46 lines
1.6 KiB
PHP
46 lines
1.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\V1\Admin\User;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\AdminPermission;
|
|
use App\Models\AdminUser;
|
|
use App\Support\ApiResponse;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
|
|
/** PUT /api/v1/admin/admin-users/{admin_user}/permissions */
|
|
final class AdminUserPermissionSyncController extends Controller
|
|
{
|
|
public function __invoke(Request $request, AdminUser $admin_user): JsonResponse
|
|
{
|
|
/** @var array{permission_slugs:list<string>} $data */
|
|
$data = validator($request->all(), [
|
|
'permission_slugs' => ['required', 'array'],
|
|
'permission_slugs.*' => ['string', 'max:128', 'distinct', 'exists:admin_permissions,slug'],
|
|
])->validate();
|
|
|
|
$slugs = array_values(array_unique($data['permission_slugs']));
|
|
$permissionIds = AdminPermission::query()
|
|
->whereIn('slug', $slugs)
|
|
->pluck('id')
|
|
->all();
|
|
|
|
$admin_user->permissions()->sync($permissionIds);
|
|
$admin_user->load(['roles.permissions', 'permissions']);
|
|
|
|
return ApiResponse::success([
|
|
'id' => (int) $admin_user->id,
|
|
'username' => $admin_user->username,
|
|
'nickname' => $admin_user->name,
|
|
'roles' => $admin_user->adminRoleSlugs(),
|
|
'direct_permissions' => $admin_user->permissions
|
|
->pluck('slug')
|
|
->filter(static fn ($slug): bool => is_string($slug) && $slug !== '')
|
|
->values()
|
|
->all(),
|
|
'effective_permissions' => $admin_user->adminPermissionSlugs(),
|
|
]);
|
|
}
|
|
}
|