3 GST Calculation Logic
 **Intra-State (Same State):**
 - CGST: Applied (e.g., 9%)
 - SGST: Applied (e.g., 9%)
 - IGST: 0%
 **Inter-State (Different State):**
 - CGST: 0%
 - SGST: 0%
 - IGST: Applied (e.g., 18%)
 **Total Amount Calculation:**
 ```
 total_amount = claim_amount + cgst_amount + sgst_amount + igst_amount
 ```
 ---
 ## 6. Error Handling
 ### 6.1 Common Error Scenarios
 | Error | Status Code | Description | Solution |
 |-------|-------------|-------------|----------|
 | Invalid Signature | 401 | Webhook signature validation failed | Check `DMS_WEBHOOK_SECRET` and signature generation |
 | Missing Required Field | 400 | Required field is missing in payload | Ensure all required fields are included |
 | Request Not Found | 400 | Request number doesn't exist in system | Verify request number matches original request |
 | Invoice Not Found | 400 | Invoice record not found for request | Ensure invoice was created before webhook |
 | Credit Note Not Found | 400 | Credit note record not found for request | Ensure credit note was created before webhook |
 | Database Error | 500 | Internal database error | Check database connection and logs |
 ### 6.2 Retry Logic
 DMS should implement retry logic for failed webhook deliveries:
 - **Initial Retry:** After 1 minute
 - **Second Retry:** After 5 minutes
 - **Third Retry:** After 15 minutes
 - **Final Retry:** After 1 hour
 **Maximum Retries:** 4 attempts
 **Retry Conditions:**
 - HTTP 5xx errors (server errors)
 - Network timeouts
 - Connection failures
 **Do NOT Retry:**
 - HTTP 400 errors (client errors - invalid payload)
 - HTTP 401 errors (authentication errors)
 ### 6.3 Idempotency
 Webhooks should be idempotent. If DMS sends the same webhook multiple times:
 - RE Workflow System will update the record with the latest data
 - No duplicate records will be created
 - Status will be updated to reflect the latest state
 ---
 ## 7. Testing
 ### 7.1 Test Invoice Webhook
 ```bash
 curl -X POST "http://localhost:5000/api/v1/webhooks/dms/invoice" \
  -H "Content-Type: application/json" \
  -H "X-DMS-Signature: <calculated-signature>" \
  -d '{
    "request_number": "REQ-2025-12-0001",
    "document_no": "EINV-TEST-001",
    "document_type": "E-INVOICE",
    "document_date": "2025-12-17T10:30:00.000Z",
    "dealer_code": "DLR001",
    "dealer_name": "Test Dealer",
    "activity_name": "Test Activity",
    "activity_description": "Test Description",
    "claim_amount": 100000.00,
    "io_number": "IO-TEST-001",
    "item_code_no": "ITEM-001",
    "hsn_sac_code": "998314",
    "cgst_percentage": 9.0,
    "sgst_percentage": 9.0,
    "igst_percentage": 0.0,
    "cgst_amount": 9000.00,
    "sgst_amount": 9000.00,
    "igst_amount": 0.00,
    "total_amount": 118000.00,
    "irn_no": "IRN123456789012345678901234567890123456789012345678901234567890",
    "invoice_file_path": "https://dms.example.com/invoices/EINV-TEST-001.pdf",
    "timestamp": "2025-12-17T10:30:00.000Z"
  }'
 ```
 ### 7.2 Test Credit Note Webhook
 ```bash
 curl -X POST "http://localhost:5000/api/v1/webhooks/dms/credit-note" \
  -H "Content-Type: application/json" \
  -H "X-DMS-Signature: <calculated-signature>" \
  -d '{
    "request_number": "REQ-2025-12-0001",
    "document_no": "CN-TEST-001",
    "document_type": "CREDIT_NOTE",
    "document_date": "2025-12-17T11:00:00.000Z",
    "dealer_code": "DLR001",
    "dealer_name": "Test Dealer",
    "activity_name": "Test Activity",
    "activity_description": "Test Description",
    "claim_amount": 100000.00,
    "io_number": "IO-TEST-001",
    "item_code_no": "ITEM-001",
    "hsn_sac_code": "998314",
    "cgst_percentage": 9.0,
    "sgst_percentage": 9.0,
    "igst_percentage": 0.0,
    "cgst_amount": 9000.00,
    "sgst_amount": 9000.00,
    "igst_amount": 0.00,
    "total_amount": 118000.00,
    "credit_type": "GST",
    "irn_no": "IRN987654321098765432109876543210987654321098765432109876543210",
    "sap_credit_note_no": "SAP-CN-TEST-001",
    "credit_note_file_path": "https://dms.example.com/credit-notes/CN-TEST-001.pdf",
    "timestamp": "2025-12-17T11:00:00.000Z"
  }'
 ```
 ### 7.3 Signature Calculation (Node.js Example)
 ```javascript
 const crypto = require('crypto');
 function calculateSignature(payload, secret) {
  const body = JSON.stringify(payload);
  return crypto
    .createHmac('sha256', secret)
    .update(body)
    .digest('hex');
 }
 const payload = { /* webhook payload */ };
 const secret = process.env.DMS_WEBHOOK_SECRET;
 const signature = calculateSignature(payload, secret);
 // Use in header: X-DMS-Signature: <signature>
 ```
 ---
 ## 8. Integration Checklist
 ### 8.1 DMS Team Checklist
 - [ ] Configure webhook URLs in DMS system
 - [ ] Set up `DMS_WEBHOOK_SECRET` (shared secret)
 - [ ] Implement signature generation (HMAC-SHA256)
 - [ ] Test webhook delivery to RE Workflow endpoints
 - [ ] Implement retry logic for failed deliveries
 - [ ] Set up monitoring/alerting for webhook failures
 - [ ] Document webhook payload structure
 - [ ] Coordinate with RE Workflow team for testing
 ### 8.2 RE Workflow Team Checklist
 - [ ] Configure `DMS_WEBHOOK_SECRET` in environment variables
 - [ ] Deploy webhook endpoints to UAT/Production
 - [ ] Test webhook endpoints with sample payloads
 - [ ] Verify database updates after webhook processing
 - [ ] Set up monitoring/alerting for webhook failures
 - [ ] Document webhook endpoints for DMS team
 - [ ] Coordinate with DMS team for integration testing
 ---
 ## 9. Support & Troubleshooting
 ### 9.1 Logs
 RE Workflow System logs webhook processing:
 - **Success:** `[DMSWebhook] Invoice webhook processed successfully`
 - **Error:** `[DMSWebhook] Error processing invoice webhook: <error>`
 - **Validation:** `[DMSWebhook] Invalid webhook signature`
 ### 9.2 Common Issues
 **Issue: Webhook signature validation fails**
 - Verify `DMS_WEBHOOK_SECRET` matches in both systems
 - Check signature calculation method (HMAC-SHA256)
 - Ensure request body is JSON stringified correctly
 **Issue: Request not found**
 - Verify `request_number` matches the original request
 - Check if request exists in RE Workflow database
 - Ensure request was created before webhook is sent
 **Issue: Invoice/Credit Note record not found**
 - Verify invoice/credit note was created in RE Workflow
 - Check if webhook is sent before record creation
 - Review workflow step sequence
 ---
 ## 10. Environment Configuration
 ### 10.1 Environment Variables
 Add to RE Workflow System `.env` file:
 ```env
 # DMS Webhook Configuration
 DMS_WEBHOOK_SECRET=your_shared_secret_key_here
 ```
 ### 10.2 Webhook URLs by Environment
 | Environment | Invoice Webhook URL | Credit Note Webhook URL |
 |-------------|---------------------|-------------------------|
 | Development | `http://localhost:5000/api/v1/webhooks/dms/invoice` | `http://localhost:5000/api/v1/webhooks/dms/credit-note` |
 | UAT | `https://reflow-uat.royalenfield.com/api/v1/webhooks/dms/invoice` | `https://reflow-uat.royalenfield.com/api/v1/webhooks/dms/credit-note` |
 | Production | `https://reflow.royalenfield.com/api/v1/webhooks/dms/invoice` | `https://reflow.royalenfield.com/api/v1/webhooks/dms/credit-note` |
 ---
 **Document Version:** 1.0  
 **Last Updated:** December 2024  
 **Maintained By:** RE Workflow Development Team
--- a/docs/GCP_PRODUCTION_SETUP.md
+++ b/docs/GCP_PRODUCTION_SETUP.md
@ -0,0 +1,669 @@
 # GCP Cloud Storage - Production Setup Guide
 ## Overview
 This guide provides step-by-step instructions for setting up Google Cloud Storage (GCS) for the **Royal Enfield Workflow System** in **Production** environment. This document focuses specifically on production deployment requirements, folder structure, and environment configuration.
