meta {
  name: Hide Post
  type: http
  seq: 5
}

post {
  url: {{appview_url}}/api/mod/hide
}

headers {
  Content-Type: application/json
}

body:json {
  {
    "postId": "123456",
    "reason": "Spam content"
  }
}

assert {
  res.status: eq 200
  res.body.success: eq true
  res.body.action: eq space.atbb.modAction.delete
}

docs {
  Hides a post from the forum (soft-delete moderator action).

  Requires authentication via session cookie and `space.atbb.permission.moderatePosts` permission.

  Body parameters:
  - postId: string (required) - Database ID of the post to hide (must be numeric)
  - reason: string (required) - Reason for hiding (1-3000 characters, cannot be empty)

  Returns:
  {
    "success": true,
    "action": "space.atbb.modAction.delete",
    "postId": "123456",
    "postUri": "at://user-did/space.atbb.post/rkey",
    "uri": "at://forum-did/space.atbb.modAction/rkey",
    "cid": "bafyrei...",
    "alreadyActive": false
  }

  If post is already hidden, returns 200 with `alreadyActive: true` (idempotent).

  Writes a modAction record to the Forum DID's PDS with:
  - action: "space.atbb.modAction.delete"
  - subject: { post: { uri, cid } }
  - reason: provided reason
  - createdBy: moderator's DID

  Error codes:
  - 400: Invalid input (missing/invalid postId, missing/empty reason, malformed JSON)
  - 401: Unauthorized (not authenticated)
  - 403: Forbidden (lacks moderatePosts permission)
  - 404: Post not found
  - 500: ForumAgent not available (server configuration issue)
  - 503: ForumAgent not authenticated or unable to reach Forum PDS (retry later)

  Notes:
  - Works on ANY post (topics or replies, unlike lock which is topics-only)
  - Uses "space.atbb.modAction.delete" action type; unhide uses "space.atbb.modAction.undelete"
  - Hides are additive - unhide writes a new reversal action
  - Read-path logic will filter hidden posts from display
}