feat: 扩展奖池、风控与报表能力，新增对账补偿、广播和人工操作接口

app/Http/Controllers/Api/V1/Admin/User/AdminUserPermissionSyncController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api\V1\Admin\User;
 
 use App\Models\AdminUser;
 use App\Support\ApiResponse;
+use App\Services\AuditLogger;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\DB;
 use App\Http\Controllers\Controller;
@@ -15,7 +16,11 @@ final class AdminUserPermissionSyncController extends Controller
 {
     public function __invoke(AdminUserPermissionSyncRequest $request, AdminUser $admin_user): JsonResponse
     {
-        $slugs = array_values(array_unique($request->validated('permissions')));
+        $input = $request->validated();
+        $slugs = array_values(array_unique(array_values(array_filter(
+            (array) ($input['permissions'] ?? $input['permission_slugs'] ?? []),
+            static fn ($v) => is_string($v) && $v !== '',
+        ))));
         $siteId = AdminUser::defaultAdminSiteId();
 
         $codes = [];
@@ -51,6 +56,19 @@ final class AdminUserPermissionSyncController extends Controller
 
         $admin_user->load('roles');
 
+        AuditLogger::recordForAdmin(
+            $request->lotteryAdmin(),
+            $request,
+            'admin_users',
+            'sync_permissions',
+            'admin_user',
+            (string) $admin_user->id,
+            null,
+            [
+                'permission_slugs' => $slugs,
+            ],
+        );
+
         return ApiResponse::success([
             'id' => (int) $admin_user->id,
             'username' => $admin_user->username,