feat: 重构管理员权限管理，移除 AdminPermission 模型，整合权限与角色管理逻辑，优化 API 接口以支持角色与权限的同步，增强数据库填充器以对齐权限配置

app/Http/Controllers/Api/V1/Admin/User/AdminUserPermissionSyncController.php

@@ -3,11 +3,13 @@
 namespace App\Http\Controllers\Api\V1\Admin\User;
 
 use App\Http\Controllers\Controller;
-use App\Models\AdminPermission;
 use App\Models\AdminUser;
+use App\Support\AdminPermissionBridge;
 use App\Support\ApiResponse;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Validation\Rule;
 
 /** PUT /api/v1/admin/admin-users/{admin_user}/permissions */
 final class AdminUserPermissionSyncController extends Controller
@@ -17,28 +19,51 @@ final class AdminUserPermissionSyncController extends Controller
         /** @var array{permission_slugs:list<string>} $data */
         $data = validator($request->all(), [
             'permission_slugs' => ['required', 'array'],
-            'permission_slugs.*' => ['string', 'max:128', 'distinct', 'exists:admin_permissions,slug'],
+            'permission_slugs.*' => ['string', 'max:128', 'distinct', Rule::in(AdminPermissionBridge::allLegacySlugs())],
         ])->validate();
 
         $slugs = array_values(array_unique($data['permission_slugs']));
-        $permissionIds = AdminPermission::query()
-            ->whereIn('slug', $slugs)
+        $siteId = AdminUser::defaultAdminSiteId();
+
+        $codes = [];
+        foreach ($slugs as $slug) {
+            $codes = array_merge($codes, AdminPermissionBridge::menuActionCodesForLegacy($slug));
+        }
+        $codes = array_values(array_unique($codes));
+
+        $menuActionIds = DB::table('admin_menu_actions')
+            ->whereIn('permission_code', $codes)
+            ->where('status', 1)
             ->pluck('id')
             ->all();
 
-        $admin_user->permissions()->sync($permissionIds);
-        $admin_user->load(['roles.permissions', 'permissions']);
+        DB::transaction(function () use ($admin_user, $siteId, $menuActionIds): void {
+            DB::table('admin_user_menu_actions')
+                ->where('admin_user_id', $admin_user->id)
+                ->where(function ($q) use ($siteId): void {
+                    $q->where('site_id', $siteId)->orWhereNull('site_id');
+                })
+                ->delete();
+
+            $now = now();
+            foreach ($menuActionIds as $mid) {
+                DB::table('admin_user_menu_actions')->insert([
+                    'admin_user_id' => $admin_user->id,
+                    'site_id' => $siteId,
+                    'menu_action_id' => (int) $mid,
+                    'granted_at' => $now,
+                ]);
+            }
+        });
+
+        $admin_user->load('roles');
 
         return ApiResponse::success([
             'id' => (int) $admin_user->id,
             'username' => $admin_user->username,
             'nickname' => $admin_user->name,
             'roles' => $admin_user->adminRoleSlugs(),
-            'direct_permissions' => $admin_user->permissions
-                ->pluck('slug')
-                ->filter(static fn ($slug): bool => is_string($slug) && $slug !== '')
-                ->values()
-                ->all(),
+            'direct_permissions' => $admin_user->directLegacyPermissionSlugs(),
             'effective_permissions' => $admin_user->adminPermissionSlugs(),
         ]);
     }