lotteryAdmin(); abort_if($admin === null, 401); $denied = AdminAgentNodeAccess::denyUnlessNodeVisible($admin, $agent_node); if ($denied !== null) { return $denied; } if ($agent_node->isRoot()) { return ApiMessage::errorResponse( $request, 'admin.agent_delegation_root_denied', ErrorCode::ValidationFailed->value, null, 422, ); } if (! AgentDelegationAuthorization::childIsManageableBy($admin, $agent_node)) { return ApiMessage::errorResponse( $request, 'admin.agent_delegation_manage_denied', ErrorCode::AdminForbidden->value, null, 403, ); } $before = $service->listForChild($agent_node); $grants = $request->validated('grants'); $after = $service->syncGrants($admin, $agent_node, $grants); AuditLogger::recordForAdmin( $admin, $request, 'agent', 'agent.delegation.sync', 'agent_node', (string) $agent_node->id, ['grants' => $before], ['grants' => $after], ); return ApiResponse::success([ 'child_agent_id' => (int) $agent_node->id, 'grants' => $after, ]); } }