all(); Guard::requireLogin(); $currentUserId = (int) ($session['user']['id'] ?? 0); $authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class); $decision = $authorizationService->authorize(PermissionAuthorizationPolicy::ABILITY_ADMIN_PERMISSIONS_DELETE, [ 'actor_user_id' => $currentUserId, ]); if (!$decision->isAllowed()) { Guard::deny(); } $id = (int) ($id ?? 0); if ($id <= 0) { Router::redirect('admin/permissions'); return; } $roleIds = app(\MintyPHP\Repository\Access\RolePermissionRepository::class)->listRoleIdsByPermissionId($id); $affectedUserIds = app(\MintyPHP\Repository\Access\UserRoleRepository::class)->listUserIdsByRoleIds($roleIds); $result = app(PermissionService::class)->deleteById($id); if (!($result['ok'] ?? false)) { $error = (string) ($result['error'] ?? ''); if ($error === 'system_permission_protected') { Flash::error('System permission can not be deleted', 'admin/permissions', 'permission_system_protected'); } else { Flash::error('Permission not found', 'admin/permissions', 'permission_not_found'); } Router::redirect('admin/permissions'); } if ($affectedUserIds) { app(\MintyPHP\Repository\User\UserWriteRepository::class)->bumpAuthzVersionByUserIds($affectedUserIds); } Flash::success('Permission deleted', 'admin/permissions', 'permission_deleted'); Router::redirect('admin/permissions');