Easy_solution/src/Repository/OrganizationsRepository.php

<?php

namespace App\Repository;

use App\Entity\Organizations;
use App\Entity\User;
use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
use Doctrine\ORM\Tools\Pagination\Paginator;
use Doctrine\Persistence\ManagerRegistry;
use App\Entity\UsersOrganizations;

/**
 * @extends ServiceEntityRepository<Organizations>
 */
class OrganizationsRepository extends ServiceEntityRepository
{
    public function __construct(ManagerRegistry $registry)
    {
        parent::__construct($registry, Organizations::class);
    }

    public function findAdmissibleOrganizations(User $user, bool $isSuperAdmin, int $page, int $size, array $filters = []): Paginator
    {
        $qb = $this->createQueryBuilder('o')
            ->where('o.isDeleted = :del')
            ->setParameter('del', false);

        // 1. Security Logic: If not Super Admin, join UsersOrganizations to filter
        if (!$isSuperAdmin) {
            $qb->innerJoin(UsersOrganizations::class, 'uo', 'WITH', 'uo.organization = o')
                ->andWhere('uo.users = :user')
                ->andWhere('uo.role = :roleAdmin')
                ->andWhere('uo.isActive = true')
                ->setParameter('user', $user)
                // You can pass the actual Role entity or the string name depending on your mapping
                ->setParameter('roleAdmin', $this->_em->getRepository(\App\Entity\Roles::class)->findOneBy(['name' => 'ADMIN']));
        }

        // 2. Filters
        if (!empty($filters['name'])) {
            $qb->andWhere('o.name LIKE :name')
                ->setParameter('name', '%' . $filters['name'] . '%');
        }
        if (!empty($filters['email'])) {
            $qb->andWhere('o.email LIKE :email')
                ->setParameter('email', '%' . $filters['email'] . '%');
        }

        // 3. Pagination
        $qb->setFirstResult(($page - 1) * $size)
            ->setMaxResults($size);

        return new Paginator($qb);
    }
}