@devvistatech/devvista-kit 0.0.10 → 0.0.12

package/app/api/files/route.ts

@@ -1,430 +1,430 @@
-import { NextRequest, NextResponse } from "next/server";
-import { getAuth } from "@clerk/nextjs/server";
-
-export const revalidate = 0; // Disable Next.js ISR
-
-interface StrapiUser {
-  id: number;
-  username: string;
-  email: string;
-  businessAdminId?: string;
-}
-
-interface UploadedFile {
-  id: number;
-  documentId: string;
-  name: string;
-  url: string;
-  createdAt: string;
-}
-
-const DOC_API_URL = process.env.STRAPI_DOC_API_URL || "";
-const BASE_URL = process.env.STRAPI_API_URL || "";
-const UPLOAD_API_URL = `${BASE_URL}/api/upload`;
-const STRAPI_API_TOKEN = process.env.STRAPI_API_TOKEN || "";
-const STRAPI_USER_LIST_API_URL = process.env.STRAPI_USER_LIST_API_URL || "";
-
-async function verifyUser(userId: string): Promise<StrapiUser | null> {
-  try {
-    const response = await fetch(
-      `${STRAPI_USER_LIST_API_URL}?filters[authId][$eq]=${userId}`,
-      {
-        headers: {
-          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-          "Content-Type": "application/json",
-        },
-        cache: "no-store",
-      }
-    );
-
-    if (!response.ok) {
-      const errorText = await response.text();
-      console.error("verifyUser failed:", errorText);
-      return null;
-    }
-
-    const userData = await response.json();
-    const strapiUser = userData.data?.find((user: any) => user.authId === userId);
-    if (!strapiUser) {
-      console.error("verifyUser: No user found for authId", { userId });
-      return null;
-    }
-
-    return {
-      id: strapiUser.id,
-      username: strapiUser.username,
-      email: strapiUser.email,
-      businessAdminId: strapiUser.businessAdminId,
-    };
-  } catch (error) {
-    console.error("verifyUser error:", error);
-    return null;
-  }
-}
-
-export async function GET() {
-  try {
-    if (!DOC_API_URL || !STRAPI_API_TOKEN) {
-      console.error(
-        "Missing environment variables:",
-        !DOC_API_URL && "STRAPI_DOC_API_URL",
-        !STRAPI_API_TOKEN && "STRAPI_API_TOKEN"
-      );
-      return NextResponse.json(
-        { error: "Server configuration error: Missing required environment variables" },
-        { status: 500 }
-      );
-    }
-
-    const response = await fetch(
-      `${DOC_API_URL}?publicationState=live&populate=uploadedDoc&fields[0]=createdAt&pagination[pageSize]=100&t=${Date.now()}`,
-      {
-        headers: {
-          "Content-Type": "application/json",
-          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-        },
-        cache: "no-store",
-      }
-    );
-
-    if (!response.ok) {
-      const errorText = await response.text();
-      console.error("GET /api/files: Fetch files failed:", errorText);
-      return NextResponse.json(
-        { error: `Failed to fetch files: ${errorText}` },
-        { status: response.status }
-      );
-    }
-
-    const result = await response.json();
-
-    const files: UploadedFile[] = (result.data || [])
-      .map((item: any) => {
-        const uploadedDoc = item.uploadedDoc;
-        if (!uploadedDoc || !uploadedDoc.url) {
-          console.warn(`Fitness plan missing for item ${item.id}`);
-          return null;
-        }
-        const rawUrl = uploadedDoc.url || "";
-        const fileUrl = rawUrl.startsWith("http") ? rawUrl : `${BASE_URL}${rawUrl}`;
-        return {
-          id: item.id,
-          documentId: item.documentId || `doc-${item.id}`,
-          name: uploadedDoc.name || "Unnamed File",
-          url: fileUrl,
-          createdAt: item.createdAt,
-        };
-      })
-      .filter((file: UploadedFile | null): file is UploadedFile => file !== null)
-      .sort((a: UploadedFile, b: UploadedFile) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
-
-    return NextResponse.json({
-      data: files,
-      meta: result.meta,
-    });
-  } catch (error) {
-    console.error("GET /api/files: Error:", error);
-    return NextResponse.json(
