user(); return $user instanceof User && $user->isPlatformSuperadmin(); } /** * @return array */ protected function getHeaderActions(): array { return [ Action::make('bootstrap_recover') ->label('Assign owner (recovery)') ->color('danger') ->requiresConfirmation() ->modalHeading('Break-glass: assign owner') ->modalDescription('This grants Owner access to a tenant. Use for recovery only. This action is audited.') ->form([ Select::make('tenant_id') ->label('Tenant') ->required() ->searchable() ->options(fn (): array => Tenant::query() ->where('status', 'active') ->orderBy('name') ->pluck('name', 'id') ->all()), Select::make('user_id') ->label('User') ->required() ->searchable() ->options(fn (): array => User::query() ->orderBy('name') ->pluck('name', 'id') ->all()), ]) ->action(function (array $data, TenantMembershipManager $manager): void { $actor = auth()->user(); if (! $actor instanceof User || ! $actor->isPlatformSuperadmin()) { abort(403); } $tenant = Tenant::query() ->where('status', 'active') ->whereKey((int) $data['tenant_id']) ->first(); if (! $tenant instanceof Tenant) { Notification::make()->title('Tenant not found')->danger()->send(); return; } $member = User::query()->whereKey((int) $data['user_id'])->first(); if (! $member instanceof User) { Notification::make()->title('User not found')->danger()->send(); return; } $manager->bootstrapRecover($tenant, $actor, $member); Notification::make()->title('Owner assigned')->success()->send(); }), ]; } }