6 files changed, 579 insertions, 1 deletions
diff --git a/app/api/ocr/enhanced/route.ts b/app/api/ocr/enhanced/route.ts
index 06cea358..f0a15707 100644
--- a/app/api/ocr/enhanced/route.ts
+++ b/app/api/ocr/enhanced/route.ts
@@ -1,5 +1,5 @@
 // ============================================================================
-// app/api/ocr/rotation-enhanced/route.ts
+// app/api/ocr/enhanced/route.ts
 // 최적화된 OCR API - 통합 처리로 API 호출 최소화
 // ============================================================================
 
diff --git a/app/api/rfq-attachments/download/route.ts b/app/api/rfq-attachments/download/route.ts
new file mode 100644
index 00000000..05e87906
--- /dev/null
+++ b/app/api/rfq-attachments/download/route.ts
@@ -0,0 +1,223 @@
+// app/api/rfq-attachments/download/route.ts
+import { NextRequest, NextResponse } from 'next/server';
+import { readFile, access, constants } from 'fs/promises';
+import { join } from 'path';
+import db  from '@/db/db';
+import { bRfqAttachmentRevisions, vendorResponseAttachmentsB } from '@/db/schema';
+import { eq, or } from 'drizzle-orm';
+import { getServerSession } from 'next-auth';
+import { authOptions } from '@/app/api/auth/[...nextauth]/route';
+
+export async function GET(request: NextRequest) {
+  try {
+    // 세션 확인
+    const session = await getServerSession(authOptions);
+    if (!session?.user) {
+      return NextResponse.json(
+        { error: "Unauthorized" },
+        { status: 401 }
+      );
+    }
+
+    // 파라미터 추출
+    const path = request.nextUrl.searchParams.get("path");
+    const type = request.nextUrl.searchParams.get("type"); // "client" | "vendor"
+    const revisionId = request.nextUrl.searchParams.get("revisionId");
+    const responseFileId = request.nextUrl.searchParams.get("responseFileId");
+
+    if (!path) {
+      return NextResponse.json(
+        { error: "File path is required" },
+        { status: 400 }
+      );
+    }
+
+    // DB에서 파일 정보 조회
+    let dbRecord = null;
+    
+    if (type === "client" && revisionId) {
+      // 발주처 첨부파일 리비전
+      const [record] = await db
+        .select({
+          fileName: bRfqAttachmentRevisions.fileName,
+          originalFileName: bRfqAttachmentRevisions.originalFileName,
+          filePath: bRfqAttachmentRevisions.filePath,
+          fileSize: bRfqAttachmentRevisions.fileSize,
+          fileType: bRfqAttachmentRevisions.fileType,
+        })
+        .from(bRfqAttachmentRevisions)
+        .where(eq(bRfqAttachmentRevisions.id, Number(revisionId)));
+      
+      dbRecord = record;
+      
+    } else if (type === "vendor" && responseFileId) {
+      // 벤더 응답 파일
+      const [record] = await db
+        .select({
+          fileName: vendorResponseAttachmentsB.fileName,
+          originalFileName: vendorResponseAttachmentsB.originalFileName,
+          filePath: vendorResponseAttachmentsB.filePath,
+          fileSize: vendorResponseAttachmentsB.fileSize,
+          fileType: vendorResponseAttachmentsB.fileType,
+        })
+        .from(vendorResponseAttachmentsB)
+        .where(eq(vendorResponseAttachmentsB.id, Number(responseFileId)));
+      
+      dbRecord = record;
+      
+    } else {
+      // filePath로 직접 검색 (fallback)
+      const [clientRecord] = await db
+        .select({
+          fileName: bRfqAttachmentRevisions.fileName,
+          originalFileName: bRfqAttachmentRevisions.originalFileName,
+          filePath: bRfqAttachmentRevisions.filePath,
+          fileSize: bRfqAttachmentRevisions.fileSize,
+          fileType: bRfqAttachmentRevisions.fileType,
+        })
+        .from(bRfqAttachmentRevisions)
+        .where(eq(bRfqAttachmentRevisions.filePath, path));
+
+      if (clientRecord) {
+        dbRecord = clientRecord;
+      } else {
+        // 벤더 파일에서도 검색
+        const [vendorRecord] = await db
