<?php
/**
 * POST /api/hub/channels/delete.php
 *
 * Delete (hard-delete) a channel. Only the owner can delete.
 * For soft-delete, use update.php with IsArchived=true instead.
 *
 * Body:
 *   ID     int     REQUIRED
 *   Agent  string  REQUIRED  requesting agent (must be owner)
 *
 * Response: { OK: true }
 */

require_once __DIR__ . '/../../helpers.php';

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    jsonResponse(['OK' => false, 'ERROR' => 'method_not_allowed'], 405);
}

$body = readJsonBody();

$id = (int) ($body['ID'] ?? 0);
$agent = trim($body['Agent'] ?? '');

if ($id <= 0) {
    jsonResponse(['OK' => false, 'ERROR' => 'id_required']);
}
if ($agent === '') {
    jsonResponse(['OK' => false, 'ERROR' => 'agent_required']);
}

// Verify channel exists
$channel = queryOne("SELECT * FROM Hub_Channels WHERE ID = ?", [$id]);
if (!$channel) {
    jsonResponse(['OK' => false, 'ERROR' => 'channel_not_found'], 404);
}

// Only owner can delete
$membership = queryOne(
    "SELECT Role FROM Hub_ChannelMembers WHERE ChannelID = ? AND AgentAddress = ?",
    [$id, $agent]
);
if (!$membership || $membership['Role'] !== 'owner') {
    jsonResponse(['OK' => false, 'ERROR' => 'not_authorized_owner_only'], 403);
}

// Delete channel (FK cascade will remove members)
queryTimed("DELETE FROM Hub_Channels WHERE ID = ?", [$id]);

jsonResponse(['OK' => true]);