feat : add ClientTicketProvider with filtering
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
70
src/State/ClientTicketProvider.php
Normal file
70
src/State/ClientTicketProvider.php
Normal file
@@ -0,0 +1,70 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\State;
|
||||
|
||||
use ApiPlatform\Metadata\Operation;
|
||||
use ApiPlatform\State\ProviderInterface;
|
||||
use App\Entity\ClientTicket;
|
||||
use App\Entity\User;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
|
||||
/**
|
||||
* @implements ProviderInterface<ClientTicket>
|
||||
*/
|
||||
final readonly class ClientTicketProvider implements ProviderInterface
|
||||
{
|
||||
public function __construct(
|
||||
private EntityManagerInterface $entityManager,
|
||||
private Security $security,
|
||||
) {}
|
||||
|
||||
public function provide(Operation $operation, array $uriVariables = [], array $context = []): array|ClientTicket|null
|
||||
{
|
||||
$user = $this->security->getUser();
|
||||
assert($user instanceof User);
|
||||
|
||||
$repo = $this->entityManager->getRepository(ClientTicket::class);
|
||||
|
||||
// Single item
|
||||
if (isset($uriVariables['id'])) {
|
||||
$ticket = $repo->find($uriVariables['id']);
|
||||
if (null === $ticket) {
|
||||
return null;
|
||||
}
|
||||
if (!$this->security->isGranted('ROLE_ADMIN') && $ticket->getSubmittedBy() !== $user) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $ticket;
|
||||
}
|
||||
|
||||
// Collection with manual filtering
|
||||
$qb = $repo->createQueryBuilder('ct')
|
||||
->orderBy('ct.createdAt', 'DESC')
|
||||
;
|
||||
|
||||
// ROLE_CLIENT: only own tickets
|
||||
if (!$this->security->isGranted('ROLE_ADMIN')) {
|
||||
$qb->andWhere('ct.submittedBy = :user')->setParameter('user', $user);
|
||||
}
|
||||
|
||||
// Apply filters from query parameters
|
||||
$filters = $context['filters'] ?? [];
|
||||
if (isset($filters['project'])) {
|
||||
$projectId = is_numeric($filters['project']) ? (int) $filters['project'] : (int) basename($filters['project']);
|
||||
$qb->andWhere('ct.project = :project')->setParameter('project', $projectId);
|
||||
}
|
||||
if (isset($filters['status'])) {
|
||||
$qb->andWhere('ct.status = :status')->setParameter('status', $filters['status']);
|
||||
}
|
||||
if (isset($filters['submittedBy']) && $this->security->isGranted('ROLE_ADMIN')) {
|
||||
$submittedById = is_numeric($filters['submittedBy']) ? (int) $filters['submittedBy'] : (int) basename($filters['submittedBy']);
|
||||
$qb->andWhere('ct.submittedBy = :submittedBy')->setParameter('submittedBy', $submittedById);
|
||||
}
|
||||
|
||||
return $qb->getQuery()->getResult();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user