 ---
 ## Table of Contents
 1. [Production Requirements](#1-production-requirements)
 2. [GCP Bucket Configuration](#2-gcp-bucket-configuration)
 3. [Service Account Setup](#3-service-account-setup)
 4. [Environment Variables Configuration](#4-environment-variables-configuration)
 5. [Folder Structure in GCS](#5-folder-structure-in-gcs)
 6. [Security & Access Control](#6-security--access-control)
 7. [CORS Configuration](#7-cors-configuration)
 8. [Lifecycle Management](#8-lifecycle-management)
 9. [Monitoring & Alerts](#9-monitoring--alerts)
 10. [Verification & Testing](#10-verification--testing)
 ---
 ## 1. Production Requirements
 ### 1.1 Application Details
 | Item | Production Value |
 |------|------------------|
 | **Application** | Royal Enfield Workflow System |
 | **Environment** | Production |
 | **Domain** | `https://reflow.royalenfield.com` |
 | **Purpose** | Store workflow documents, attachments, invoices, and credit notes |
 | **Storage Type** | Google Cloud Storage (GCS) |
 | **Region** | `asia-south1` (Mumbai) |
 ### 1.2 Storage Requirements
 The application stores:
 - **Workflow Documents**: Initial documents uploaded during request creation
 - **Work Note Attachments**: Files attached during approval workflow
 - **Invoice Files**: Generated e-invoice PDFs
 - **Credit Note Files**: Generated credit note PDFs
 - **Dealer Claim Documents**: Proposal documents, completion documents
 ---
 ## 2. GCP Bucket Configuration
 ### 2.1 Production Bucket Settings
 | Setting | Production Value |
 |---------|------------------|
 | **Bucket Name** | `reflow-documents-prod` |
 | **Location Type** | Region |
 | **Region** | `asia-south1` (Mumbai) |
 | **Storage Class** | Standard (for active files) |
 | **Access Control** | Uniform bucket-level access |
 | **Public Access Prevention** | Enforced (Block all public access) |
 | **Versioning** | Enabled (for recovery) |
 | **Lifecycle Rules** | Configured (see section 8) |
 ### 2.2 Create Production Bucket
 ```bash
 # Create production bucket
 gcloud storage buckets create gs://reflow-documents-prod \
  --project=re-platform-workflow-dealer \
  --location=asia-south1 \
  --uniform-bucket-level-access \
  --public-access-prevention
 # Enable versioning
 gcloud storage buckets update gs://reflow-documents-prod \
  --versioning
 # Verify bucket creation
 gcloud storage buckets describe gs://reflow-documents-prod
 ```
 ### 2.3 Bucket Naming Convention
 | Environment | Bucket Name | Purpose |
 |-------------|-------------|---------|
 | Development | `reflow-documents-dev` | Development testing |
 | UAT | `reflow-documents-uat` | User acceptance testing |
 | Production | `reflow-documents-prod` | Live production data |
 ---
 ## 3. Service Account Setup
 ### 3.1 Create Production Service Account
 ```bash
 # Create service account for production
 gcloud iam service-accounts create reflow-storage-prod-sa \
  --display-name="RE Workflow Production Storage Service Account" \
  --description="Service account for production file storage operations" \
  --project=re-platform-workflow-dealer
 ```
 ### 3.2 Assign Required Roles
 The service account needs the following IAM roles:
 | Role | Purpose | Required For |
 |------|---------|--------------|
 | `roles/storage.objectAdmin` | Full control over objects | Upload, delete, update files |
 | `roles/storage.objectViewer` | Read objects | Download and preview files |
 | `roles/storage.legacyBucketReader` | Read bucket metadata | List files and check bucket status |
 ```bash
 # Grant Storage Object Admin role
 gcloud projects add-iam-policy-binding re-platform-workflow-dealer \
  --member="serviceAccount:reflow-storage-prod-sa@re-platform-workflow-dealer.iam.gserviceaccount.com" \
  --role="roles/storage.objectAdmin"
 # Grant Storage Object Viewer role (for read operations)
 gcloud projects add-iam-policy-binding re-platform-workflow-dealer \
  --member="serviceAccount:reflow-storage-prod-sa@re-platform-workflow-dealer.iam.gserviceaccount.com" \
  --role="roles/storage.objectViewer"
 ```
 ### 3.3 Generate Service Account Key
 ```bash
 # Generate JSON key file for production
 gcloud iam service-accounts keys create ./config/gcp-key-prod.json \
  --iam-account=reflow-storage-prod-sa@re-platform-workflow-dealer.iam.gserviceaccount.com \
  --project=re-platform-workflow-dealer
 ```
 ⚠️ **Security Warning:**
 - Store the key file securely (not in Git)
 - Use secure file transfer methods
 - Rotate keys periodically (every 90 days recommended)
 - Restrict file permissions: `chmod 600 ./config/gcp-key-prod.json`
 ---
 ## 4. Environment Variables Configuration
 ### 4.1 Required Environment Variables
 Add the following environment variables to your production `.env` file:
 ```env
 # ============================================
 # Google Cloud Storage (GCP) Configuration
 # ============================================
 # GCP Project ID - Must match the project_id in your service account key file
 GCP_PROJECT_ID=re-platform-workflow-dealer
 # GCP Bucket Name - Production bucket name
 GCP_BUCKET_NAME=reflow-documents-prod
 # GCP Service Account Key File Path
 # Can be relative to project root or absolute path
 # Example: ./config/gcp-key-prod.json
 # Example: /etc/reflow/config/gcp-key-prod.json
 GCP_KEY_FILE=./config/gcp-key-prod.json
 ```
 ### 4.2 Environment Variable Details
 | Variable | Description | Example Value | Required |
 |----------|-------------|---------------|----------|
 | `GCP_PROJECT_ID` | Your GCP project ID. Must match the `project_id` field in the service account JSON key file. | `re-platform-workflow-dealer` | ✅ Yes |
 | `GCP_BUCKET_NAME` | Name of the GCS bucket where files will be stored. Must exist in your GCP project. | `reflow-documents-prod` | ✅ Yes |
 | `GCP_KEY_FILE` | Path to the service account JSON key file. Can be relative (from project root) or absolute path. | `./config/gcp-key-prod.json` | ✅ Yes |
 ### 4.3 File Path Configuration
 **Relative Path (Recommended for Development):**
 ```env
 GCP_KEY_FILE=./config/gcp-key-prod.json
 ```
 **Absolute Path (Recommended for Production):**
 ```env
 GCP_KEY_FILE=/etc/reflow/config/gcp-key-prod.json
 ```
 ### 4.4 Verification
 After setting environment variables, verify the configuration:
 ```bash
 # Check if variables are set
 echo $GCP_PROJECT_ID
 echo $GCP_BUCKET_NAME
 echo $GCP_KEY_FILE
 # Verify key file exists
 ls -la $GCP_KEY_FILE
 # Verify key file permissions (should be 600)
 stat -c "%a %n" $GCP_KEY_FILE
 ```
 ---
 ## 5. Folder Structure in GCS
 ### 5.1 Production Bucket Structure
 ```
 reflow-documents-prod/
 │
 ├── requests/                          # All workflow-related files
 │   ├── REQ-2025-12-0001/             # Request-specific folder
 │   │   ├── documents/                 # Initial request documents
 │   │   │   ├── 1701234567890-abc123-proposal.pdf
 │   │   │   ├── 1701234567891-def456-specification.docx
 │   │   │   └── 1701234567892-ghi789-budget.xlsx
 │   │   │
 │   │   ├── attachments/                # Work note attachments
 │   │   │   ├── 1701234567893-jkl012-approval_note.pdf
 │   │   │   ├── 1701234567894-mno345-signature.png
 │   │   │   └── 1701234567895-pqr678-supporting_doc.pdf
 │   │   │
 │   │   ├── invoices/                   # Generated invoice files
 │   │   │   └── 1701234567896-stu901-invoice_REQ-2025-12-0001.pdf
 │   │   │
 │   │   └── credit-notes/               # Generated credit note files
 │   │       └── 1701234567897-vwx234-credit_note_REQ-2025-12-0001.pdf
 │   │
 │   ├── REQ-2025-12-0002/
 │   │   ├── documents/
 │   │   ├── attachments/
 │   │   ├── invoices/
 │   │   └── credit-notes/
 │   │
 │   └── REQ-2025-12-0003/
 │       └── ...
 │
 └── temp/                               # Temporary uploads (auto-deleted after 24h)
    └── (temporary files before processing)
 ```
 ### 5.2 File Path Patterns
 | File Type | Path Pattern | Example |
 |-----------|--------------|---------|
 | **Documents** | `requests/{requestNumber}/documents/{timestamp}-{hash}-{filename}` | `requests/REQ-2025-12-0001/documents/1701234567890-abc123-proposal.pdf` |
 | **Attachments** | `requests/{requestNumber}/attachments/{timestamp}-{hash}-{filename}` | `requests/REQ-2025-12-0001/attachments/1701234567893-jkl012-approval_note.pdf` |
 | **Invoices** | `requests/{requestNumber}/invoices/{timestamp}-{hash}-{filename}` | `requests/REQ-2025-12-0001/invoices/1701234567896-stu901-invoice_REQ-2025-12-0001.pdf` |
 | **Credit Notes** | `requests/{requestNumber}/credit-notes/{timestamp}-{hash}-{filename}` | `requests/REQ-2025-12-0001/credit-notes/1701234567897-vwx234-credit_note_REQ-2025-12-0001.pdf` |
 ### 5.3 File Naming Convention
 Files are automatically renamed with the following pattern:
 ```
 {timestamp}-{randomHash}-{sanitizedOriginalName}
 ```
 **Example:**
 - Original: `My Proposal Document (Final).pdf`
 - Stored: `1701234567890-abc123-My_Proposal_Document__Final_.pdf`
 **Benefits:**
 - Prevents filename conflicts
 - Maintains original filename for reference
 - Ensures unique file identifiers
 - Safe for URL encoding
 ---
 ## 6. Security & Access Control
 ### 6.1 Bucket Security Settings
 ```bash
 # Enforce public access prevention
 gcloud storage buckets update gs://reflow-documents-prod \
  --public-access-prevention
 # Enable uniform bucket-level access
 gcloud storage buckets update gs://reflow-documents-prod \
  --uniform-bucket-level-access
 ```
 ### 6.2 Access Control Strategy
 **Production Approach:**
 - **Private Bucket**: All files are private by default
 - **Signed URLs**: Generate time-limited signed URLs for file access (recommended)
 - **Service Account**: Only service account has direct access
 - **IAM Policies**: Restrict access to specific service accounts only
 ### 6.3 Signed URL Configuration (Recommended)
 For production, use signed URLs instead of public URLs:
 ```typescript
 // Example: Generate signed URL (valid for 1 hour)
 const [url] = await file.getSignedUrl({
  action: 'read',
  expires: Date.now() + 60 * 60 * 1000, // 1 hour
 });
 ```
 ### 6.4 Security Checklist
 - [ ] Public access prevention enabled
 - [ ] Uniform bucket-level access enabled