-      { error: error instanceof Error ? error.message : "An error occurred while fetching files" },
-      { status: 500 }
-    );
-  }
-}
-
-export async function POST(request: NextRequest) {
-  const { userId } = getAuth(request);
-  if (!userId) {
-    console.error("POST /api/files: No userId, returning 401");
-    return NextResponse.json({ error: "Unauthorized: No user ID" }, { status: 401 });
-  }
-
-  const user = await verifyUser(userId);
-
-  if (!user || !user.businessAdminId) {
-    console.error("POST /api/files: Unauthorized", { user });
-    return NextResponse.json({ error: "Unauthorized: Admin access required" }, { status: 403 });
-  }
-
-  try {
-    if (!DOC_API_URL || !STRAPI_API_TOKEN) {
-      console.error(
-        "Missing environment variables:",
-        !DOC_API_URL && "STRAPI_DOC_API_URL",
-        !STRAPI_API_TOKEN && "STRAPI_API_TOKEN"
-      );
-      return NextResponse.json(
-        { error: "Server configuration error: Missing required environment variables" },
-        { status: 500 }
-      );
-    }
-
-    const formData = await request.formData();
-    const file = formData.get("files") as File | null;
-
-    if (!file) {
-      console.error("POST /api/files: No file provided");
-      return NextResponse.json({ error: "No file provided" }, { status: 400 });
-    }
-    if (file.type !== "application/pdf") {
-      console.error("POST /api/files: Invalid file type", { fileType: file.type });
-      return NextResponse.json({ error: "Only PDF files are allowed" }, { status: 400 });
-    }
-
-    const uploadFormData = new FormData();
-    uploadFormData.append("files", file);
-
-    const uploadResponse = await fetch(UPLOAD_API_URL, {
-      method: "POST",
-      headers: {
-        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-      },
-      body: uploadFormData,
-    });
-
-    if (!uploadResponse.ok) {
-      const errorText = await uploadResponse.text();
-      console.error("POST /api/files: Upload failed:", errorText);
-      return NextResponse.json(
-        { error: `Failed to upload file: ${errorText}` },
-        { status: uploadResponse.status }
-      );
-    }
-
-    const uploadResult = await uploadResponse.json();
-    const uploadedFileId = uploadResult[0]?.id;
-    const uploadedFileUrl = uploadResult[0]?.url;
-    const uploadedFileName = uploadResult[0]?.name || file.name;
-
-    if (!uploadedFileId || !uploadedFileUrl) {
-      console.error("POST /api/files: Invalid upload response", { uploadResult });
-      return NextResponse.json({ error: "Invalid upload response" }, { status: 400 });
-    }
-
-    const payload = {
-      data: {
-        uploadedDoc: uploadedFileId,
-        publishedAt: new Date().toISOString(),
-      },
-    };
-
-    const createResponse = await fetch(DOC_API_URL, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-      },
-      body: JSON.stringify(payload),
-    });
-
-    if (!createResponse.ok) {
-      const errorData = await createResponse.json();
-      let errorMessage = `Failed to create document entry: ${createResponse.status} - ${errorData.error?.message || "Unknown error"}`;
-      if (errorData.error?.details) {
-        errorMessage += `\nDetails: ${JSON.stringify(errorData.error.details, null, 2)}`;
-      }
-
-      const fallbackPayload = {
-        data: {
-          uploadedDoc: { id: uploadedFileId },
-          publishedAt: new Date().toISOString(),
-        },
-      };
-
-      const fallbackResponse = await fetch(DOC_API_URL, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/json",
-          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-        },
-        body: JSON.stringify(fallbackPayload),
-      });
-
-      if (!fallbackResponse.ok) {
-        const fallbackErrorData = await fallbackResponse.json();
-        errorMessage += `\nFailed to create document entry (fallback): ${fallbackResponse.status} - ${fallbackErrorData.error?.message || "Unknown error"}`;
-        if (fallbackErrorData.error?.details) {
-          errorMessage += `\nDetails: ${JSON.stringify(fallbackErrorData.error.details, null, 2)}`;
