} $data */ $data = validator($request->all(), [ 'permission_slugs' => ['required', 'array'], 'permission_slugs.*' => ['string', 'max:128', 'distinct', 'exists:admin_permissions,slug'], ])->validate(); $slugs = array_values(array_unique($data['permission_slugs'])); $permissionIds = AdminPermission::query() ->whereIn('slug', $slugs) ->pluck('id') ->all(); $admin_user->permissions()->sync($permissionIds); $admin_user->load(['roles.permissions', 'permissions']); return ApiResponse::success([ 'id' => (int) $admin_user->id, 'username' => $admin_user->username, 'nickname' => $admin_user->name, 'roles' => $admin_user->adminRoleSlugs(), 'direct_permissions' => $admin_user->permissions ->pluck('slug') ->filter(static fn ($slug): bool => is_string($slug) && $slug !== '') ->values() ->all(), 'effective_permissions' => $admin_user->adminPermissionSlugs(), ]); } }