Fix support API audit logging

app/Support/SupportApiAuthorizer.php

@@ -48,4 +48,39 @@ class SupportApiAuthorizer
 
         return null;
     }
+
+    /**
+     * @param  array<int, string>  $abilities
+     */
+    public static function authorizeAnyAbility(Request $request, array $abilities, string $actionLabel = 'resource'): ?JsonResponse
+    {
+        if ($abilities === []) {
+            return null;
+        }
+
+        $token = $request->user()?->currentAccessToken();
+
+        if (! $token) {
+            return ApiError::response(
+                'unauthenticated',
+                'Unauthenticated',
+                'Missing access token for support request.',
+                401
+            );
+        }
+
+        foreach ($abilities as $ability) {
+            if ($token->can($ability)) {
+                return null;
+            }
+        }
+
+        return ApiError::response(
+            'forbidden',
+            'Forbidden',
+            "Missing required ability for support {$actionLabel}.",
+            403,
+            ['required' => $abilities]
+        );
+    }
 }