-        }
-        console.error("POST /api/files: Create document failed", { errorMessage });
-        return NextResponse.json({ error: errorMessage }, { status: 500 });
-      }
-    }
-
-    const filesResponse = await fetch(
-      `${DOC_API_URL}?publicationState=live&populate=uploadedDoc&fields[0]=createdAt&pagination[pageSize]=100&t=${Date.now()}`,
-      {
-        headers: {
-          "Content-Type": "application/json",
-          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-        },
-        cache: "no-store",
-      }
-    );
-
-    if (!filesResponse.ok) {
-      const errorText = await filesResponse.text();
-      console.error("POST /api/files: Refetch files failed:", errorText);
-      return NextResponse.json(
-        { error: `Failed to fetch files: ${errorText}` },
-        { status: filesResponse.status }
-      );
-    }
-
-    const filesResult = await filesResponse.json();
-    const files: UploadedFile[] = (filesResult.data || [])
-      .map((item: any) => {
-        const uploadedDoc = item.uploadedDoc;
-        if (!uploadedDoc || !uploadedDoc.url) {
-          console.warn(`Fitness plan missing for item ${item.id}`);
-          return null;
-        }
-        const rawUrl = uploadedDoc.url || "";
-        const fileUrl = rawUrl.startsWith("http") ? rawUrl : `${BASE_URL}${rawUrl}`;
-        return {
-          id: item.id,
-          documentId: item.documentId || `doc-${item.id}`,
-          name: uploadedDoc.name || "Unnamed File",
-          url: fileUrl,
-          createdAt: item.createdAt,
-        };
-      })
-      .filter((file: UploadedFile | null): file is UploadedFile => file !== null)
-      .sort((a: UploadedFile, b: UploadedFile) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
-
-    return NextResponse.json({
-      data: files,
-      meta: filesResult.meta,
-      newFileUrl: uploadedFileUrl,
-    });
-  } catch (error) {
-    console.error("POST /api/files: Error:", error);
-    return NextResponse.json(
-      { error: error instanceof Error ? error.message : "An error occurred during file upload" },
-      { status: 500 }
-    );
-  }
-}
-
-export async function DELETE(request: NextRequest) {
-  const { userId } = getAuth(request);
-  if (!userId) {
-    console.error("DELETE /api/files: No userId, returning 401");
-    return NextResponse.json({ error: "Unauthorized: No user ID" }, { status: 401 });
-  }
-
-  const user = await verifyUser(userId);
-
-  if (!user || !user.businessAdminId) {
-    console.error("DELETE /api/files: Unauthorized", { user });
-    return NextResponse.json({ error: "Unauthorized: Admin access required" }, { status: 403 });
-  }
-
-  try {
-    const { documentId } = await request.json();
-    if (!documentId) {
-      console.error("DELETE /api/files: Document ID is required");
-      return NextResponse.json({ error: "Document ID is required" }, { status: 400 });
-    }
-
-    const docResponse = await fetch(`${DOC_API_URL}/${documentId}?populate=uploadedDoc`, {
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-      },
-    });
-
-    if (!docResponse.ok) {
-      const errorText = await docResponse.text();
-      console.error("DELETE /api/files: Fetch document failed:", errorText);
-      return NextResponse.json(
-        { error: `Failed to fetch document: ${errorText}` },
-        { status: docResponse.status }
-      );
-    }
-
-    const docData = await docResponse.json();
-    const uploadFileId = docData.data?.uploadedDoc?.id;
-
-    const deleteDocResponse = await fetch(`${DOC_API_URL}/${documentId}`, {
-      method: "DELETE",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-      },
-    });
-
-    if (!deleteDocResponse.ok) {
-      const errorText = await deleteDocResponse.text();
-      console.error("DELETE /api/files: Failed to delete document:", errorText);
-      return NextResponse.json(
-        { error: `Failed to delete document: ${errorText}` },
-        { status: deleteDocResponse.status }
-      );
-    }
-
-    if (uploadFileId) {