 - [ ] Service account has minimal required permissions
 - [ ] JSON key file stored securely (not in Git)
 - [ ] Key file permissions set to 600
 - [ ] CORS configured for specific domains only
 - [ ] Bucket versioning enabled
 - [ ] Access logging enabled
 - [ ] Signed URLs used for file access (if applicable)
 ---
 ## 7. CORS Configuration
 ### 7.1 Production CORS Policy
 Create `cors-config-prod.json`:
 ```json
 [
  {
    "origin": [
      "https://reflow.royalenfield.com",
      "https://www.royalenfield.com"
    ],
    "method": ["GET", "PUT", "POST", "DELETE", "HEAD", "OPTIONS"],
    "responseHeader": [
      "Content-Type",
      "Content-Disposition",
      "Content-Length",
      "Cache-Control",
      "x-goog-meta-*"
    ],
    "maxAgeSeconds": 3600
  }
 ]
 ```
 ### 7.2 Apply CORS Configuration
 ```bash
 gcloud storage buckets update gs://reflow-documents-prod \
  --cors-file=cors-config-prod.json
 ```
 ### 7.3 Verify CORS
 ```bash
 # Check CORS configuration
 gcloud storage buckets describe gs://reflow-documents-prod \
  --format="value(cors)"
 ```
 ---
 ## 8. Lifecycle Management
 ### 8.1 Lifecycle Rules Configuration
 Create `lifecycle-config-prod.json`:
 ```json
 {
  "lifecycle": {
    "rule": [
      {
        "action": { "type": "Delete" },
        "condition": {
          "age": 1,
          "matchesPrefix": ["temp/"]
        },
        "description": "Delete temporary files after 24 hours"
      },
      {
        "action": { "type": "SetStorageClass", "storageClass": "NEARLINE" },
        "condition": {
          "age": 90,
          "matchesPrefix": ["requests/"]
        },
        "description": "Move old files to Nearline storage after 90 days"
      },
      {
        "action": { "type": "SetStorageClass", "storageClass": "COLDLINE" },
        "condition": {
          "age": 365,
          "matchesPrefix": ["requests/"]
        },
        "description": "Move archived files to Coldline storage after 1 year"
      }
    ]
  }
 }
 ```
 ### 8.2 Apply Lifecycle Rules
 ```bash
 gcloud storage buckets update gs://reflow-documents-prod \
  --lifecycle-file=lifecycle-config-prod.json
 ```
 ### 8.3 Lifecycle Rule Benefits
 | Rule | Purpose | Cost Savings |
 |------|---------|--------------|
 | Delete temp files | Remove temporary uploads after 24h | Prevents storage bloat |
 | Move to Nearline | Archive files older than 90 days | ~50% cost reduction |
 | Move to Coldline | Archive files older than 1 year | ~70% cost reduction |
 ---
 ## 9. Monitoring & Alerts
 ### 9.1 Enable Access Logging
 ```bash
 # Create logging bucket (if not exists)
 gcloud storage buckets create gs://reflow-logs-prod \
  --project=re-platform-workflow-dealer \
  --location=asia-south1
 # Enable access logging
 gcloud storage buckets update gs://reflow-documents-prod \
  --log-bucket=gs://reflow-logs-prod \
  --log-object-prefix=reflow-storage-logs/
 ```
 ### 9.2 Set Up Monitoring Alerts
 **Recommended Alerts:**
 1. **Storage Quota Alert**
   - Trigger: Storage exceeds 80% of quota
   - Action: Notify DevOps team
 2. **Unusual Access Patterns**
   - Trigger: Unusual download patterns detected
   - Action: Security team notification
 3. **Failed Access Attempts**
   - Trigger: Multiple failed authentication attempts
   - Action: Immediate security alert
 4. **High Upload Volume**
   - Trigger: Upload volume exceeds normal threshold
   - Action: Performance team notification
 ### 9.3 Cost Monitoring
 Monitor storage costs via:
 - GCP Console → Billing → Reports
 - Set up budget alerts at 50%, 75%, 90% of monthly budget
 - Review storage class usage (Standard vs Nearline vs Coldline)
 ---
 ## 10. Verification & Testing
 ### 10.1 Pre-Deployment Verification
 ```bash
 # 1. Verify bucket exists
 gcloud storage buckets describe gs://reflow-documents-prod
 # 2. Verify service account has access
 gcloud storage ls gs://reflow-documents-prod \
  --impersonate-service-account=reflow-storage-prod-sa@re-platform-workflow-dealer.iam.gserviceaccount.com
 # 3. Test file upload
 echo "test file" > test-upload.txt
 gcloud storage cp test-upload.txt gs://reflow-documents-prod/temp/test-upload.txt
 # 4. Test file download
 gcloud storage cp gs://reflow-documents-prod/temp/test-upload.txt ./test-download.txt
 # 5. Test file delete
 gcloud storage rm gs://reflow-documents-prod/temp/test-upload.txt
 # 6. Clean up
 rm test-upload.txt test-download.txt
 ```
 ### 10.2 Application-Level Testing
 1. **Upload Test:**
   - Upload a document via API
   - Verify file appears in GCS bucket
   - Check database `storage_url` field contains GCS URL
 2. **Download Test:**
   - Download file via API
   - Verify file is accessible
   - Check response headers
 3. **Delete Test:**
   - Delete file via API
   - Verify file is removed from GCS
   - Check database record is updated
 ### 10.3 Production Readiness Checklist
 - [ ] Bucket created and configured
 - [ ] Service account created with correct permissions
 - [ ] JSON key file generated and stored securely
 - [ ] Environment variables configured in `.env`
 - [ ] CORS policy applied
 - [ ] Lifecycle rules configured
 - [ ] Versioning enabled
 - [ ] Access logging enabled
 - [ ] Monitoring alerts configured
 - [ ] Upload/download/delete operations tested
 - [ ] Backup and recovery procedures documented
 ---
 ## 11. Troubleshooting
 ### 11.1 Common Issues
 **Issue: Files not uploading to GCS**
 - ✅ Check `.env` configuration matches credentials
 - ✅ Verify service account has correct permissions
 - ✅ Check bucket name exists and is accessible
 - ✅ Review application logs for GCS errors
 - ✅ Verify key file path is correct
 **Issue: Files uploading but not accessible**
 - ✅ Verify bucket permissions (private vs public)
 - ✅ Check CORS configuration if accessing from browser
 - ✅ Ensure `storage_url` is being saved correctly in database
 - ✅ Verify signed URL generation (if using private bucket)
 **Issue: Permission denied errors**
 - ✅ Verify service account has `roles/storage.objectAdmin`
 - ✅ Check bucket IAM policies
 - ✅ Verify key file is valid and not expired
 ### 11.2 Log Analysis
 Check application logs for GCS-related messages:
 ```bash
 # Search for GCS initialization
 grep "GCS.*Initialized" logs/app.log
 # Search for GCS errors
 grep "GCS.*Error" logs/app.log
 # Search for upload failures
 grep "GCS.*upload.*failed" logs/app.log
 ```
 ---
 ## 12. Production Deployment Steps
 ### 12.1 Deployment Checklist
 1. **Pre-Deployment:**
   - [ ] Create production bucket
   - [ ] Create production service account
   - [ ] Generate and secure key file
   - [ ] Configure environment variables
   - [ ] Test upload/download operations
 2. **Deployment:**
   - [ ] Deploy application with new environment variables
   - [ ] Verify GCS initialization in logs
   - [ ] Test file upload functionality
   - [ ] Monitor for errors
 3. **Post-Deployment:**
   - [ ] Verify files are being stored in GCS
   - [ ] Check database `storage_url` fields
   - [ ] Monitor storage costs
   - [ ] Review access logs
 ---
 ## 13. Cost Estimation (Production)
 | Item | Monthly Estimate | Notes |
 |------|------------------|-------|
 | **Storage (500GB)** | ~$10.00 | Standard storage class |
 | **Operations (100K)** | ~$0.50 | Upload/download operations |
 | **Network Egress** | Variable | Depends on download volume |
 | **Nearline Storage** | ~$5.00 | Files older than 90 days |
 | **Coldline Storage** | ~$2.00 | Files older than 1 year |
 **Total Estimated Monthly Cost:** ~$17.50 (excluding network egress)
 ---
 ## 14. Support & Contacts
 | Role | Responsibility | Contact |
 |------|----------------|---------|
 | **DevOps Team** | GCP infrastructure setup | [DevOps Email] |
 | **Application Team** | Application configuration | [App Team Email] |
 | **Security Team** | Access control and permissions | [Security Email] |
 ---
 ## 15. Quick Reference
 ### 15.1 Essential Commands
 ```bash
 # Create bucket
 gcloud storage buckets create gs://reflow-documents-prod \
  --project=re-platform-workflow-dealer \
  --location=asia-south1 \
  --uniform-bucket-level-access \
  --public-access-prevention
 # Create service account
 gcloud iam service-accounts create reflow-storage-prod-sa \
  --display-name="RE Workflow Production Storage" \
  --project=re-platform-workflow-dealer
 # Generate key
 gcloud iam service-accounts keys create ./config/gcp-key-prod.json \
  --iam-account=reflow-storage-prod-sa@re-platform-workflow-dealer.iam.gserviceaccount.com
 # Set CORS
 gcloud storage buckets update gs://reflow-documents-prod \
  --cors-file=cors-config-prod.json
 # Enable versioning
 gcloud storage buckets update gs://reflow-documents-prod \
  --versioning
 ```
 ### 15.2 Environment Variables Template
 ```env
 # Production GCP Configuration
 GCP_PROJECT_ID=re-platform-workflow-dealer
 GCP_BUCKET_NAME=reflow-documents-prod
 GCP_KEY_FILE=./config/gcp-key-prod.json
 ```
 ---
 ## Appendix: File Structure Reference
 ### Database Storage Fields
 The application stores file information in the database:
 | Table | Field | Description |
 |-------|-------|-------------|
 | `documents` | `file_path` | GCS path: `requests/{requestNumber}/documents/{filename}` |
 | `documents` | `storage_url` | Full GCS URL: `https://storage.googleapis.com/bucket/path` |
 | `work_note_attachments` | `file_path` | GCS path: `requests/{requestNumber}/attachments/{filename}` |
 | `work_note_attachments` | `storage_url` | Full GCS URL |
 | `claim_invoices` | `invoice_file_path` | GCS path: `requests/{requestNumber}/invoices/{filename}` |
 | `claim_credit_notes` | `credit_note_file_path` | GCS path: `requests/{requestNumber}/credit-notes/{filename}` |
 ---
 **Document Version:** 1.0  
 **Last Updated:** December 2024  
 **Maintained By:** RE Workflow Development Team
--- a/src/controllers/dealerClaim.controller.ts
+++ b/src/controllers/dealerClaim.controller.ts
@ -813,5 +813,42 @@ export class DealerClaimController {
      return ResponseHandler.error(res, 'Failed to update credit note details', 500, errorMessage);
    }
  }
  /**
   * Send credit note to dealer and auto-approve Step 8
   * POST /api/v1/dealer-claims/:requestId/credit-note/send
