autocde2.0/app/Http/Requests/API/ApprovalFlow/CreateOrUpdateRequest.php

<?php

namespace App\Http\Requests\API\ApprovalFlow;

use App\Models\Enums\ApprovalFlowObjectType;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
use Illuminate\Validation\Rules\Enum;

class CreateOrUpdateRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     */
    public function authorize(): bool
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
     */
    public function rules(): array
    {
        $rules =  [
            "name" => "required|max:50",
            "nodes" => [
                'required',
                'array',
                'min:1',
            ],
            "nodes.*.name" => "required",
            "nodes.*.approval_users" => "required|array",
            "nodes.*.level" => "required|numeric",
        ];

        if ($this->method() == "POST") {
            $rules = [
                ...$rules,
                "object_type" => [
                    'required',
                    new Enum(ApprovalFlowObjectType::class),
                ],
                "object_id" => [
                    'required',
                    function ($attribute, $value, $fail) {
                        $exist = ApprovalFlowObjectType::from($this->get("object_type"))
                            ->modelBuilderAllowed($value)
                            ->where("company_id", Auth::user()->company_id)
                            ->where('id', $value)
                            ->count();
                        if (! $exist) {
                            $fail('Resources without permission to access.');
                        }
                    }
                ],
            ];
        }

        return $rules;
    }
}