+          .select({
+            fileName: vendorResponseAttachmentsB.fileName,
+            originalFileName: vendorResponseAttachmentsB.originalFileName,
+            filePath: vendorResponseAttachmentsB.filePath,
+            fileSize: vendorResponseAttachmentsB.fileSize,
+            fileType: vendorResponseAttachmentsB.fileType,
+          })
+          .from(vendorResponseAttachmentsB)
+          .where(eq(vendorResponseAttachmentsB.filePath, path));
+        
+        dbRecord = vendorRecord;
+      }
+    }
+
+    // 파일 정보 설정
+    let fileName;
+    let fileType;
+
+    if (dbRecord) {
+      // DB에서 찾은 경우 원본 파일명 사용
+      fileName = dbRecord.originalFileName || dbRecord.fileName;
+      fileType = dbRecord.fileType;
+      console.log("✅ DB에서 파일 정보 찾음:", { fileName, fileType, path: dbRecord.filePath });
+    } else {
+      // DB에서 찾지 못한 경우 경로에서 파일명 추출
+      fileName = path.split('/').pop() || 'download';
+      console.log("⚠️ DB에서 파일 정보를 찾지 못함, 경로에서 추출:", fileName);
+    }
+
+    // 파일 경로 구성
+    const storedPath = path.replace(/^\/+/, ""); // 앞쪽 슬래시 제거
+
+    // 가능한 파일 경로들
+    const possiblePaths = [
+      join(process.cwd(), "public", storedPath),
+      join(process.cwd(), "uploads", storedPath),
+      join(process.cwd(), "storage", storedPath),
+      join(process.cwd(), storedPath), // 절대 경로인 경우
+    ];
+
+    // 실제 파일 찾기
+    let actualPath = null;
+    for (const testPath of possiblePaths) {
+      try {
+        await access(testPath, constants.R_OK);
+        actualPath = testPath;
+        console.log("✅ 파일 발견:", testPath);
+        break;
+      } catch (err) {
+        // 조용히 다음 경로 시도
+      }
+    }
+
+    if (!actualPath) {
+      console.error("❌ 모든 경로에서 파일을 찾을 수 없음:", possiblePaths);
+      return NextResponse.json(
+        {
+          error: "File not found on server",
+          details: {
+            path: path,
+            fileName: fileName,
+            triedPaths: possiblePaths
+          }
+        },
+        { status: 404 }
+      );
+    }
+
+    // 파일 읽기
+    const fileBuffer = await readFile(actualPath);
+
+    // MIME 타입 결정
+    const fileExtension = fileName.split('.').pop()?.toLowerCase() || '';
+    let contentType = fileType || 'application/octet-stream'; // DB의 fileType 우선 사용
+
+    // 확장자에 따른 MIME 타입 매핑 (fallback)
+    if (!contentType || contentType === 'application/octet-stream') {
+      const mimeTypes: Record<string, string> = {
+        'pdf': 'application/pdf',
+        'doc': 'application/msword',
+        'docx': 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+        'xls': 'application/vnd.ms-excel',
+        'xlsx': 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+        'ppt': 'application/vnd.ms-powerpoint',
+        'pptx': 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
+        'txt': 'text/plain',
+        'csv': 'text/csv',
+        'png': 'image/png',
+        'jpg': 'image/jpeg',
+        'jpeg': 'image/jpeg',
+        'gif': 'image/gif',
+        'bmp': 'image/bmp',
+        'svg': 'image/svg+xml',
+        'dwg': 'application/acad',
+        'dxf': 'application/dxf',
+        'zip': 'application/zip',
+        'rar': 'application/x-rar-compressed',
+        '7z': 'application/x-7z-compressed',
+      };
+
+      contentType = mimeTypes[fileExtension] || 'application/octet-stream';
+    }
+
+    // 안전한 파일명 생성 (특수문자 처리)
+    const safeFileName = fileName.replace(/[^\w\s.-]/gi, '_');
+
+    // 다운로드용 헤더 설정
+    const headers = new Headers();
+    headers.set('Content-Type', contentType);
+    headers.set('Content-Disposition', `attachment; filename*=UTF-8''${encodeURIComponent(safeFileName)}`);
+    headers.set('Content-Length', fileBuffer.length.toString());
+    headers.set('Cache-Control', 'no-cache, no-store, must-revalidate');