   * Accepts either UUID or requestNumber
   */
  async sendCreditNoteToDealer(
    req: AuthenticatedRequest,
    res: Response
  ): Promise<void> {
    try {
      const identifier = req.params.requestId; // Can be UUID or requestNumber
      const userId = req.user?.userId;
      if (!userId) {
        return ResponseHandler.error(res, 'Unauthorized', 401);
      }
      // Find workflow to get actual UUID
      const workflow = await this.findWorkflowByIdentifier(identifier);
      if (!workflow) {
        return ResponseHandler.error(res, 'Workflow request not found', 404);
      }
      const requestId = (workflow as any).requestId || (workflow as any).request_id;
      if (!requestId) {
        return ResponseHandler.error(res, 'Invalid workflow request', 400);
      }
      await this.dealerClaimService.sendCreditNoteToDealer(requestId, userId);
      return ResponseHandler.success(res, { message: 'Credit note sent to dealer and Step 8 approved successfully' }, 'Credit note sent');
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
      logger.error('[DealerClaimController] Error sending credit note to dealer:', error);
      return ResponseHandler.error(res, 'Failed to send credit note to dealer', 500, errorMessage);
    }
  }
 }
--- a/src/controllers/dmsWebhook.controller.ts
+++ b/src/controllers/dmsWebhook.controller.ts
@ -0,0 +1,117 @@
 import { Request, Response } from 'express';
 import { DMSWebhookService } from '../services/dmsWebhook.service';
 import { ResponseHandler } from '../utils/responseHandler';
 import logger from '../utils/logger';
 /**
 * DMS Webhook Controller
 * Handles webhook callbacks from DMS system for invoice and credit note generation
 */
 export class DMSWebhookController {
  private webhookService = new DMSWebhookService();
  /**
   * Handle invoice generation webhook from DMS
   * POST /api/v1/webhooks/dms/invoice
   */
  async handleInvoiceWebhook(req: Request, res: Response): Promise<void> {
    try {
      const payload = req.body;
      logger.info('[DMSWebhook] Invoice webhook received', {
        requestNumber: payload.request_number,
        documentNo: payload.document_no,
      });
      // Validate webhook signature if configured
      const isValid = await this.webhookService.validateWebhookSignature(req);
      if (!isValid) {
        logger.warn('[DMSWebhook] Invalid webhook signature');
        return ResponseHandler.error(res, 'Invalid webhook signature', 401);
      }
      // Process invoice webhook
      const result = await this.webhookService.processInvoiceWebhook(payload);
      if (!result.success) {
        logger.error('[DMSWebhook] Invoice webhook processing failed', {
          error: result.error,
          requestNumber: payload.request_number,
        });
        return ResponseHandler.error(res, result.error || 'Failed to process invoice webhook', 400);
      }
      logger.info('[DMSWebhook] Invoice webhook processed successfully', {
        requestNumber: payload.request_number,
        invoiceNumber: result.invoiceNumber,
      });
      return ResponseHandler.success(
        res,
        {
          message: 'Invoice webhook processed successfully',
          invoiceNumber: result.invoiceNumber,
          requestNumber: payload.request_number,
        },
        'Webhook processed'
      );
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
      logger.error('[DMSWebhook] Error processing invoice webhook:', error);
      return ResponseHandler.error(res, 'Failed to process invoice webhook', 500, errorMessage);
    }
  }
  /**
   * Handle credit note generation webhook from DMS
   * POST /api/v1/webhooks/dms/credit-note
   */
  async handleCreditNoteWebhook(req: Request, res: Response): Promise<void> {
    try {
      const payload = req.body;
      logger.info('[DMSWebhook] Credit note webhook received', {
        requestNumber: payload.request_number,
        documentNo: payload.document_no,
      });
      // Validate webhook signature if configured
      const isValid = await this.webhookService.validateWebhookSignature(req);
      if (!isValid) {
        logger.warn('[DMSWebhook] Invalid webhook signature');
        return ResponseHandler.error(res, 'Invalid webhook signature', 401);
      }
      // Process credit note webhook
      const result = await this.webhookService.processCreditNoteWebhook(payload);
      if (!result.success) {
        logger.error('[DMSWebhook] Credit note webhook processing failed', {
          error: result.error,
          requestNumber: payload.request_number,
        });
        return ResponseHandler.error(res, result.error || 'Failed to process credit note webhook', 400);
      }
      logger.info('[DMSWebhook] Credit note webhook processed successfully', {
        requestNumber: payload.request_number,
        creditNoteNumber: result.creditNoteNumber,
      });
      return ResponseHandler.success(
        res,
        {
          message: 'Credit note webhook processed successfully',
          creditNoteNumber: result.creditNoteNumber,
          requestNumber: payload.request_number,
        },
        'Webhook processed'
      );
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
      logger.error('[DMSWebhook] Error processing credit note webhook:', error);
      return ResponseHandler.error(res, 'Failed to process credit note webhook', 500, errorMessage);
    }
  }
 }
--- a/src/migrations/20251213-create-claim-invoice-credit-note-tables.ts
+++ b/src/migrations/20251213-create-claim-invoice-credit-note-tables.ts
@ -23,18 +23,30 @@ export async function up(queryInterface: QueryInterface): Promise<void> {
      type: DataTypes.DATEONLY,
      allowNull: true,
    },
    invoice_amount: {
      type: DataTypes.DECIMAL(15, 2),
      allowNull: true,
    },
    dms_number: {
      type: DataTypes.STRING(100),
      allowNull: true,
    },
-    amount: {
+    invoice_file_path: {
-      type: DataTypes.DECIMAL(15, 2),
+      type: DataTypes.STRING(500),
      allowNull: true,
    },
-    status: {
+    generation_status: {
      type: DataTypes.STRING(50), // e.g., PENDING, GENERATED, SENT, FAILED, CANCELLED
      allowNull: true,
    },
    error_message: {
      type: DataTypes.TEXT,
      allowNull: true,
    },
    generated_at: {
      type: DataTypes.DATE,
      allowNull: true,
    },
    description: {
      type: DataTypes.TEXT,
      allowNull: true,
@ -54,6 +66,7 @@ export async function up(queryInterface: QueryInterface): Promise<void> {
  await queryInterface.addIndex('claim_invoices', ['request_id'], { name: 'idx_claim_invoices_request_id', unique: true });
  await queryInterface.addIndex('claim_invoices', ['invoice_number'], { name: 'idx_claim_invoices_invoice_number' });
  await queryInterface.addIndex('claim_invoices', ['dms_number'], { name: 'idx_claim_invoices_dms_number' });
  await queryInterface.addIndex('claim_invoices', ['generation_status'], { name: 'idx_claim_invoices_status' });
  await queryInterface.createTable('claim_credit_notes', {
    credit_note_id: {
@ -69,6 +82,13 @@ export async function up(queryInterface: QueryInterface): Promise<void> {
      onDelete: 'CASCADE',
      onUpdate: 'CASCADE',
    },
    invoice_id: {
      type: DataTypes.UUID,
      allowNull: true,
      references: { model: 'claim_invoices', key: 'invoice_id' },
      onDelete: 'SET NULL',
      onUpdate: 'CASCADE',
    },
    credit_note_number: {
      type: DataTypes.STRING(100),
      allowNull: true,
@ -77,12 +97,35 @@ export async function up(queryInterface: QueryInterface): Promise<void> {
      type: DataTypes.DATEONLY,
      allowNull: true,
    },
-    credit_note_amount: {
+    credit_amount: {
      type: DataTypes.DECIMAL(15, 2),
      allowNull: true,
    },
-    status: {
+    sap_document_number: {
-      type: DataTypes.STRING(50), // e.g., PENDING, GENERATED, SENT, FAILED, CANCELLED
+      type: DataTypes.STRING(100),
      allowNull: true,
    },
    credit_note_file_path: {
      type: DataTypes.STRING(500),
      allowNull: true,
    },
    confirmation_status: {
      type: DataTypes.STRING(50), // e.g., PENDING, GENERATED, CONFIRMED, FAILED, CANCELLED
      allowNull: true,
    },
    error_message: {
      type: DataTypes.TEXT,
      allowNull: true,
    },
    confirmed_by: {
      type: DataTypes.UUID,
      allowNull: true,
      references: { model: 'users', key: 'user_id' },
      onDelete: 'SET NULL',
      onUpdate: 'CASCADE',
    },
    confirmed_at: {
      type: DataTypes.DATE,
      allowNull: true,
    },
    reason: {
@ -106,7 +149,10 @@ export async function up(queryInterface: QueryInterface): Promise<void> {
  });
  await queryInterface.addIndex('claim_credit_notes', ['request_id'], { name: 'idx_claim_credit_notes_request_id', unique: true });
  await queryInterface.addIndex('claim_credit_notes', ['invoice_id'], { name: 'idx_claim_credit_notes_invoice_id' });
  await queryInterface.addIndex('claim_credit_notes', ['credit_note_number'], { name: 'idx_claim_credit_notes_number' });
  await queryInterface.addIndex('claim_credit_notes', ['sap_document_number'], { name: 'idx_claim_credit_notes_sap_doc' });
  await queryInterface.addIndex('claim_credit_notes', ['confirmation_status'], { name: 'idx_claim_credit_notes_status' });
 }
 export async function down(queryInterface: QueryInterface): Promise<void> {
--- a/src/migrations/20251218-fix-claim-invoice-credit-note-columns.ts
+++ b/src/migrations/20251218-fix-claim-invoice-credit-note-columns.ts
@ -0,0 +1,240 @@
 import { QueryInterface, DataTypes } from 'sequelize';
 /**
 * Helper function to check if a column exists in a table
 */
 async function columnExists(
  queryInterface: QueryInterface,
  tableName: string,
  columnName: string
 ): Promise<boolean> {
  try {
    const tableDescription = await queryInterface.describeTable(tableName);
    return columnName in tableDescription;
  } catch (error) {
    return false;
  }
 }
 /**
 * Migration: Fix column names in claim_invoices and claim_credit_notes tables
 * 
 * This migration handles the case where tables were created with old column names
 * and need to be updated to match the new schema.
