addOwnerWhere($queryBuilder, $queryNameGenerator, $resourceClass); } public function applyToItem( QueryBuilder $queryBuilder, QueryNameGeneratorInterface $queryNameGenerator, string $resourceClass, array $identifiers, ?Operation $operation = null, array $context = [], ): void { $this->addOwnerWhere($queryBuilder, $queryNameGenerator, $resourceClass); } private function addOwnerWhere( QueryBuilder $queryBuilder, QueryNameGeneratorInterface $queryNameGenerator, string $resourceClass, ): void { // This extension fires for every resource's queries — only act on Bucket. if (Bucket::class !== $resourceClass) { return; } $user = $this->security->getUser(); if (!$user instanceof User) { return; } $rootAlias = $queryBuilder->getRootAliases()[0]; $scenarioAlias = $queryNameGenerator->generateJoinAlias('scenario'); $param = $queryNameGenerator->generateParameterName('currentUser'); $queryBuilder ->innerJoin(\sprintf('%s.scenario', $rootAlias), $scenarioAlias) ->andWhere(\sprintf('%s.owner = :%s', $scenarioAlias, $param)) ->setParameter($param, $user); } }