orderBy('sort') ->orderBy('id') ->get(); return response()->json($rows); } public function update(Request $request, RolePermission $rolePermission): JsonResponse { $this->ensureSuperAdmin($request); $data = $request->validate([ 'super_admin_allowed' => ['required', 'boolean'], 'venue_admin_allowed' => ['required', 'boolean'], 'scope' => ['nullable', 'string', 'max:255'], 'sort' => ['nullable', 'integer', 'min:0'], ]); $rolePermission->fill($data)->save(); return response()->json($rolePermission); } public function batchUpdate(Request $request): JsonResponse { $this->ensureSuperAdmin($request); $data = $request->validate([ 'items' => ['required', 'array', 'min:1'], 'items.*.id' => ['required', 'integer', 'exists:role_permissions,id'], 'items.*.super_admin_allowed' => ['required', 'boolean'], 'items.*.venue_admin_allowed' => ['required', 'boolean'], 'items.*.scope' => ['nullable', 'string', 'max:255'], 'items.*.sort' => ['nullable', 'integer', 'min:0'], ]); foreach ($data['items'] as $item) { $row = RolePermission::find($item['id']); if (!$row) { continue; } $row->fill([ 'super_admin_allowed' => $item['super_admin_allowed'], 'venue_admin_allowed' => $item['venue_admin_allowed'], 'scope' => $item['scope'] ?? $row->scope, 'sort' => $item['sort'] ?? $row->sort, ])->save(); } return response()->json(['message' => '批量保存成功']); } private function ensureSuperAdmin(Request $request): void { abort_unless($request->user()?->isSuperAdmin(), 403, '仅超级管理员可操作'); } }