+    headers.set('Pragma', 'no-cache');
+    headers.set('Expires', '0');
+
+    console.log("✅ 파일 다운로드 성공:", {
+      fileName: safeFileName,
+      contentType,
+      size: fileBuffer.length,
+      actualPath
+    });
+
+    return new NextResponse(fileBuffer, {
+      status: 200,
+      headers,
+    });
+
+  } catch (error) {
+    console.error('❌ RFQ 첨부파일 다운로드 오류:', error);
+    return NextResponse.json(
+      {
+        error: 'Failed to download file',
+        details: error instanceof Error ? error.message : String(error)
+      },
+      { status: 500 }
+    );
+  }
+}
+\ No newline at end of file
diff --git a/app/api/vendor-responses/update-comment/route.ts b/app/api/vendor-responses/update-comment/route.ts
new file mode 100644
index 00000000..212173d7
--- /dev/null
+++ b/app/api/vendor-responses/update-comment/route.ts
@@ -0,0 +1,60 @@
+// app/api/vendor-responses/update-comment/route.ts
+import { NextRequest, NextResponse } from "next/server";
+import db from "@/db/db";
+import { vendorAttachmentResponses } from "@/db/schema";
+
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "@/app/api/auth/[...nextauth]/route"
+
+export async function POST(request: NextRequest) {
+  try {
+    // 인증 확인
+    const session = await getServerSession(authOptions);
+    if (!session?.user?.id) {
+      return NextResponse.json(
+        { message: "인증이 필요합니다." },
+        { status: 401 }
+      );
+    }
+
+    const body = await request.json();
+    const { responseId, responseComment, vendorComment } = body;
+
+    if (!responseId) {
+      return NextResponse.json(
+        { message: "응답 ID가 필요합니다." },
+        { status: 400 }
+      );
+    }
+
+    // 코멘트만 업데이트
+    const [updatedResponse] = await db
+      .update(vendorAttachmentResponses)
+      .set({
+        responseComment,
+        vendorComment,
+        updatedAt: new Date(),
+      })
+      .where(eq(vendorAttachmentResponses.id, parseInt(responseId)))
+      .returning();
+
+    if (!updatedResponse) {
+      return NextResponse.json(
+        { message: "응답을 찾을 수 없습니다." },
+        { status: 404 }
+      );
+    }
+
+    return NextResponse.json({
+      message: "코멘트가 성공적으로 업데이트되었습니다.",
+      response: updatedResponse,
+    });
+
+  } catch (error) {
+    console.error("Comment update error:", error);
+    return NextResponse.json(
+      { message: "코멘트 업데이트 중 오류가 발생했습니다." },
+      { status: 500 }
+    );
+  }
+}
+\ No newline at end of file
diff --git a/app/api/vendor-responses/update/route.ts b/app/api/vendor-responses/update/route.ts
new file mode 100644
index 00000000..8771b062
--- /dev/null
+++ b/app/api/vendor-responses/update/route.ts
@@ -0,0 +1,121 @@
+// app/api/vendor-responses/update/route.ts
+import { NextRequest, NextResponse } from "next/server";
+import db from "@/db/db";
+import { vendorAttachmentResponses } from "@/db/schema";
+import { eq } from "drizzle-orm";
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "@/app/api/auth/[...nextauth]/route"
+
+// 리비전 번호를 증가시키는 헬퍼 함수
+function getNextRevision(currentRevision?: string): string {
+  if (!currentRevision) {
+    return "Rev.1"; // 첫 번째 응답
+  }
+  
+  // "Rev.1" -> 1, "Rev.2" -> 2 형태로 숫자 추출
+  const match = currentRevision.match(/Rev\.(\d+)/);
+  if (match) {
+    const currentNumber = parseInt(match[1]);
+    return `Rev.${currentNumber + 1}`;
+  }
+  
+  // 형식이 다르면 기본값 반환
+  return "Rev.1";
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    // 인증 확인
+    const session = await getServerSession(authOptions);
+    if (!session?.user?.id) {
+      return NextResponse.json(
+        { message: "인증이 필요합니다." },
+        { status: 401 }
+      );
+    }
+
+    const body = await request.json();
+    const {
+      responseId,
+      responseStatus,
+      responseComment,
+      vendorComment,
+      respondedAt,