 */
 export async function up(queryInterface: QueryInterface): Promise<void> {
  try {
    // Check if claim_invoices table exists
    const [invoiceTables] = await queryInterface.sequelize.query(`
      SELECT table_name 
      FROM information_schema.tables 
      WHERE table_schema = 'public' 
      AND table_name = 'claim_invoices';
    `);
    if (invoiceTables.length > 0) {
      // Fix claim_invoices table
      const hasOldAmount = await columnExists(queryInterface, 'claim_invoices', 'amount');
      const hasNewAmount = await columnExists(queryInterface, 'claim_invoices', 'invoice_amount');
      if (hasOldAmount && !hasNewAmount) {
        // Rename amount to invoice_amount
        await queryInterface.renameColumn('claim_invoices', 'amount', 'invoice_amount');
        console.log('✅ Renamed claim_invoices.amount to invoice_amount');
      } else if (!hasOldAmount && !hasNewAmount) {
        // Add invoice_amount if neither exists
        await queryInterface.addColumn('claim_invoices', 'invoice_amount', {
          type: DataTypes.DECIMAL(15, 2),
          allowNull: true,
        });
        console.log('✅ Added invoice_amount column to claim_invoices');
      } else if (hasNewAmount) {
        console.log('✅ invoice_amount column already exists in claim_invoices');
      }
      // Check for status vs generation_status
      const hasStatus = await columnExists(queryInterface, 'claim_invoices', 'status');
      const hasGenerationStatus = await columnExists(queryInterface, 'claim_invoices', 'generation_status');
      if (hasStatus && !hasGenerationStatus) {
        // Rename status to generation_status
        await queryInterface.renameColumn('claim_invoices', 'status', 'generation_status');
        console.log('✅ Renamed claim_invoices.status to generation_status');
      } else if (!hasStatus && !hasGenerationStatus) {
        // Add generation_status if neither exists
        await queryInterface.addColumn('claim_invoices', 'generation_status', {
          type: DataTypes.STRING(50),
          allowNull: true,
        });
        console.log('✅ Added generation_status column to claim_invoices');
      } else if (hasGenerationStatus) {
        console.log('✅ generation_status column already exists in claim_invoices');
      }
    }
    // Check if claim_credit_notes table exists
    const [creditNoteTables] = await queryInterface.sequelize.query(`
      SELECT table_name 
      FROM information_schema.tables 
      WHERE table_schema = 'public' 
      AND table_name = 'claim_credit_notes';
    `);
    if (creditNoteTables.length > 0) {
      // Fix claim_credit_notes table
      const hasOldAmount = await columnExists(queryInterface, 'claim_credit_notes', 'credit_note_amount');
      const hasNewAmount = await columnExists(queryInterface, 'claim_credit_notes', 'credit_amount');
      if (hasOldAmount && !hasNewAmount) {
        // Rename credit_note_amount to credit_amount
        await queryInterface.renameColumn('claim_credit_notes', 'credit_note_amount', 'credit_amount');
        console.log('✅ Renamed claim_credit_notes.credit_note_amount to credit_amount');
      } else if (!hasOldAmount && !hasNewAmount) {
        // Add credit_amount if neither exists
        await queryInterface.addColumn('claim_credit_notes', 'credit_amount', {
          type: DataTypes.DECIMAL(15, 2),
          allowNull: true,
        });
        console.log('✅ Added credit_amount column to claim_credit_notes');
      } else if (hasNewAmount) {
        console.log('✅ credit_amount column already exists in claim_credit_notes');
      }
      // Check for status vs confirmation_status
      const hasStatus = await columnExists(queryInterface, 'claim_credit_notes', 'status');
      const hasConfirmationStatus = await columnExists(queryInterface, 'claim_credit_notes', 'confirmation_status');
      if (hasStatus && !hasConfirmationStatus) {
        // Rename status to confirmation_status
        await queryInterface.renameColumn('claim_credit_notes', 'status', 'confirmation_status');
        console.log('✅ Renamed claim_credit_notes.status to confirmation_status');
      } else if (!hasStatus && !hasConfirmationStatus) {
        // Add confirmation_status if neither exists
        await queryInterface.addColumn('claim_credit_notes', 'confirmation_status', {
          type: DataTypes.STRING(50),
          allowNull: true,
        });
        console.log('✅ Added confirmation_status column to claim_credit_notes');
      } else if (hasConfirmationStatus) {
        console.log('✅ confirmation_status column already exists in claim_credit_notes');
      }
      // Ensure invoice_id column exists
      const hasInvoiceId = await columnExists(queryInterface, 'claim_credit_notes', 'invoice_id');
      if (!hasInvoiceId) {
        await queryInterface.addColumn('claim_credit_notes', 'invoice_id', {
          type: DataTypes.UUID,
          allowNull: true,
          references: {
            model: 'claim_invoices',
            key: 'invoice_id',
          },
          onDelete: 'SET NULL',
          onUpdate: 'CASCADE',
        });
        console.log('✅ Added invoice_id column to claim_credit_notes');
      }
      // Ensure sap_document_number column exists
      const hasSapDoc = await columnExists(queryInterface, 'claim_credit_notes', 'sap_document_number');
      if (!hasSapDoc) {
        await queryInterface.addColumn('claim_credit_notes', 'sap_document_number', {
          type: DataTypes.STRING(100),
          allowNull: true,
        });
        console.log('✅ Added sap_document_number column to claim_credit_notes');
      }
      // Ensure credit_note_file_path column exists
      const hasFilePath = await columnExists(queryInterface, 'claim_credit_notes', 'credit_note_file_path');
      if (!hasFilePath) {
        await queryInterface.addColumn('claim_credit_notes', 'credit_note_file_path', {
          type: DataTypes.STRING(500),
          allowNull: true,
        });
        console.log('✅ Added credit_note_file_path column to claim_credit_notes');
      }
      // Ensure confirmed_by column exists
      const hasConfirmedBy = await columnExists(queryInterface, 'claim_credit_notes', 'confirmed_by');
      if (!hasConfirmedBy) {
        await queryInterface.addColumn('claim_credit_notes', 'confirmed_by', {
          type: DataTypes.UUID,
          allowNull: true,
          references: {
            model: 'users',
            key: 'user_id',
          },
          onDelete: 'SET NULL',
          onUpdate: 'CASCADE',
        });
        console.log('✅ Added confirmed_by column to claim_credit_notes');
      }
      // Ensure confirmed_at column exists
      const hasConfirmedAt = await columnExists(queryInterface, 'claim_credit_notes', 'confirmed_at');
      if (!hasConfirmedAt) {
        await queryInterface.addColumn('claim_credit_notes', 'confirmed_at', {
          type: DataTypes.DATE,
          allowNull: true,
        });
        console.log('✅ Added confirmed_at column to claim_credit_notes');
      }
    }
    // Ensure invoice_file_path exists in claim_invoices
    if (invoiceTables.length > 0) {
      const hasFilePath = await columnExists(queryInterface, 'claim_invoices', 'invoice_file_path');
      if (!hasFilePath) {
        await queryInterface.addColumn('claim_invoices', 'invoice_file_path', {
          type: DataTypes.STRING(500),
          allowNull: true,
        });
        console.log('✅ Added invoice_file_path column to claim_invoices');
      }
      // Ensure error_message exists
      const hasErrorMessage = await columnExists(queryInterface, 'claim_invoices', 'error_message');
      if (!hasErrorMessage) {
        await queryInterface.addColumn('claim_invoices', 'error_message', {
          type: DataTypes.TEXT,
          allowNull: true,
        });
        console.log('✅ Added error_message column to claim_invoices');
      }
      // Ensure generated_at exists
      const hasGeneratedAt = await columnExists(queryInterface, 'claim_invoices', 'generated_at');
      if (!hasGeneratedAt) {
        await queryInterface.addColumn('claim_invoices', 'generated_at', {
          type: DataTypes.DATE,
          allowNull: true,
        });
        console.log('✅ Added generated_at column to claim_invoices');
      }
    }
    // Ensure error_message exists in claim_credit_notes
    if (creditNoteTables.length > 0) {
      const hasErrorMessage = await columnExists(queryInterface, 'claim_credit_notes', 'error_message');
      if (!hasErrorMessage) {
        await queryInterface.addColumn('claim_credit_notes', 'error_message', {
          type: DataTypes.TEXT,
          allowNull: true,
        });
        console.log('✅ Added error_message column to claim_credit_notes');
      }
    }
  } catch (error: any) {
    console.error('Migration error:', error.message);
    throw error;
  }
 }
 export async function down(queryInterface: QueryInterface): Promise<void> {
  // This migration is idempotent and safe to run multiple times
  // The down migration would reverse the changes, but it's safer to keep the new schema
  console.log('Note: Down migration not implemented - keeping new column names');
 }
--- a/src/models/ClaimCreditNote.ts
+++ b/src/models/ClaimCreditNote.ts
@ -1,29 +1,42 @@
 import { DataTypes, Model, Optional } from 'sequelize';
 import { sequelize } from '@config/database';
 import { WorkflowRequest } from './WorkflowRequest';
 import { ClaimInvoice } from './ClaimInvoice';
 interface ClaimCreditNoteAttributes {
  creditNoteId: string;
  requestId: string;
  invoiceId?: string;
  creditNoteNumber?: string;
  creditNoteDate?: Date;
  creditNoteAmount?: number;
  sapDocumentNumber?: string;
  creditNoteFilePath?: string;
  status?: string;
  errorMessage?: string;
  confirmedBy?: string;
  confirmedAt?: Date;
  reason?: string;
  description?: string;
  createdAt: Date;
  updatedAt: Date;
 }
-interface ClaimCreditNoteCreationAttributes extends Optional<ClaimCreditNoteAttributes, 'creditNoteId' | 'creditNoteNumber' | 'creditNoteDate' | 'creditNoteAmount' | 'status' | 'reason' | 'description' | 'createdAt' | 'updatedAt'> {}
+interface ClaimCreditNoteCreationAttributes extends Optional<ClaimCreditNoteAttributes, 'creditNoteId' | 'invoiceId' | 'creditNoteNumber' | 'creditNoteDate' | 'creditNoteAmount' | 'sapDocumentNumber' | 'creditNoteFilePath' | 'status' | 'errorMessage' | 'confirmedBy' | 'confirmedAt' | 'reason' | 'description' | 'createdAt' | 'updatedAt'> {}
 class ClaimCreditNote extends Model<ClaimCreditNoteAttributes, ClaimCreditNoteCreationAttributes> implements ClaimCreditNoteAttributes {
  public creditNoteId!: string;
  public requestId!: string;
  public invoiceId?: string;
  public creditNoteNumber?: string;
  public creditNoteDate?: Date;
  public creditNoteAmount?: number;
  public sapDocumentNumber?: string;
  public creditNoteFilePath?: string;
  public status?: string;
  public errorMessage?: string;
  public confirmedBy?: string;
  public confirmedAt?: Date;
  public reason?: string;
  public description?: string;
  public createdAt!: Date;
@ -50,6 +63,17 @@ ClaimCreditNote.init(
      onDelete: 'CASCADE',
      onUpdate: 'CASCADE',
    },
    invoiceId: {
      type: DataTypes.UUID,
      allowNull: true,
