Add ACP user deletion and split frontend bundles

app/Http/Controllers/UserController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 
 use App\Models\Role;
 use App\Models\User;
+use App\Services\AuditLogger;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
@@ -232,6 +233,29 @@ class UserController extends Controller
         ]);
     }
 
+    public function destroy(Request $request, User $user): JsonResponse
+    {
+        $actor = $request->user();
+        if (!$actor || !$actor->roles()->where('name', 'ROLE_ADMIN')->exists()) {
+            return response()->json(['message' => 'Forbidden'], 403);
+        }
+        if ($this->isFounder($user) && !$this->isFounder($actor)) {
+            return response()->json(['message' => 'Forbidden'], 403);
+        }
+        if ($actor->is($user)) {
+            return response()->json(['message' => 'You cannot delete your own account.'], 422);
+        }
+
+        app(AuditLogger::class)->log($request, 'user.deleted', $user, [
+            'email' => $user->email,
+            'name' => $user->name,
+        ], $actor);
+
+        $user->delete();
+
+        return response()->json(null, 204);
+    }
+
     private function resolveAvatarUrl(User $user): ?string
     {
         if (!$user->avatar_path) {