Easy_solution/src/Service/UserOrganizationAppService.php

<?php

namespace App\Service;

use App\Entity\Apps;
use App\Entity\Roles;
use App\Entity\User;
use App\Entity\UserOrganizatonApp;
use App\Entity\UsersOrganizations;
use App\Service\ActionService;
use Doctrine\ORM\EntityManagerInterface;

class UserOrganizationAppService
{
    public function __construct(private readonly EntityManagerInterface $entityManager, private readonly ActionService $actionService)
    {
    }

    /**
     * Groups UserOrganizationApp entities by Application
     * and prepares data for Twig.
     *
     * @param UserOrganizatonApp[] $userOrgApps
     * @return array
     */
    public function groupUserOrganizationAppsByApplication(array $userOrgApps): array
    {
        $grouped = [];

        foreach ($userOrgApps as $uoa) {
            $app        = $uoa->getApplication();
            $appId      = $app->getId();
            $roleEntity = $uoa->getRole();

            if (!isset($grouped[$appId])) {
                $grouped[$appId] = [
                    'uoId' => $uoa->getUserOrganization()->getId(),
                    'application'      => $app,  // you can still pass entity here
                    'roles'            => [],    // selected roles for display
                    'rolesArray'       => [],    // all possible roles
                    'selectedRoleIds'  => [],
                ];
            }

            $grouped[$appId]['roles'][] = [
                'id'   => $roleEntity->getId(),
                'name' => $roleEntity->getName(),
            ];
            $grouped[$appId]['selectedRoleIds'][] = $roleEntity->getId();
        }

        // roles are the same for all apps → load once, inject into each appGroup
        $allRoles = $this->entityManager->getRepository(Roles::class)->findAll();

        foreach ($grouped as &$appGroup) {
            foreach ($allRoles as $role) {
                $appGroup['rolesArray'][] = [
                    'id'   => $role->getId(),
                    'name' => $role->getName(),
                ];
            }
        }

        return array_values($grouped);
    }

    /**
     * Deactivates all the UserOrganizationApp entities for a given UserOrganization.
     *
     * @param UsersOrganizations $userOrganization
     * @return void
     */
    public function deactivateAllUserOrganizationsAppLinks(UsersOrganizations $userOrganization, Apps $app = null): void
    {
        if($app) {
            $uoas = $this->entityManager->getRepository(UserOrganizatonApp::class)->findBy(['userOrganization' => $userOrganization, 'application' => $app, 'isActive' => true]);
        } else {
            $uoas = $this->entityManager->getRepository(UserOrganizatonApp::class)->findBy(['userOrganization' => $userOrganization, 'isActive' => true]);
        }
        foreach ($uoas as $uoa) {
            $uoa->setIsActive(false);
            $this->actionService->createAction("Deactivate UOA link", $userOrganization->getUsers(),
                $userOrganization->getOrganization(), "App: " . $uoa->getApplication()->getName() . ", Role: " . $uoa->getRole()->getName());
            $this->entityManager->persist($uoa);
        }
    }

    public function syncRolesForUserOrganizationApp(
        UsersOrganizations $uo,
        Apps $application,
        array $selectedRoleIds,
        User $actingUser
    ): void {
        $repo = $this->entityManager->getRepository(UserOrganizatonApp::class);
        $currentLinks = $repo->findBy([
            'userOrganization' => $uo,
            'application'      => $application,
        ]);

        $currentRoleIds = [];
        foreach ($currentLinks as $uoa) {
            $roleId = $uoa->getRole()->getId();
            $currentRoleIds[] = $roleId;

            if (in_array($roleId, $selectedRoleIds)) {
                if (!$uoa->isActive()) {
                    $uoa->setIsActive(true);
                    $this->entityManager->persist($uoa);
                    $this->actionService->createAction(
                        "Re-activate user role for application",
                        $actingUser,
                        $uo->getOrganization(),
                        "App: {$application->getName()}, Role: {$uoa->getRole()->getName()} for user {$uo->getUsers()->getUserIdentifier()}"
                    );
                }
            } else {
                if ($uoa->isActive()) {
                    $uoa->setIsActive(false);
                    $this->entityManager->persist($uoa);

                    $this->actionService->createAction(
                        "Deactivate user role for application",
                        $actingUser,
                        $uo->getOrganization(),
                        "App: {$application->getName()}, Role: {$uoa->getRole()->getName()} for user {$uo->getUsers()->getUserIdentifier()}"
                    );
                }
            }
        }

        // Add missing roles
        foreach ($selectedRoleIds as $roleId) {
            if (!in_array($roleId, $currentRoleIds)) {
                $role = $this->entityManager->getRepository(Roles::class)->find($roleId);
                if ($role) {
                    $newUoa = new UserOrganizatonApp();
                    $newUoa->setUserOrganization($uo);
                    $newUoa->setApplication($application);
                    $newUoa->setRole($role);
                    $newUoa->setIsActive(true);

                    $this->entityManager->persist($newUoa);
                    $this->actionService->createAction("New user role for application",
                        $actingUser,
                        $uo->getOrganization(),
                        "App: {$application->getName()}, Role: {$role->getName()} for user {$uo->getUsers()->getUserIdentifier()}");
                }
            }
        }

        $this->entityManager->flush();
    }

}