      field: 'invoice_id',
      references: {
        model: 'claim_invoices',
        key: 'invoice_id',
      },
      onDelete: 'SET NULL',
      onUpdate: 'CASCADE',
    },
    creditNoteNumber: {
      type: DataTypes.STRING(100),
      allowNull: true,
@ -63,12 +87,43 @@ ClaimCreditNote.init(
    creditNoteAmount: {
      type: DataTypes.DECIMAL(15, 2),
      allowNull: true,
-      field: 'credit_note_amount',
+      field: 'credit_amount',
    },
    sapDocumentNumber: {
      type: DataTypes.STRING(100),
      allowNull: true,
      field: 'sap_document_number',
    },
    creditNoteFilePath: {
      type: DataTypes.STRING(500),
      allowNull: true,
      field: 'credit_note_file_path',
    },
    status: {
      type: DataTypes.STRING(50),
      allowNull: true,
-      field: 'status',
+      field: 'confirmation_status',
    },
    errorMessage: {
      type: DataTypes.TEXT,
      allowNull: true,
      field: 'error_message',
    },
    confirmedBy: {
      type: DataTypes.UUID,
      allowNull: true,
      field: 'confirmed_by',
      references: {
        model: 'users',
        key: 'user_id',
      },
      onDelete: 'SET NULL',
      onUpdate: 'CASCADE',
    },
    confirmedAt: {
      type: DataTypes.DATE,
      allowNull: true,
      field: 'confirmed_at',
    },
    reason: {
      type: DataTypes.TEXT,
@ -102,7 +157,10 @@ ClaimCreditNote.init(
    updatedAt: 'updated_at',
    indexes: [
      { unique: true, fields: ['request_id'], name: 'idx_claim_credit_notes_request_id' },
      { fields: ['invoice_id'], name: 'idx_claim_credit_notes_invoice_id' },
      { fields: ['credit_note_number'], name: 'idx_claim_credit_notes_number' },
      { fields: ['sap_document_number'], name: 'idx_claim_credit_notes_sap_doc' },
      { fields: ['confirmation_status'], name: 'idx_claim_credit_notes_status' },
    ],
  }
 );
@ -119,5 +177,17 @@ ClaimCreditNote.belongsTo(WorkflowRequest, {
  targetKey: 'requestId',
 });
 ClaimCreditNote.belongsTo(ClaimInvoice, {
  as: 'claimInvoice',
  foreignKey: 'invoiceId',
  targetKey: 'invoiceId',
 });
 ClaimInvoice.hasMany(ClaimCreditNote, {
  as: 'creditNotes',
  foreignKey: 'invoiceId',
  sourceKey: 'invoiceId',
 });
 export { ClaimCreditNote };
--- a/src/models/ClaimInvoice.ts
+++ b/src/models/ClaimInvoice.ts
@ -7,24 +7,30 @@ interface ClaimInvoiceAttributes {
  requestId: string;
  invoiceNumber?: string;
  invoiceDate?: Date;
  dmsNumber?: string;
  amount?: number;
  dmsNumber?: string;
  invoiceFilePath?: string;
  status?: string;
  errorMessage?: string;
  generatedAt?: Date;
  description?: string;
  createdAt: Date;
  updatedAt: Date;
 }
-interface ClaimInvoiceCreationAttributes extends Optional<ClaimInvoiceAttributes, 'invoiceId' | 'invoiceNumber' | 'invoiceDate' | 'dmsNumber' | 'amount' | 'status' | 'description' | 'createdAt' | 'updatedAt'> {}
+interface ClaimInvoiceCreationAttributes extends Optional<ClaimInvoiceAttributes, 'invoiceId' | 'invoiceNumber' | 'invoiceDate' | 'amount' | 'dmsNumber' | 'invoiceFilePath' | 'status' | 'errorMessage' | 'generatedAt' | 'description' | 'createdAt' | 'updatedAt'> {}
 class ClaimInvoice extends Model<ClaimInvoiceAttributes, ClaimInvoiceCreationAttributes> implements ClaimInvoiceAttributes {
  public invoiceId!: string;
  public requestId!: string;
  public invoiceNumber?: string;
  public invoiceDate?: Date;
  public dmsNumber?: string;
  public amount?: number;
  public dmsNumber?: string;
  public invoiceFilePath?: string;
  public status?: string;
  public errorMessage?: string;
  public generatedAt?: Date;
  public description?: string;
  public createdAt!: Date;
  public updatedAt!: Date;
@ -60,20 +66,35 @@ ClaimInvoice.init(
      allowNull: true,
      field: 'invoice_date',
    },
    amount: {
      type: DataTypes.DECIMAL(15, 2),
      allowNull: true,
      field: 'invoice_amount',
    },
    dmsNumber: {
      type: DataTypes.STRING(100),
      allowNull: true,
      field: 'dms_number',
    },
-    amount: {
+    invoiceFilePath: {
-      type: DataTypes.DECIMAL(15, 2),
+      type: DataTypes.STRING(500),
      allowNull: true,
-      field: 'amount',
+      field: 'invoice_file_path',
    },
    status: {
      type: DataTypes.STRING(50),
      allowNull: true,
-      field: 'status',
+      field: 'generation_status',
    },
    errorMessage: {
      type: DataTypes.TEXT,
      allowNull: true,
      field: 'error_message',
    },
    generatedAt: {
      type: DataTypes.DATE,
      allowNull: true,
      field: 'generated_at',
    },
    description: {
      type: DataTypes.TEXT,
@ -104,6 +125,7 @@ ClaimInvoice.init(
      { unique: true, fields: ['request_id'], name: 'idx_claim_invoices_request_id' },
      { fields: ['invoice_number'], name: 'idx_claim_invoices_invoice_number' },
      { fields: ['dms_number'], name: 'idx_claim_invoices_dms_number' },
      { fields: ['generation_status'], name: 'idx_claim_invoices_status' },
    ],
  }
 );
@ -120,5 +142,8 @@ ClaimInvoice.belongsTo(WorkflowRequest, {
  targetKey: 'requestId',
 });
 // Note: hasMany association with ClaimCreditNote is defined in ClaimCreditNote.ts
 // to avoid circular dependency issues
 export { ClaimInvoice };
--- a/src/routes/dealerClaim.routes.ts
+++ b/src/routes/dealerClaim.routes.ts
@ -86,5 +86,12 @@ router.put('/:requestId/e-invoice', authenticateToken, asyncHandler(dealerClaimC
 */
 router.put('/:requestId/credit-note', authenticateToken, asyncHandler(dealerClaimController.updateCreditNote.bind(dealerClaimController)));
 /**
 * @route   POST /api/v1/dealer-claims/:requestId/credit-note/send
 * @desc    Send credit note to dealer and auto-approve Step 8
 * @access  Private
 */
 router.post('/:requestId/credit-note/send', authenticateToken, asyncHandler(dealerClaimController.sendCreditNoteToDealer.bind(dealerClaimController)));
 export default router;
--- a/src/routes/dmsWebhook.routes.ts
+++ b/src/routes/dmsWebhook.routes.ts
@ -0,0 +1,47 @@
 import { Router } from 'express';
 import { DMSWebhookController } from '../controllers/dmsWebhook.controller';
 import { asyncHandler } from '../middlewares/errorHandler.middleware';
 const router = Router();
 const webhookController = new DMSWebhookController();
 /**
 * @route   GET /api/v1/webhooks/dms/health
 * @desc    Health check endpoint for webhook routes (for testing)
 * @access  Public
 */
 router.get('/health', (_req, res) => {
  res.status(200).json({
    status: 'OK',
    message: 'DMS Webhook routes are active',
    endpoints: {
      invoice: 'POST /api/v1/webhooks/dms/invoice',
      creditNote: 'POST /api/v1/webhooks/dms/credit-note'
    }
  });
 });
 /**
 * @route   POST /api/v1/webhooks/dms/invoice
 * @desc    Webhook endpoint for DMS invoice generation callbacks
 * @access  Public (authenticated via webhook signature)
 * @note    This endpoint is called by DMS system after invoice generation
 */
 router.post(
  '/invoice',
  asyncHandler(webhookController.handleInvoiceWebhook.bind(webhookController))
 );
 /**
 * @route   POST /api/v1/webhooks/dms/credit-note
 * @desc    Webhook endpoint for DMS credit note generation callbacks
 * @access  Public (authenticated via webhook signature)
 * @note    This endpoint is called by DMS system after credit note generation
 */
 router.post(
  '/credit-note',
  asyncHandler(webhookController.handleCreditNoteWebhook.bind(webhookController))
 );
 export default router;
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@ -16,6 +16,7 @@ import aiRoutes from './ai.routes';
 import dealerClaimRoutes from './dealerClaim.routes';
 import templateRoutes from './template.routes';
 import dealerRoutes from './dealer.routes';
 import dmsWebhookRoutes from './dmsWebhook.routes';
 const router = Router();
@ -46,6 +47,7 @@ router.use('/summaries', summaryRoutes);
 router.use('/dealer-claims', dealerClaimRoutes);
 router.use('/templates', templateRoutes);
 router.use('/dealers', dealerRoutes);
 router.use('/webhooks/dms', dmsWebhookRoutes);
 // TODO: Add other route modules as they are implemented
 // router.use('/approvals', approvalRoutes);
--- a/src/scripts/auto-setup.ts
+++ b/src/scripts/auto-setup.ts
@ -132,6 +132,7 @@ async function runMigrations(): Promise<void> {
    const m37 = require('../migrations/20251213-drop-claim-details-invoice-columns');
    const m38 = require('../migrations/20251213-create-claim-invoice-credit-note-tables');
    const m39 = require('../migrations/20251214-create-dealer-completion-expenses');
    const m40 = require('../migrations/20251218-fix-claim-invoice-credit-note-columns');
    const migrations = [
      { name: '2025103000-create-users', module: m0 },
@ -176,6 +177,7 @@ async function runMigrations(): Promise<void> {
      { name: '20251213-drop-claim-details-invoice-columns', module: m37 },
      { name: '20251213-create-claim-invoice-credit-note-tables', module: m38 },
      { name: '20251214-create-dealer-completion-expenses', module: m39 },
      { name: '20251218-fix-claim-invoice-credit-note-columns', module: m40 },
    ];
    const queryInterface = sequelize.getQueryInterface();
--- a/src/scripts/migrate.ts
+++ b/src/scripts/migrate.ts
@ -42,6 +42,7 @@ import * as m36 from '../migrations/20251211-create-claim-budget-tracking-table'
 import * as m37 from '../migrations/20251213-drop-claim-details-invoice-columns';
 import * as m38 from '../migrations/20251213-create-claim-invoice-credit-note-tables';
 import * as m39 from '../migrations/20251214-create-dealer-completion-expenses';
 import * as m40 from '../migrations/20251218-fix-claim-invoice-credit-note-columns';
 interface Migration {
  name: string;
@ -98,6 +99,7 @@ const migrations: Migration[] = [
  { name: '20251213-drop-claim-details-invoice-columns', module: m37 },
  { name: '20251213-create-claim-invoice-credit-note-tables', module: m38 },
  { name: '20251214-create-dealer-completion-expenses', module: m39 },
  { name: '20251218-fix-claim-invoice-credit-note-columns', module: m40 },
 ];
 /**
--- a/src/services/approval.service.ts
+++ b/src/services/approval.service.ts
@ -447,19 +447,14 @@ export class ApprovalService {
                // Don't fail the Step 3 approval if Step 4 processing fails - log and continue
              }
            } else if (isClaimManagement && isStep6Approval && isStep7Next && nextLevel && nextLevel.approverEmail === 'system@royalenfield.com') {
-              // Step 7 is an auto-step - process it automatically after Step 6 approval
+              // Step 7 is an auto-step - activate it but don't process invoice generation
-              logger.info(`[Approval] Step 6 approved for claim management workflow. Auto-processing Step 7: E-Invoice Generation`);
+              // Invoice generation will be handled by DMS webhook when invoice is created
-              try {
+              logger.info(`[Approval] Step 6 approved for claim management workflow. Step 7 activated. Waiting for DMS webhook to generate invoice.`);
-                const dealerClaimService = new DealerClaimService();
+              // Step 7 will remain in IN_PROGRESS until webhook creates invoice and auto-approves it
-                await dealerClaimService.processEInvoiceGeneration(level.requestId);
+              // Continue with normal flow to activate Step 7
