all(); Guard::requireLogin(); $currentUserId = (int) ($session['user']['id'] ?? 0); $uuid = trim((string) ($id ?? '')); if ($uuid === '') { http_response_code(400); return; } $decision = app(AuthorizationService::class)->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW, [ 'actor_user_id' => $currentUserId, ]); if (!$decision->isAllowed()) { http_response_code(403); $user = null; return; } $profile = app(UserProfileViewService::class)->buildAdminProfile($currentUserId, $uuid); $status = (string) ($profile['status'] ?? ''); if ($status === 'not_found' || $status === 'invalid_uuid') { http_response_code(404); $user = null; return; } if ($status === 'forbidden') { http_response_code(403); $user = null; return; } $user = $profile['user'] ?? null; if (!is_array($user)) { http_response_code(404); $user = null; return; }