+    } = body;
+
+    if (!responseId) {
+      return NextResponse.json(
+        { message: "응답 ID가 필요합니다." },
+        { status: 400 }
+      );
+    }
+
+    // 1. 기존 응답 정보 조회 (현재 respondedRevision 확인)
+    const existingResponse = await db
+      .select()
+      .from(vendorAttachmentResponses)
+      .where(eq(vendorAttachmentResponses.id, parseInt(responseId)))
+      .limit(1);
+
+    if (!existingResponse || existingResponse.length === 0) {
+      return NextResponse.json(
+        { message: "응답을 찾을 수 없습니다." },
+        { status: 404 }
+      );
+    }
+
+    const currentResponse = existingResponse[0];
+
+    // 2. 벤더 응답 리비전 결정
+    let nextRespondedRevision: string;
+    
+    if (responseStatus === "RESPONDED") {
+      // 새로운 응답이거나 수정 응답인 경우 리비전 증가
+      if (currentResponse.responseStatus === "NOT_RESPONDED" || 
+          currentResponse.responseStatus === "REVISION_REQUESTED") {
+        // 첫 응답이거나 수정 요청 후 재응답인 경우 리비전 증가
+        nextRespondedRevision = getNextRevision(currentResponse.respondedRevision);
+      } else {
+        // 이미 응답된 상태에서 다시 업데이트하는 경우 (코멘트 수정 등)
+        nextRespondedRevision = currentResponse.respondedRevision || "Rev.1";
+      }
+    } else {
+      // WAIVED 등 다른 상태는 기존 리비전 유지
+      nextRespondedRevision = currentResponse.respondedRevision || "";
+    }
+
+    // 3. vendor response 업데이트
+    const [updatedResponse] = await db
+      .update(vendorAttachmentResponses)
+      .set({
+        responseStatus,
+        respondedRevision: nextRespondedRevision,
+        responseComment,
+        vendorComment,
+        respondedAt: respondedAt ? new Date(respondedAt) : null,
+        updatedAt: new Date(),
+      })
+      .where(eq(vendorAttachmentResponses.id, parseInt(responseId)))
+      .returning();
+
+    if (!updatedResponse) {
+      return NextResponse.json(
+        { message: "응답 업데이트에 실패했습니다." },
+        { status: 500 }
+      );
+    }
+
+    return NextResponse.json({
+      message: "응답이 성공적으로 업데이트되었습니다.",
+      response: updatedResponse,
+      newRevision: nextRespondedRevision, // 새로운 리비전 정보 반환
+    });
+
+  } catch (error) {
+    console.error("Response update error:", error);
+    return NextResponse.json(
+      { message: "응답 업데이트 중 오류가 발생했습니다." },
+      { status: 500 }
+    );
+  }
+}
+\ No newline at end of file
diff --git a/app/api/vendor-responses/upload/route.ts b/app/api/vendor-responses/upload/route.ts
new file mode 100644
index 00000000..111e4bd4
--- /dev/null
+++ b/app/api/vendor-responses/upload/route.ts
@@ -0,0 +1,105 @@
+// app/api/vendor-response-attachments/upload/route.ts
+import { NextRequest, NextResponse } from "next/server";
+import { writeFile, mkdir } from "fs/promises";
+import { existsSync } from "fs";
+import path from "path";
+import db from "@/db/db";
+import { vendorResponseAttachmentsB } from "@/db/schema";
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "@/app/api/auth/[...nextauth]/route"
+
+export async function POST(request: NextRequest) {
+  try {
+    // 인증 확인
+    const session = await getServerSession(authOptions);
+    if (!session?.user?.id) {
+      return NextResponse.json(
+        { message: "인증이 필요합니다." },
+        { status: 401 }
+      );
+    }
+
+    const formData = await request.formData();
+    const responseId = formData.get("responseId") as string;
+    const file = formData.get("file") as File;
+    const description = formData.get("description") as string;
+
+    if (!responseId) {
+      return NextResponse.json(
+        { message: "응답 ID가 필요합니다." },
+        { status: 400 }
+      );
+    }
+
+    if (!file) {
+      return NextResponse.json(
+        { message: "파일이 선택되지 않았습니다." },
+        { status: 400 }
+      );
+    }
+
+    // 파일 크기 검증 (10MB)
+    if (file.size > 10 * 1024 * 1024) {
+      return NextResponse.json(
