meta {
  name: Unban User
  type: http
  seq: 2
}

delete {
  url: {{appview_url}}/api/mod/ban/did:plc:example
}

headers {
  Content-Type: application/json
}

body:json {
  {
    "reason": "Ban appeal approved"
  }
}

assert {
  res.status: eq 200
  res.body.success: eq true
  res.body.action: eq space.atbb.modAction.unban
}

docs {
  Unbans a previously banned user (reversal moderation action).

  Requires authentication via session cookie and `space.atbb.permission.banUsers` permission.

  Path parameters:
  - did: string (required) - DID of the user to unban (in URL path)

  Body parameters:
  - reason: string (required) - Reason for unbanning (1-3000 characters, cannot be empty)

  Returns:
  {
    "success": true,
    "action": "space.atbb.modAction.unban",
    "targetDid": "did:plc:example",
    "uri": "at://forum-did/space.atbb.modAction/rkey",
    "cid": "bafyrei...",
    "alreadyActive": false
  }

  If user is already unbanned, returns 200 with `alreadyActive: true` (idempotent).

  Writes a modAction record to the Forum DID's PDS with:
  - action: "space.atbb.modAction.unban"
  - subject: { did: targetDid }
  - reason: provided reason
  - createdBy: moderator's DID

  Error codes:
  - 400: Invalid input (invalid did format, missing/empty reason, malformed JSON)
  - 401: Unauthorized (not authenticated)
  - 403: Forbidden (lacks banUsers permission)
  - 404: Target user not found (not a forum member)
  - 500: ForumAgent not available (server configuration issue)
  - 503: ForumAgent not authenticated or unable to reach Forum PDS (retry later)

  Notes:
  - Unban writes a distinct "unban" action type (different from ban)
  - Read-path logic determines current ban state by checking most recent action chronologically
  - Additive reversal model: unban writes new record, doesn't delete ban record
}