-                logger.info(`[Approval] Step 7 auto-processing completed for request ${level.requestId}`);
+            } 
-                // Skip notification for system auto-processed step
+            
-                return updatedLevel;
+            if (wf && nextLevel) {
              } catch (step7Error) {
                logger.error(`[Approval] Error auto-processing Step 7 for request ${level.requestId}:`, step7Error);
                // Don't fail the Step 6 approval if Step 7 processing fails - log and continue
              }
            } else if (wf && nextLevel) {
              // Normal flow - notify next approver (skip for auto-steps)
              // Check if it's an auto-step by checking approverEmail or levelName
              const isAutoStep = (nextLevel as any).approverEmail === 'system@royalenfield.com' 
--- a/src/services/dealerClaim.service.ts
+++ b/src/services/dealerClaim.service.ts
@ -1544,6 +1544,7 @@ export class DealerClaimService {
          dmsNumber: invoiceResult.dmsNumber,
          amount: invoiceAmount,
          status: 'GENERATED',
          generatedAt: new Date(),
          description: invoiceData?.description || `E-Invoice for claim request ${requestNumber}`,
        });
@ -1560,6 +1561,7 @@ export class DealerClaimService {
          dmsNumber: invoiceData.dmsNumber,
          amount: invoiceData.amount,
          status: 'UPDATED',
          generatedAt: new Date(),
          description: invoiceData.description,
        });
@ -1573,19 +1575,18 @@ export class DealerClaimService {
      if (step6Level && step6Level.status !== ApprovalStatus.APPROVED) {
        logger.info(`[DealerClaimService] Step 6 not approved yet. Auto-approving Step 6 for request ${requestId}`);
-        // Auto-approve Step 6 - this will trigger Step 7 auto-processing in approval service
+        // Auto-approve Step 6 - Step 7 will be activated but invoice generation will happen via webhook
        await this.approvalService.approveLevel(
          step6Level.levelId,
-          { action: 'APPROVE', comments: 'Auto-approved when pushing to DMS. E-Invoice generated.' },
+          { action: 'APPROVE', comments: 'Auto-approved when pushing to DMS. Waiting for DMS webhook to generate invoice.' },
          'system',
          { ipAddress: null, userAgent: 'System Auto-Process' }
        );
-        // Note: Step 7 auto-processing will be handled by approval service when Step 6 is approved
+        // Note: Step 7 invoice generation will be handled by DMS webhook, not here
-        // But we also call it directly here to ensure it runs (in case approval service logic doesn't trigger)
+        logger.info(`[DealerClaimService] Step 6 approved. Step 7 activated. Waiting for DMS webhook to generate invoice.`);
        await this.processEInvoiceGeneration(requestId);
      } else {
-        // Step 6 already approved - directly process Step 7
+        // Step 6 already approved - Step 7 should be active, waiting for webhook
-        await this.processEInvoiceGeneration(requestId);
+        logger.info(`[DealerClaimService] Step 6 already approved. Step 7 should be active. Invoice generation will happen via DMS webhook.`);
      }
    } catch (error) {
      logger.error('[DealerClaimService] Error updating e-invoice details:', error);
@ -1594,8 +1595,9 @@ export class DealerClaimService {
  }
  /**
-   * Process Step 7: E-Invoice Generation (Auto-processed after Step 6 approval or when pushing to DMS)
+   * Process Step 7: E-Invoice Generation (Deprecated - now handled by DMS webhook)
-   * Generates e-invoice via DMS and auto-approves Step 7
+   * This method is kept for backward compatibility but invoice generation is now triggered only via DMS webhook
   * @deprecated Use DMS webhook to trigger invoice generation instead
   */
  async processEInvoiceGeneration(requestId: string): Promise<void> {
    try {
@ -1707,10 +1709,12 @@ export class DealerClaimService {
        await ClaimCreditNote.upsert({
          requestId,
          invoiceId: claimInvoice.invoiceId,
          creditNoteNumber: creditNoteResult.creditNoteNumber,
          creditNoteDate: creditNoteResult.creditNoteDate || new Date(),
          creditNoteAmount: creditNoteResult.creditNoteAmount,
          status: 'GENERATED',
          confirmedAt: new Date(),
          reason: creditNoteData?.reason || 'Claim settlement',
          description: creditNoteData?.description || `Credit note for claim request ${requestNumber}`,
        });
@ -1723,10 +1727,12 @@ export class DealerClaimService {
        // Manual entry - just update the fields
        await ClaimCreditNote.upsert({
          requestId,
          invoiceId: claimInvoice.invoiceId,
          creditNoteNumber: creditNoteData.creditNoteNumber,
          creditNoteDate: creditNoteData.creditNoteDate || new Date(),
          creditNoteAmount: creditNoteData.creditNoteAmount,
          status: 'UPDATED',
          confirmedAt: new Date(),
          reason: creditNoteData?.reason,
          description: creditNoteData?.description,
        });
@ -1739,6 +1745,107 @@ export class DealerClaimService {
    }
  }
  /**
   * Send credit note to dealer and auto-approve Step 8
   * This method sends the credit note to the dealer via email/notification and auto-approves Step 8
   */
  async sendCreditNoteToDealer(requestId: string, userId: string): Promise<void> {
    try {
      logger.info(`[DealerClaimService] Sending credit note to dealer for request ${requestId}`);
      // Get credit note details
      const creditNote = await ClaimCreditNote.findOne({
        where: { requestId }
      });
      if (!creditNote) {
        throw new Error('Credit note not found. Please ensure credit note is generated before sending to dealer.');
      }
      // Get claim details for dealer information
      const claimDetails = await DealerClaimDetails.findOne({ where: { requestId } });
      if (!claimDetails) {
        throw new Error('Claim details not found');
      }
      // Get workflow request
      const request = await WorkflowRequest.findByPk(requestId);
      if (!request) {
        throw new Error('Workflow request not found');
      }
      const workflowType = (request as any).workflowType;
      if (workflowType !== 'CLAIM_MANAGEMENT') {
        throw new Error('This operation is only available for claim management workflows');
      }
      // Get Step 8 approval level
      const step8Level = await ApprovalLevel.findOne({
        where: {
          requestId,
          levelNumber: 8
        }
      });
      if (!step8Level) {
        throw new Error(`Step 8 approval level not found for request ${requestId}`);
      }
      // Check if Step 8 is already approved
      if (step8Level.status === 'APPROVED') {
        logger.info(`[DealerClaimService] Step 8 already approved for request ${requestId}`);
        // Still send notification to dealer if credit note wasn't sent before
        // You can add a flag to track if credit note was already sent
      } else {
        // Auto-approve Step 8
        logger.info(`[DealerClaimService] Auto-approving Step 8 for request ${requestId}`);
        await this.approvalService.approveLevel(
          step8Level.levelId,
          {
            action: 'APPROVE',
            comments: `Credit note sent to dealer. Credit Note Number: ${creditNote.creditNoteNumber || 'N/A'}. Step 8 auto-approved.`,
          },
          userId,
          {
            ipAddress: null,
            userAgent: 'System Auto-Process',
          }
        );
        logger.info(`[DealerClaimService] Step 8 auto-approved successfully for request ${requestId}`);
      }
      // Update credit note status to SENT
      await creditNote.update({
        status: 'CONFIRMED', // Or 'SENT' if you have that status
        confirmedAt: new Date(),
        confirmedBy: userId,
      });
      // Send notification to dealer (you can implement email service here)
      // For now, we'll just log it
      logger.info(`[DealerClaimService] Credit note sent to dealer`, {
        requestId,
        creditNoteNumber: creditNote.creditNoteNumber,
        dealerEmail: claimDetails.dealerEmail,
        dealerName: claimDetails.dealerName,
      });
      // TODO: Implement email service to send credit note to dealer
      // await emailService.sendCreditNoteToDealer({
      //   dealerEmail: claimDetails.dealerEmail,
      //   dealerName: claimDetails.dealerName,
      //   creditNoteNumber: creditNote.creditNoteNumber,
      //   creditNoteAmount: creditNote.creditNoteAmount,
      //   requestNumber: (request as any).requestNumber,
      // });
    } catch (error) {
      logger.error('[DealerClaimService] Error sending credit note to dealer:', error);
      throw error;
    }
  }
  /**
   * Process Step 4: Activity Creation (Auto-processed after Step 3 approval)
   * Creates activity confirmation and sends emails to dealer, requestor, and department lead
--- a/src/services/dmsWebhook.service.ts
+++ b/src/services/dmsWebhook.service.ts
@ -0,0 +1,408 @@
 import { Request } from 'express';
 import { ClaimInvoice } from '../models/ClaimInvoice';
 import { ClaimCreditNote } from '../models/ClaimCreditNote';
 import { WorkflowRequest } from '../models/WorkflowRequest';
 import { ApprovalLevel } from '../models/ApprovalLevel';
 import { ApprovalService } from './approval.service';
 import logger from '../utils/logger';
 import crypto from 'crypto';
 /**
 * DMS Webhook Service
 * Handles processing of webhook callbacks from DMS system
 */
 export class DMSWebhookService {
  private webhookSecret: string;
  private approvalService: ApprovalService;
  constructor() {
    this.webhookSecret = process.env.DMS_WEBHOOK_SECRET || '';
    this.approvalService = new ApprovalService();
  }
  /**
   * Validate webhook signature for security
   * DMS should send a signature in the header that we can verify
   */
  async validateWebhookSignature(req: Request): Promise<boolean> {
    // If webhook secret is not configured, skip validation (for development)
    if (!this.webhookSecret) {
      logger.warn('[DMSWebhook] Webhook secret not configured, skipping signature validation');
      return true;
    }
    try {
      const signature = req.headers['x-dms-signature'] as string;
      if (!signature) {
        logger.warn('[DMSWebhook] Missing webhook signature in header');
        return false;
      }
      // Create HMAC hash of the request body
      const body = JSON.stringify(req.body);
      const expectedSignature = crypto
        .createHmac('sha256', this.webhookSecret)
        .update(body)
        .digest('hex');
      // Compare signatures (use constant-time comparison to prevent timing attacks)
      const isValid = crypto.timingSafeEqual(
        Buffer.from(signature),
        Buffer.from(expectedSignature)
      );
      if (!isValid) {
        logger.warn('[DMSWebhook] Invalid webhook signature');
      }
      return isValid;
    } catch (error) {
      logger.error('[DMSWebhook] Error validating webhook signature:', error);
      return false;
    }
  }
  /**
   * Process invoice generation webhook from DMS
   */
  async processInvoiceWebhook(payload: any): Promise<{
    success: boolean;
