PDQ/bin/jobs_delete.php

<?php
// Soft-delete a job. ICG only. Sets jobs.deleted_at and logs a 'deleted'
// event so the audit log captures who removed it and when.

require_once __DIR__ . '/../lib/identity.php';
require_once __DIR__ . '/../lib/jobs.php';

[$actor, ] = resolve_request_actor();

if ($actor !== 'ICG') {
    http_response_code(403);
    echo 'Only ICG can delete jobs';
    return;
}

$job_id = (int) ($_POST['job_id'] ?? 0);
if ($job_id <= 0) {
    http_response_code(400);
    echo 'Bad job_id';
    return;
}

$pdo = db();
$stmt = $pdo->prepare('SELECT * FROM jobs WHERE id = ?');
$stmt->execute([$job_id]);
$job = $stmt->fetch();
if (!$job) {
    http_response_code(404);
    echo 'Job not found';
    return;
}
if (!empty($job['deleted_at'])) {
    // Already deleted — idempotent success.
    echo 'Success';
    return;
}

// BEGIN IMMEDIATE + retry, same pattern as apply_job_change.
$attempts = 0;
while (true) {
    $attempts++;
    try {
        $pdo->exec('BEGIN IMMEDIATE');
        break;
    } catch (PDOException $e) {
        if ($attempts >= 50 || !is_busy_error($e)) throw $e;
        usleep(100000);
    }
}

try {
    $upd = $pdo->prepare("UPDATE jobs SET deleted_at = datetime('now'), updated_at = datetime('now') WHERE id = ?");
    $upd->execute([$job_id]);

    $hist = $pdo->prepare(
        'INSERT INTO job_history(job_id, field, old_value, new_value, actor) VALUES (?, ?, ?, ?, ?)'
    );
    $hist->execute([$job_id, 'deleted', null, $job['job'], $actor]);

    $pdo->exec('COMMIT');
    echo 'Success';
} catch (Throwable $e) {
    $pdo->exec('ROLLBACK');
    throw $e;
}