-      const deleteFileResponse = await fetch(`${BASE_URL}/api/upload/files/${uploadFileId}`, {
-        method: "DELETE",
-        headers: {
-          "Content-Type": "application/json",
-          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-        },
-      });
-      if (!deleteFileResponse.ok) {
-        console.warn(`DELETE /api/files: Failed to delete associated file: ${deleteFileResponse.status}`);
-      }
-    }
-
-    const filesResponse = await fetch(
-      `${DOC_API_URL}?publicationState=live&populate=uploadedDoc&fields[0]=createdAt&pagination[pageSize]=100&t=${Date.now()}`,
-      {
-        headers: {
-          "Content-Type": "application/json",
-          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
-        },
-        cache: "no-store",
-      }
-    );
-
-    if (!filesResponse.ok) {
-      const errorText = await filesResponse.text();
-      console.error("DELETE /api/files: Refetch files failed:", errorText);
-      return NextResponse.json(
-        { error: `Failed to fetch files: ${errorText}` },
-        { status: filesResponse.status }
-      );
-    }
-
-    const filesResult = await filesResponse.json();
-    const files: UploadedFile[] = (filesResult.data || [])
-      .map((item: any) => {
-        const uploadedDoc = item.uploadedDoc;
-        if (!uploadedDoc || !uploadedDoc.url) {
-          console.warn(`Fitness plan missing for item ${item.id}`);
-          return null;
-        }
-        const rawUrl = uploadedDoc.url || "";
-        const fileUrl = rawUrl.startsWith("http") ? rawUrl : `${BASE_URL}${rawUrl}`;
-        return {
-          id: item.id,
-          documentId: item.documentId || `doc-${item.id}`,
-          name: uploadedDoc.name || "Unnamed File",
-          url: fileUrl,
-          createdAt: item.createdAt,
-        };
-      })
-      .filter((file: UploadedFile | null): file is UploadedFile => file !== null)
-      .sort((a: UploadedFile, b: UploadedFile) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
-
-    return NextResponse.json({
-      data: files,
-      meta: filesResult.meta,
-    });
-  } catch (error) {
-    console.error("DELETE /api/files: Error:", error);
-    return NextResponse.json(
-      { error: error instanceof Error ? error.message : "An error occurred while deleting file" },
-      { status: 500 }
-    );
-  }
+import { NextRequest, NextResponse } from "next/server";
+import { getAuth } from "@clerk/nextjs/server";
+
+export const revalidate = 0; // Disable Next.js ISR
+
+interface StrapiUser {
+  id: number;
+  username: string;
+  email: string;
+  businessAdminId?: string;
+}
+
+interface UploadedFile {
+  id: number;
+  documentId: string;
+  name: string;
+  url: string;
+  createdAt: string;
+}
+
+const DOC_API_URL = process.env.STRAPI_DOC_API_URL || "";
+const BASE_URL = process.env.STRAPI_API_URL || "";
+const UPLOAD_API_URL = `${BASE_URL}/api/upload`;
+const STRAPI_API_TOKEN = process.env.STRAPI_API_TOKEN || "";
+const STRAPI_USER_LIST_API_URL = process.env.STRAPI_USER_LIST_API_URL || "";
+
+async function verifyUser(userId: string): Promise<StrapiUser | null> {
+  try {
+    const response = await fetch(
+      `${STRAPI_USER_LIST_API_URL}?filters[authId][$eq]=${userId}`,
+      {
+        headers: {
+          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+          "Content-Type": "application/json",
+        },
+        cache: "no-store",
+      }
+    );
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error("verifyUser failed:", errorText);
+      return null;
+    }
+
+    const userData = await response.json();
+    const strapiUser = userData.data?.find((user: any) => user.authId === userId);
+    if (!strapiUser) {
+      console.error("verifyUser: No user found for authId", { userId });
+      return null;
+    }
+
+    return {
+      id: strapiUser.id,
+      username: strapiUser.username,
+      email: strapiUser.email,
+      businessAdminId: strapiUser.businessAdminId,
+    };
+  } catch (error) {
+    console.error("verifyUser error:", error);
+    return null;
+  }
+}
+
