all(); Guard::requireLogin(); $authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class); $uuid = trim((string) ($id ?? '')); if ($uuid === '') { Router::redirect('admin/departments'); return; } $currentUserId = (int) ($session['user']['id'] ?? 0); $department = app(\MintyPHP\Service\Org\DepartmentService::class)->findByUuid($uuid); if (!$department) { if (Request::wantsJson()) { http_response_code(404); Router::json(['error' => 'not_found']); return; } Flash::error('Department not found', 'admin/departments', 'department_not_found'); Router::redirect('admin/departments'); return; } $departmentId = (int) ($department['id'] ?? 0); $decision = $authorizationService->authorize(DepartmentAuthorizationPolicy::ABILITY_ADMIN_DEPARTMENTS_DELETE, [ 'actor_user_id' => $currentUserId, 'target_department_id' => $departmentId, ]); if (!$decision->isAllowed()) { if (Request::wantsJson()) { http_response_code($decision->status()); Router::json(['error' => $decision->error()]); return; } Router::redirect('error/forbidden'); return; } $result = app(\MintyPHP\Service\Org\DepartmentService::class)->deleteByUuid($uuid); if (!($result['ok'] ?? false)) { $error = $result['error'] ?? 'not_found'; $status = $result['status'] ?? 500; if (Request::wantsJson()) { http_response_code($status); Router::json(['error' => $error]); return; } if ($error === 'department_has_users') { Flash::error(t('Department can not be deleted while users are assigned'), 'admin/departments', 'department_has_users'); } else { Flash::error(t('Department not found'), 'admin/departments', 'department_not_found'); } Router::redirect('admin/departments'); return; } if ($currentUserId > 0) { app(\MintyPHP\Service\Auth\AuthService::class)->loadTenantDataIntoSession($currentUserId); } if (Request::wantsJson()) { http_response_code(204); Router::json([]); return; } Flash::success('Department deleted', 'admin/departments', 'department_deleted'); Router::redirect('admin/departments');