security->isGranted('ROLE_ADMIN')) { throw new AccessDeniedException('Access denied: ROLE_ADMIN required.'); } $prospect = $this->prospectRepository->findById($id); if (null === $prospect) { throw new InvalidArgumentException(sprintf('Prospect with ID %d not found.', $id)); } if (null !== $company) { $prospect->setCompany($company); } if (null !== $email) { $prospect->setEmail($email); } if (null !== $phone) { $prospect->setPhone($phone); } if (null !== $website) { $prospect->setWebsite($website); } if (null !== $status) { $statusEnum = ProspectStatus::tryFrom($status); if (null === $statusEnum) { throw new InvalidArgumentException(sprintf('Invalid status "%s". Allowed: new, contacted, qualified, won, lost.', $status)); } $prospect->setStatus($statusEnum); } if (null !== $source) { $prospect->setSource($source); } if (null !== $notes) { $prospect->setNotes($notes); } $this->entityManager->flush(); return json_encode(Serializer::prospect($prospect)); } }