+export async function GET() {
+  try {
+    if (!DOC_API_URL || !STRAPI_API_TOKEN) {
+      console.error(
+        "Missing environment variables:",
+        !DOC_API_URL && "STRAPI_DOC_API_URL",
+        !STRAPI_API_TOKEN && "STRAPI_API_TOKEN"
+      );
+      return NextResponse.json(
+        { error: "Server configuration error: Missing required environment variables" },
+        { status: 500 }
+      );
+    }
+
+    const response = await fetch(
+      `${DOC_API_URL}?publicationState=live&populate=uploadedDoc&fields[0]=createdAt&pagination[pageSize]=100&t=${Date.now()}`,
+      {
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+        },
+        cache: "no-store",
+      }
+    );
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error("GET /api/files: Fetch files failed:", errorText);
+      return NextResponse.json(
+        { error: `Failed to fetch files: ${errorText}` },
+        { status: response.status }
+      );
+    }
+
+    const result = await response.json();
+
+    const files: UploadedFile[] = (result.data || [])
+      .map((item: any) => {
+        const uploadedDoc = item.uploadedDoc;
+        if (!uploadedDoc || !uploadedDoc.url) {
+          console.warn(`Fitness plan missing for item ${item.id}`);
+          return null;
+        }
+        const rawUrl = uploadedDoc.url || "";
+        const fileUrl = rawUrl.startsWith("http") ? rawUrl : `${BASE_URL}${rawUrl}`;
+        return {
+          id: item.id,
+          documentId: item.documentId || `doc-${item.id}`,
+          name: uploadedDoc.name || "Unnamed File",
+          url: fileUrl,
+          createdAt: item.createdAt,
+        };
+      })
+      .filter((file: UploadedFile | null): file is UploadedFile => file !== null)
+      .sort((a: UploadedFile, b: UploadedFile) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+
+    return NextResponse.json({
+      data: files,
+      meta: result.meta,
+    });
+  } catch (error) {
+    console.error("GET /api/files: Error:", error);
+    return NextResponse.json(
+      { error: error instanceof Error ? error.message : "An error occurred while fetching files" },
+      { status: 500 }
+    );
+  }
+}
+
+export async function POST(request: NextRequest) {
+  const { userId } = getAuth(request);
+  if (!userId) {
+    console.error("POST /api/files: No userId, returning 401");
+    return NextResponse.json({ error: "Unauthorized: No user ID" }, { status: 401 });
+  }
+
+  const user = await verifyUser(userId);
+
+  if (!user || !user.businessAdminId) {
+    console.error("POST /api/files: Unauthorized", { user });
+    return NextResponse.json({ error: "Unauthorized: Admin access required" }, { status: 403 });
+  }
+
+  try {
+    if (!DOC_API_URL || !STRAPI_API_TOKEN) {
+      console.error(
+        "Missing environment variables:",
+        !DOC_API_URL && "STRAPI_DOC_API_URL",
+        !STRAPI_API_TOKEN && "STRAPI_API_TOKEN"
+      );
+      return NextResponse.json(
+        { error: "Server configuration error: Missing required environment variables" },
+        { status: 500 }
+      );
+    }
+
+    const formData = await request.formData();
+    const file = formData.get("files") as File | null;
+
+    if (!file) {
+      console.error("POST /api/files: No file provided");
+      return NextResponse.json({ error: "No file provided" }, { status: 400 });
+    }
+    if (file.type !== "application/pdf") {
+      console.error("POST /api/files: Invalid file type", { fileType: file.type });
+      return NextResponse.json({ error: "Only PDF files are allowed" }, { status: 400 });
+    }
+
+    const uploadFormData = new FormData();
+    uploadFormData.append("files", file);
+
+    const uploadResponse = await fetch(UPLOAD_API_URL, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+      },
+      body: uploadFormData,
+    });
+
+    if (!uploadResponse.ok) {
+      const errorText = await uploadResponse.text();
+      console.error("POST /api/files: Upload failed:", errorText);
+      return NextResponse.json(
+        { error: `Failed to upload file: ${errorText}` },