    invoiceNumber?: string;
    error?: string;
  }> {
    try {
      // Validate required fields
      const requiredFields = ['request_number', 'document_no', 'document_type'];
      for (const field of requiredFields) {
        if (!payload[field]) {
          return {
            success: false,
            error: `Missing required field: ${field}`,
          };
        }
      }
      // Find workflow request by request number
      const request = await WorkflowRequest.findOne({
        where: {
          requestNumber: payload.request_number,
        },
      });
      if (!request) {
        return {
          success: false,
          error: `Request not found: ${payload.request_number}`,
        };
      }
      // Find or create invoice record
      let invoice = await ClaimInvoice.findOne({
        where: { requestId: request.requestId },
      });
      // Create invoice if it doesn't exist (new flow: webhook creates invoice)
      if (!invoice) {
        logger.info('[DMSWebhook] Invoice record not found, creating new invoice from webhook', {
          requestNumber: payload.request_number,
        });
        invoice = await ClaimInvoice.create({
          requestId: request.requestId,
          invoiceNumber: payload.document_no,
          dmsNumber: payload.document_no,
          invoiceDate: payload.document_date ? new Date(payload.document_date) : new Date(),
          amount: payload.total_amount || payload.claim_amount,
          status: 'GENERATED',
          generatedAt: new Date(),
          invoiceFilePath: payload.invoice_file_path || null,
          errorMessage: payload.error_message || null,
          description: this.buildInvoiceDescription(payload),
        });
        logger.info('[DMSWebhook] Invoice created successfully from webhook', {
          requestNumber: payload.request_number,
          invoiceNumber: payload.document_no,
        });
      } else {
        // Update existing invoice with DMS response data
        await invoice.update({
          invoiceNumber: payload.document_no,
          dmsNumber: payload.document_no, // DMS document number
          invoiceDate: payload.document_date ? new Date(payload.document_date) : new Date(),
          amount: payload.total_amount || payload.claim_amount,
          status: 'GENERATED',
          generatedAt: new Date(),
          invoiceFilePath: payload.invoice_file_path || null,
          errorMessage: payload.error_message || null,
          // Store additional DMS data in description or separate fields if needed
          description: this.buildInvoiceDescription(payload),
        });
        logger.info('[DMSWebhook] Invoice updated successfully', {
          requestNumber: payload.request_number,
          invoiceNumber: payload.document_no,
          irnNo: payload.irn_no,
        });
      }
      // Auto-approve Step 7 and move to Step 8
      await this.autoApproveStep7(request.requestId, payload.request_number);
      return {
        success: true,
        invoiceNumber: payload.document_no,
      };
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
      logger.error('[DMSWebhook] Error processing invoice webhook:', error);
      return {
        success: false,
        error: errorMessage,
      };
    }
  }
  /**
   * Process credit note generation webhook from DMS
   */
  async processCreditNoteWebhook(payload: any): Promise<{
    success: boolean;
    creditNoteNumber?: string;
    error?: string;
  }> {
    try {
      // Validate required fields
      const requiredFields = ['request_number', 'document_no', 'document_type'];
      for (const field of requiredFields) {
        if (!payload[field]) {
          return {
            success: false,
            error: `Missing required field: ${field}`,
          };
        }
      }
      // Find workflow request by request number
      const request = await WorkflowRequest.findOne({
        where: {
          requestNumber: payload.request_number,
        },
      });
      if (!request) {
        return {
          success: false,
          error: `Request not found: ${payload.request_number}`,
        };
      }
      // Find invoice to link credit note
      const invoice = await ClaimInvoice.findOne({
        where: { requestId: request.requestId },
      });
      if (!invoice) {
        return {
          success: false,
          error: `Invoice not found for request: ${payload.request_number}`,
        };
      }
      // Find or create credit note record
      let creditNote = await ClaimCreditNote.findOne({
        where: { requestId: request.requestId },
      });
      // Create credit note if it doesn't exist (new flow: webhook creates credit note)
      if (!creditNote) {
        logger.info('[DMSWebhook] Credit note record not found, creating new credit note from webhook', {
          requestNumber: payload.request_number,
        });
        creditNote = await ClaimCreditNote.create({
          requestId: request.requestId,
          invoiceId: invoice.invoiceId,
          creditNoteNumber: payload.document_no,
          creditNoteDate: payload.document_date ? new Date(payload.document_date) : new Date(),
          creditNoteAmount: payload.total_amount || payload.credit_amount,
          sapDocumentNumber: payload.sap_credit_note_no || null,
          status: 'CONFIRMED',
          confirmedAt: new Date(),
          creditNoteFilePath: payload.credit_note_file_path || null,
          errorMessage: payload.error_message || null,
          description: this.buildCreditNoteDescription(payload),
        });
        logger.info('[DMSWebhook] Credit note created successfully from webhook', {
          requestNumber: payload.request_number,
          creditNoteNumber: payload.document_no,
        });
      } else {
        // Update existing credit note with DMS response data
        await creditNote.update({
          invoiceId: invoice.invoiceId,
          creditNoteNumber: payload.document_no,
          creditNoteDate: payload.document_date ? new Date(payload.document_date) : new Date(),
          creditNoteAmount: payload.total_amount || payload.credit_amount,
          sapDocumentNumber: payload.sap_credit_note_no || null,
          status: 'CONFIRMED',
          confirmedAt: new Date(),
          creditNoteFilePath: payload.credit_note_file_path || null,
          errorMessage: payload.error_message || null,
          description: this.buildCreditNoteDescription(payload),
        });
        logger.info('[DMSWebhook] Credit note updated successfully', {
          requestNumber: payload.request_number,
          creditNoteNumber: payload.document_no,
          sapCreditNoteNo: payload.sap_credit_note_no,
          irnNo: payload.irn_no,
        });
      }
      return {
        success: true,
        creditNoteNumber: payload.document_no,
      };
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
      logger.error('[DMSWebhook] Error processing credit note webhook:', error);
      return {
        success: false,
        error: errorMessage,
      };
    }
  }
  /**
   * Build invoice description from DMS payload
   */
  private buildInvoiceDescription(payload: any): string {
    const parts: string[] = [];
    if (payload.irn_no) {
      parts.push(`IRN: ${payload.irn_no}`);
    }
    if (payload.item_code_no) {
      parts.push(`Item Code: ${payload.item_code_no}`);
    }
    if (payload.hsn_sac_code) {
      parts.push(`HSN/SAC: ${payload.hsn_sac_code}`);
    }
    if (payload.cgst_amount || payload.sgst_amount || payload.igst_amount) {
      parts.push(`GST - CGST: ${payload.cgst_amount || 0}, SGST: ${payload.sgst_amount || 0}, IGST: ${payload.igst_amount || 0}`);
    }
    return parts.length > 0 ? parts.join(' | ') : '';
  }
  /**
   * Build credit note description from DMS payload
   */
  private buildCreditNoteDescription(payload: any): string {
    const parts: string[] = [];
    if (payload.irn_no) {
      parts.push(`IRN: ${payload.irn_no}`);
    }
    if (payload.sap_credit_note_no) {
      parts.push(`SAP CN: ${payload.sap_credit_note_no}`);
    }
    if (payload.credit_type) {
      parts.push(`Credit Type: ${payload.credit_type}`);
    }
    if (payload.item_code_no) {
      parts.push(`Item Code: ${payload.item_code_no}`);
    }
    if (payload.hsn_sac_code) {
      parts.push(`HSN/SAC: ${payload.hsn_sac_code}`);
    }
    if (payload.cgst_amount || payload.sgst_amount || payload.igst_amount) {
      parts.push(`GST - CGST: ${payload.cgst_amount || 0}, SGST: ${payload.sgst_amount || 0}, IGST: ${payload.igst_amount || 0}`);
    }
    return parts.length > 0 ? parts.join(' | ') : '';
  }
  /**
   * Auto-approve Step 7 (E-Invoice Generation) and move to Step 8
   * This is called after invoice is created/updated from DMS webhook
   */
  private async autoApproveStep7(requestId: string, requestNumber: string): Promise<void> {
    try {
      // Check if this is a claim management workflow
      const request = await WorkflowRequest.findByPk(requestId);
      if (!request) {
        logger.warn('[DMSWebhook] Request not found for Step 7 auto-approval', { requestId });
        return;
      }
      const workflowType = (request as any).workflowType;
      if (workflowType !== 'CLAIM_MANAGEMENT') {
        logger.info('[DMSWebhook] Not a claim management workflow, skipping Step 7 auto-approval', {
          requestId,
          workflowType,
        });
        return;
      }
      // Get Step 7 approval level
      const step7Level = await ApprovalLevel.findOne({
        where: {
          requestId,
          levelNumber: 7,
        },
      });
      if (!step7Level) {
        logger.warn('[DMSWebhook] Step 7 approval level not found', { requestId, requestNumber });
        return;
      }
      // Check if Step 7 is already approved
      if (step7Level.status === 'APPROVED') {
        logger.info('[DMSWebhook] Step 7 already approved, skipping auto-approval', {
          requestId,
          requestNumber,
        });
        return;
      }
      // Auto-approve Step 7
      logger.info('[DMSWebhook] Auto-approving Step 7 (E-Invoice Generation)', {
        requestId,
        requestNumber,
        levelId: step7Level.levelId,
      });
      await this.approvalService.approveLevel(
        step7Level.levelId,
        {
          action: 'APPROVE',
          comments: `E-Invoice generated via DMS webhook. Invoice Number: ${(await ClaimInvoice.findOne({ where: { requestId } }))?.invoiceNumber || 'N/A'}. Step 7 auto-approved.`,
        },
        'system', // System user for auto-approval
        {
          ipAddress: null,
          userAgent: 'DMS-Webhook-System',
        }
      );
      logger.info('[DMSWebhook] Step 7 auto-approved successfully. Workflow moved to Step 8', {
        requestId,
        requestNumber,
      });
    } catch (error) {
      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
      logger.error('[DMSWebhook] Error auto-approving Step 7:', {
        requestId,
        requestNumber,
        error: errorMessage,
      });
      // Don't throw error - webhook processing should continue even if Step 7 approval fails
      // The invoice is already created/updated, which is the primary goal
    }
  }
 }