meta {
  name: Ban User
  type: http
  seq: 1
}

post {
  url: {{appview_url}}/api/mod/ban
}

headers {
  Content-Type: application/json
}

body:json {
  {
    "targetDid": "did:plc:example",
    "reason": "Violation of community guidelines"
  }
}

assert {
  res.status: eq 200
  res.body.success: eq true
  res.body.action: eq space.atbb.modAction.ban
}

docs {
  Bans a user from the forum (moderator action).

  Requires authentication via session cookie and `space.atbb.permission.banUsers` permission.

  Body parameters:
  - targetDid: string (required) - DID of the user to ban
  - reason: string (required) - Reason for the ban (1-3000 characters, cannot be empty)

  Returns:
  {
    "success": true,
    "action": "space.atbb.modAction.ban",
    "targetDid": "did:plc:example",
    "uri": "at://forum-did/space.atbb.modAction/rkey",
    "cid": "bafyrei...",
    "alreadyActive": false
  }

  If user is already banned, returns 200 with `alreadyActive: true` (idempotent).

  Writes a modAction record to the Forum DID's PDS with:
  - action: "space.atbb.modAction.ban"
  - subject: { did: targetDid }
  - reason: provided reason
  - createdBy: moderator's DID

  Error codes:
  - 400: Invalid input (missing/invalid did, missing/empty reason, malformed JSON)
  - 401: Unauthorized (not authenticated)
  - 403: Forbidden (lacks banUsers permission)
  - 404: Target user not found (not a forum member)
  - 500: ForumAgent not available (server configuration issue)
  - 503: ForumAgent not authenticated or unable to reach Forum PDS (retry later)

  Notes:
  - Bans are additive - unban writes a new reversal action
  - Target user must be a forum member (have a membership record)
}