+        { status: uploadResponse.status }
+      );
+    }
+
+    const uploadResult = await uploadResponse.json();
+    const uploadedFileId = uploadResult[0]?.id;
+    const uploadedFileUrl = uploadResult[0]?.url;
+    const uploadedFileName = uploadResult[0]?.name || file.name;
+
+    if (!uploadedFileId || !uploadedFileUrl) {
+      console.error("POST /api/files: Invalid upload response", { uploadResult });
+      return NextResponse.json({ error: "Invalid upload response" }, { status: 400 });
+    }
+
+    const payload = {
+      data: {
+        uploadedDoc: uploadedFileId,
+        publishedAt: new Date().toISOString(),
+      },
+    };
+
+    const createResponse = await fetch(DOC_API_URL, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+      },
+      body: JSON.stringify(payload),
+    });
+
+    if (!createResponse.ok) {
+      const errorData = await createResponse.json();
+      let errorMessage = `Failed to create document entry: ${createResponse.status} - ${errorData.error?.message || "Unknown error"}`;
+      if (errorData.error?.details) {
+        errorMessage += `\nDetails: ${JSON.stringify(errorData.error.details, null, 2)}`;
+      }
+
+      const fallbackPayload = {
+        data: {
+          uploadedDoc: { id: uploadedFileId },
+          publishedAt: new Date().toISOString(),
+        },
+      };
+
+      const fallbackResponse = await fetch(DOC_API_URL, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+        },
+        body: JSON.stringify(fallbackPayload),
+      });
+
+      if (!fallbackResponse.ok) {
+        const fallbackErrorData = await fallbackResponse.json();
+        errorMessage += `\nFailed to create document entry (fallback): ${fallbackResponse.status} - ${fallbackErrorData.error?.message || "Unknown error"}`;
+        if (fallbackErrorData.error?.details) {
+          errorMessage += `\nDetails: ${JSON.stringify(fallbackErrorData.error.details, null, 2)}`;
+        }
+        console.error("POST /api/files: Create document failed", { errorMessage });
+        return NextResponse.json({ error: errorMessage }, { status: 500 });
+      }
+    }
+
+    const filesResponse = await fetch(
+      `${DOC_API_URL}?publicationState=live&populate=uploadedDoc&fields[0]=createdAt&pagination[pageSize]=100&t=${Date.now()}`,
+      {
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+        },
+        cache: "no-store",
+      }
+    );
+
+    if (!filesResponse.ok) {
+      const errorText = await filesResponse.text();
+      console.error("POST /api/files: Refetch files failed:", errorText);
+      return NextResponse.json(
+        { error: `Failed to fetch files: ${errorText}` },
+        { status: filesResponse.status }
+      );
+    }
+
+    const filesResult = await filesResponse.json();
+    const files: UploadedFile[] = (filesResult.data || [])
+      .map((item: any) => {
+        const uploadedDoc = item.uploadedDoc;
+        if (!uploadedDoc || !uploadedDoc.url) {
+          console.warn(`Fitness plan missing for item ${item.id}`);
+          return null;
+        }
+        const rawUrl = uploadedDoc.url || "";
+        const fileUrl = rawUrl.startsWith("http") ? rawUrl : `${BASE_URL}${rawUrl}`;
+        return {
+          id: item.id,
+          documentId: item.documentId || `doc-${item.id}`,
+          name: uploadedDoc.name || "Unnamed File",
+          url: fileUrl,
+          createdAt: item.createdAt,
+        };
+      })
+      .filter((file: UploadedFile | null): file is UploadedFile => file !== null)
+      .sort((a: UploadedFile, b: UploadedFile) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+
+    return NextResponse.json({
+      data: files,
+      meta: filesResult.meta,
+      newFileUrl: uploadedFileUrl,
+    });
+  } catch (error) {
+    console.error("POST /api/files: Error:", error);
+    return NextResponse.json(
+      { error: error instanceof Error ? error.message : "An error occurred during file upload" },
+      { status: 500 }
+    );
+  }
+}
+
+export async function DELETE(request: NextRequest) {
