*/ final readonly class TaskDocumentProvider implements ProviderInterface { public function __construct( private EntityManagerInterface $entityManager, private Security $security, ) {} public function provide(Operation $operation, array $uriVariables = [], array $context = []): array|TaskDocument|null { $user = $this->security->getUser(); assert($user instanceof User); $repo = $this->entityManager->getRepository(TaskDocument::class); $isClient = $this->security->isGranted('ROLE_CLIENT') && !$this->security->isGranted('ROLE_ADMIN'); // Single item if (isset($uriVariables['id'])) { $document = $repo->find($uriVariables['id']); if (null === $document) { return null; } if ($isClient) { $ticket = $document->getClientTicket(); if (null === $ticket || $ticket->getSubmittedBy() !== $user) { return null; } } return $document; } // Collection $qb = $repo->createQueryBuilder('d') ->orderBy('d.id', 'DESC') ; if ($isClient) { $qb->innerJoin('d.clientTicket', 'ct') ->andWhere('ct.submittedBy = :user') ->setParameter('user', $user) ; } // Apply filters from query parameters $filters = $context['filters'] ?? []; if (isset($filters['task'])) { $qb->andWhere('d.task = :task') ->setParameter('task', self::extractId($filters['task'])) ; } if (isset($filters['clientTicket'])) { $qb->andWhere('d.clientTicket = :clientTicket') ->setParameter('clientTicket', self::extractId($filters['clientTicket'])) ; } return $qb->getQuery()->getResult(); } private static function extractId(string $value): int { return is_numeric($value) ? (int) $value : (int) basename($value); } }