<?php
header('Content-Type: application/json');
session_start();

// 1. Verify Authentication and Authorization
if (!isset($_SESSION["user_id"]) || ($_SESSION["user_role"] ?? '') !== 'Super User') {
    echo json_encode(['success' => false, 'error' => 'Unauthorized access.']);
    exit;
}

require_once __DIR__ . '/../db/config.php';

// 2. Validate Input
$lpa_id = isset($_POST['id']) ? (int)$_POST['id'] : null;

if (!$lpa_id) {
    echo json_encode(['success' => false, 'error' => 'Application ID is missing.']);
    exit;
}

try {
    $pdo = db();
    
    // 3. Start Transaction
    $pdo->beginTransaction();

    // 4. Delete related records
    
    // Delete Attorneys
    $stmtAttorneys = $pdo->prepare("DELETE FROM lpa_attorneys WHERE lpa_id = ?");
    $stmtAttorneys->execute([$lpa_id]);

    // Delete Notified Persons
    $stmtNotified = $pdo->prepare("DELETE FROM lpa_notified_persons WHERE application_id = ?");
    $stmtNotified->execute([$lpa_id]);

    // 5. Delete the application itself
    $stmtLpa = $pdo->prepare("DELETE FROM lpa_applications WHERE id = ?");
    $stmtLpa->execute([$lpa_id]);

    if ($stmtLpa->rowCount() === 0) {
        $pdo->rollBack();
        echo json_encode(['success' => false, 'error' => 'Application not found or already deleted.']);
        exit;
    }

    // 6. Commit Transaction
    $pdo->commit();

    echo json_encode(['success' => true, 'message' => 'LPA application and all related data deleted successfully.']);

} catch (PDOException $e) {
    // Rollback on error
    if (isset($pdo)) {
        $pdo->rollBack();
    }
    error_log("Delete LPA Error: " . $e->getMessage());
    echo json_encode(['success' => false, 'error' => 'A database error occurred.']);
}