*/ final class TourProvider implements ProviderInterface { public function __construct( #[Autowire(service: 'App\Module\FieldSales\Infrastructure\Doctrine\DoctrineTourRepository')] private readonly TourRepositoryInterface $repository, private readonly Pagination $pagination, private readonly Security $security, ) {} public function provide(Operation $operation, array $uriVariables = [], array $context = []): iterable|Paginator|Tour|null { if ($operation instanceof CollectionOperationInterface) { return $this->provideCollection($operation, $context); } return $this->provideItem($uriVariables); } /** * @param array $context * * @return list|Paginator */ private function provideCollection(Operation $operation, array $context): array|Paginator { // RG-6.01 : la Commerciale ne voit que ses tournees ; admin / Bureau tout. $ownerFilter = $this->canSeeAll() ? null : $this->security->getUser(); $qb = $this->repository->createListQueryBuilder($ownerFilter); // Echappatoire ?pagination=false (convention ERP-72). if (!$this->pagination->isEnabled($operation, $context)) { /** @var list $tours */ return $qb->getQuery()->getResult(); } $limit = $this->pagination->getLimit($operation, $context); $page = max(1, $this->pagination->getPage($context)); $offset = ($page - 1) * $limit; $qb->setFirstResult($offset)->setMaxResults($limit); return new Paginator(new DoctrinePaginator($qb->getQuery(), fetchJoinCollection: false)); } /** * @param array $uriVariables */ private function provideItem(array $uriVariables): ?Tour { $id = $uriVariables['id'] ?? null; if (!is_int($id) && !(is_string($id) && ctype_digit($id))) { return null; } $tour = $this->repository->findById((int) $id); if (null === $tour || null !== $tour->getDeletedAt()) { return null; } // RG-6.01 : une Commerciale ne peut pas acceder a la tournee d'autrui. if (!$this->canSeeAll() && $tour->getOwner() !== $this->security->getUser()) { return null; } return $tour; } /** * Vrai si l'utilisateur courant voit/edite toutes les tournees : admin * (ROLE_ADMIN) ou role metier Bureau (RG-6.01). */ private function canSeeAll(): bool { if ($this->security->isGranted('ROLE_ADMIN')) { return true; } $user = $this->security->getUser(); return $user instanceof BusinessRoleAwareInterface && $user->hasBusinessRole(BusinessRoles::BUREAU); } }