+        { message: "파일이 너무 큽니다. (최대 10MB)" },
+        { status: 400 }
+      );
+    }
+
+    // 업로드 디렉토리 생성
+    const uploadDir = path.join(
+      process.cwd(),
+      "public",
+      "uploads",
+      "vendor-responses",
+      responseId
+    );
+    
+    if (!existsSync(uploadDir)) {
+      await mkdir(uploadDir, { recursive: true });
+    }
+
+    // 고유한 파일명 생성
+    const timestamp = Date.now();
+    const sanitizedName = file.name.replace(/[^a-zA-Z0-9.-]/g, "_");
+    const fileName = `${timestamp}_${sanitizedName}`;
+    const filePath = `/uploads/vendor-responses/${responseId}/${fileName}`;
+    const fullPath = path.join(uploadDir, fileName);
+
+    // 파일 저장
+    const buffer = Buffer.from(await file.arrayBuffer());
+    await writeFile(fullPath, buffer);
+
+    // DB에 파일 정보 저장
+    const [insertedFile] = await db
+      .insert(vendorResponseAttachmentsB)
+      .values({
+        vendorResponseId: parseInt(responseId),
+        fileName,
+        originalFileName: file.name,
+        filePath,
+        fileSize: file.size,
+        fileType: file.type || path.extname(file.name).slice(1),
+        description: description || null,
+        uploadedBy: parseInt(session.user.id),
+      })
+      .returning();
+
+    return NextResponse.json({
+      id: insertedFile.id,
+      fileName,
+      originalFileName: file.name,
+      filePath,
+      fileSize: file.size,
+      fileType: file.type || path.extname(file.name).slice(1),
+      message: "파일이 성공적으로 업로드되었습니다.",
+    });
+
+  } catch (error) {
+    console.error("File upload error:", error);
+    return NextResponse.json(
+      { message: "파일 업로드 중 오류가 발생했습니다." },
+      { status: 500 }
+    );
+  }
+}
+\ No newline at end of file
diff --git a/app/api/vendor-responses/waive/route.ts b/app/api/vendor-responses/waive/route.ts
new file mode 100644
index 00000000..e732e8d2
--- /dev/null
+++ b/app/api/vendor-responses/waive/route.ts
@@ -0,0 +1,69 @@
+// app/api/vendor-responses/waive/route.ts
+import { NextRequest, NextResponse } from "next/server";
+import db from "@/db/db";
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "@/app/api/auth/[...nextauth]/route"
+import { eq } from "drizzle-orm";
+import { vendorAttachmentResponses } from "@/db/schema";
+
+export async function POST(request: NextRequest) {
+  try {
+    // 인증 확인
+    const session = await getServerSession(authOptions);
+    if (!session?.user?.id) {
+      return NextResponse.json(
+        { message: "인증이 필요합니다." },
+        { status: 401 }
+      );
+    }
+
+    const body = await request.json();
+    const { responseId, responseComment, vendorComment } = body;
+
+    if (!responseId) {
+      return NextResponse.json(
+        { message: "응답 ID가 필요합니다." },
+        { status: 400 }
+      );
+    }
+
+    if (!responseComment) {
+      return NextResponse.json(
+        { message: "포기 사유를 입력해주세요." },
+        { status: 400 }
+      );
+    }
+
+    // vendor response를 WAIVED 상태로 업데이트
+    const [updatedResponse] = await db
+      .update(vendorAttachmentResponses)
+      .set({
+        responseStatus: "WAIVED",
+        responseComment,
+        vendorComment,
+        respondedAt: new Date(),
+        updatedAt: new Date(),
+      })
+      .where(eq(vendorAttachmentResponses.id, parseInt(responseId)))
+      .returning();
+
+    if (!updatedResponse) {
+      return NextResponse.json(
+        { message: "응답을 찾을 수 없습니다." },
+        { status: 404 }
+      );
+    }
+
+    return NextResponse.json({
+      message: "응답이 성공적으로 포기 처리되었습니다.",
+      response: updatedResponse,
+    });
+
+  } catch (error) {
+    console.error("Waive response error:", error);
+    return NextResponse.json(
+      { message: "응답 포기 처리 중 오류가 발생했습니다." },
+      { status: 500 }
+    );
+  }
+}
+\ No newline at end of file