user()->currentWorkspaceUser(); return $workspaceUser->role->is(WorkspaceUserRole::Owner); } /** * Get the validation rules that apply to the request. * * @return array|string> */ public function rules(): array { return [ 'permissions' => ['required', 'array'], 'permissions.*' => ['boolean'], ]; } /** * Configure the validator instance. */ public function withValidator(\Illuminate\Validation\Validator $validator): void { $validator->after(function (\Illuminate\Validation\Validator $validator) { $permissions = $this->input('permissions', []); $validKeys = Permission::getValues(); foreach (array_keys($permissions) as $key) { if (! in_array($key, $validKeys, true)) { $validator->errors()->add( 'permissions', "Invalid permission key: {$key}" ); } } // Ensure ALL permission keys are present to prevent silent permission loss $missingKeys = array_diff($validKeys, array_keys($permissions)); if (! empty($missingKeys)) { $validator->errors()->add( 'permissions', 'Missing permission keys: '.implode(', ', $missingKeys) ); } }); } /** * Handle a failed authorization attempt. */ protected function failedAuthorization(): void { abort(404); } }