feat(technique) : sous-ressources Contacts / Adresses / RIBs (ERP-135)

Expose les sous-collections du prestataire en #[ApiResource] (POST sur le
parent + PATCH/DELETE/GET unitaires), edition complete par onglet (pas de
POST-only, RETEX M1/M2) :

- ProviderContact : POST /providers/{id}/contacts, PATCH/DELETE
  /provider_contacts/{id} (security technique.providers.manage).
  ProviderContactProcessor : normalisation RG-3.11 (nom/prenom Title Case,
  telephones chiffres, email lowercase) + RG-3.04 (au moins un champ parmi
  prenom/nom/telephone/email, miroir du CHECK chk_provider_contact_name -> 422).
- ProviderAddress : POST /providers/{id}/addresses, PATCH/DELETE
  /provider_addresses/{id} (security technique.providers.manage).
  ProviderAddressProcessor : rattachement parent + cloisonnement d'ecriture des
  sites de l'adresse (RG-3.05 / § 2.13 : site hors user_site -> 422 sur sites).
- ProviderRib : POST /providers/{id}/ribs, PATCH/DELETE /provider_ribs/{id}
  (security technique.providers.accounting.manage). ProviderRibProcessor :
  RG-3.08 (DELETE du dernier RIB sous LCR -> 409).

Tests : ProviderSubResourceApiTest (19 cas) — CRUD chaque sous-ressource, 403
selon permission (Contacts/Adresses=manage, RIB=accounting.manage), 409 dernier
RIB LCR, 422 cloisonnement site adresse. Helpers addContact/addRib/paymentType
ajoutes a AbstractProviderApiTestCase.

tests/Module/Technique/Api/AbstractProviderApiTestCase.php

@@ -7,11 +7,14 @@ namespace App\Tests\Module\Technique\Api;
 use ApiPlatform\Symfony\Bundle\Test\Client;
 use App\Module\Catalog\Domain\Entity\Category;
 use App\Module\Catalog\Domain\Entity\CategoryType;
+use App\Module\Commercial\Domain\Entity\PaymentType;
 use App\Module\Core\Domain\Entity\Permission;
 use App\Module\Core\Domain\Entity\Role;
 use App\Module\Core\Domain\Entity\User;
 use App\Module\Sites\Domain\Entity\Site;
 use App\Module\Technique\Domain\Entity\Provider;
+use App\Module\Technique\Domain\Entity\ProviderContact;
+use App\Module\Technique\Domain\Entity\ProviderRib;
 use App\Tests\Module\Core\Api\AbstractApiTestCase;
 use DateTimeImmutable;
 use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
@@ -48,6 +51,12 @@ abstract class AbstractProviderApiTestCase extends AbstractApiTestCase
     protected const string SITE_17 = '17400'; // Saint-Jean
     protected const string SITE_82 = '82400'; // Pommevic
 
+    /** IBAN / BIC valides (memes valeurs que les tests M2) pour les RIB. */
+    protected const string VALID_IBAN = 'FR1420041010050500013M02606';
+    protected const string VALID_BIC  = 'BNPAFRPPXXX';
+    /** BIC d'un autre pays (DE) : controle croise pays BIC/IBAN. */
+    protected const string FOREIGN_BIC = 'DEUTDEFFXXX';
+
     protected function tearDown(): void
     {
         $em = $this->getEm();
@@ -268,6 +277,64 @@ abstract class AbstractProviderApiTestCase extends AbstractApiTestCase
         return ['username' => $username, 'password' => $password];
     }
 
+    /**
+     * Ajoute un contact a un prestataire deja persiste (seed direct).
+     */
+    protected function addContact(
+        Provider $provider,
+        ?string $firstName = 'Marie',
+        ?string $lastName = 'Martin',
+        ?string $phonePrimary = null,
+        ?string $email = null,
+        int $position = 0,
+    ): ProviderContact {
+        $contact = new ProviderContact();
+        $contact->setProvider($provider);
+        $contact->setFirstName($firstName);
+        $contact->setLastName($lastName);
+        $contact->setPhonePrimary($phonePrimary);
+        $contact->setEmail($email);
+        $contact->setPosition($position);
+        $provider->addContact($contact);
+        $this->getEm()->persist($contact);
+        $this->getEm()->flush();
+
+        return $contact;
+    }
+
+    /**
+     * Ajoute un RIB a un prestataire deja persiste (seed direct).
+     */
+    protected function addRib(Provider $provider, string $label = 'Compte principal'): ProviderRib
+    {
+        $rib = new ProviderRib();
+        $rib->setProvider($provider);
+        $rib->setLabel($label);
+        $rib->setBic(self::VALID_BIC);
+        $rib->setIban(self::VALID_IBAN);
+        $provider->addRib($rib);
+        $this->getEm()->persist($rib);
+        $this->getEm()->flush();
+
+        return $rib;
+    }
+
+    /**
+     * Recupere un type de reglement seede (CommercialReferentialFixtures) par code
+     * (ex. LCR, VIREMENT). Echoue explicitement si absent (fixtures non chargees).
+     */
+    protected function paymentType(string $code): PaymentType
+    {
+        $paymentType = $this->getEm()->getRepository(PaymentType::class)->findOneBy(['code' => $code]);
+
+        self::assertNotNull(
+            $paymentType,
+            sprintf('Type de reglement "%s" introuvable : fixtures comptables chargees (make test-db-setup) ?', $code),
+        );
+
+        return $paymentType;
+    }
+
     /**
      * Indexe les violations d'un corps 422 par propertyPath (assert ciblee).
      *