+  const { userId } = getAuth(request);
+  if (!userId) {
+    console.error("DELETE /api/files: No userId, returning 401");
+    return NextResponse.json({ error: "Unauthorized: No user ID" }, { status: 401 });
+  }
+
+  const user = await verifyUser(userId);
+
+  if (!user || !user.businessAdminId) {
+    console.error("DELETE /api/files: Unauthorized", { user });
+    return NextResponse.json({ error: "Unauthorized: Admin access required" }, { status: 403 });
+  }
+
+  try {
+    const { documentId } = await request.json();
+    if (!documentId) {
+      console.error("DELETE /api/files: Document ID is required");
+      return NextResponse.json({ error: "Document ID is required" }, { status: 400 });
+    }
+
+    const docResponse = await fetch(`${DOC_API_URL}/${documentId}?populate=uploadedDoc`, {
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+      },
+    });
+
+    if (!docResponse.ok) {
+      const errorText = await docResponse.text();
+      console.error("DELETE /api/files: Fetch document failed:", errorText);
+      return NextResponse.json(
+        { error: `Failed to fetch document: ${errorText}` },
+        { status: docResponse.status }
+      );
+    }
+
+    const docData = await docResponse.json();
+    const uploadFileId = docData.data?.uploadedDoc?.id;
+
+    const deleteDocResponse = await fetch(`${DOC_API_URL}/${documentId}`, {
+      method: "DELETE",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+      },
+    });
+
+    if (!deleteDocResponse.ok) {
+      const errorText = await deleteDocResponse.text();
+      console.error("DELETE /api/files: Failed to delete document:", errorText);
+      return NextResponse.json(
+        { error: `Failed to delete document: ${errorText}` },
+        { status: deleteDocResponse.status }
+      );
+    }
+
+    if (uploadFileId) {
+      const deleteFileResponse = await fetch(`${BASE_URL}/api/upload/files/${uploadFileId}`, {
+        method: "DELETE",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+        },
+      });
+      if (!deleteFileResponse.ok) {
+        console.warn(`DELETE /api/files: Failed to delete associated file: ${deleteFileResponse.status}`);
+      }
+    }
+
+    const filesResponse = await fetch(
+      `${DOC_API_URL}?publicationState=live&populate=uploadedDoc&fields[0]=createdAt&pagination[pageSize]=100&t=${Date.now()}`,
+      {
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${STRAPI_API_TOKEN}`,
+        },
+        cache: "no-store",
+      }
+    );
+
+    if (!filesResponse.ok) {
+      const errorText = await filesResponse.text();
+      console.error("DELETE /api/files: Refetch files failed:", errorText);
+      return NextResponse.json(
+        { error: `Failed to fetch files: ${errorText}` },
+        { status: filesResponse.status }
+      );
+    }
+
+    const filesResult = await filesResponse.json();
+    const files: UploadedFile[] = (filesResult.data || [])
+      .map((item: any) => {
+        const uploadedDoc = item.uploadedDoc;
+        if (!uploadedDoc || !uploadedDoc.url) {
+          console.warn(`Fitness plan missing for item ${item.id}`);
+          return null;
+        }
+        const rawUrl = uploadedDoc.url || "";
+        const fileUrl = rawUrl.startsWith("http") ? rawUrl : `${BASE_URL}${rawUrl}`;
+        return {
+          id: item.id,
+          documentId: item.documentId || `doc-${item.id}`,
+          name: uploadedDoc.name || "Unnamed File",
+          url: fileUrl,
+          createdAt: item.createdAt,
+        };
+      })
+      .filter((file: UploadedFile | null): file is UploadedFile => file !== null)
+      .sort((a: UploadedFile, b: UploadedFile) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+
+    return NextResponse.json({
+      data: files,
+      meta: filesResult.meta,
+    });
+  } catch (error) {
+    console.error("DELETE /api/files: Error:", error);
+    return NextResponse.json(
+      { error: error instanceof Error ? error.message : "An error occurred while deleting file" },
+      { status: 500 }
+    );
+  }
 }