fix: review feedback

Signed-off-by: romanetar <roman_ag@hotmail.com>

Author: romanetar

app/Models/Foundation/Main/Member.php

@@ -22,7 +22,6 @@
 use Doctrine\DBAL\Exception;
 use Doctrine\ORM\Query\ResultSetMappingBuilder;
 use Illuminate\Support\Facades\Config;
-use Doctrine\DBAL\ParameterType;
 use LaravelDoctrine\ORM\Facades\EntityManager;
 use models\summit\Presentation;
 use models\summit\SummitMetric;
@@ -1861,14 +1860,38 @@ public function getActiveSummitsSponsorMemberships()
             return [];
         }
 
-        // Step 2 — load all sponsors in a single IN query. findBy() uses PK-based hydration
-        // which avoids the ORM 3 assertion failure triggered by the OneToOne inverse associations
-        // on Sponsor (lead_report_setting, sponsorservices_statistics) that DQL/native-query
-        // hydration hits. The result set is then re-sorted to match the SQL ORDER BY.
-        $position = array_flip($ids);
-        $sponsors = EntityManager::getRepository(Sponsor::class)->findBy(['id' => $ids]);
-        usort($sponsors, fn($a, $b) => $position[$a->getId()] <=> $position[$b->getId()]);
-        return $sponsors;
+        return $this->loadSponsorsByIds($ids);
+    }
+
+    /**
+     * @param Summit $summit
+     * @return ArrayCollection
+     * @throws Exception
+     */
+    public function getAccessibleSponsorsBySummit(Summit $summit): ArrayCollection
+    {
+        $ids = $this->getSponsorMembershipIds($summit);
+
+        return new ArrayCollection($this->loadSponsorsByIds($ids));
+    }
+
+    /**
+     * Loads Sponsor entities by PK using DQL rather than native-query hydration.
+     * findBy()-style PK hydration avoids the ORM 3 assertion failure triggered by
+     * the OneToOne inverse associations on Sponsor (lead_report_setting,
+     * sponsorservices_statistics) that DQL/native-query hydration hits.
+     *
+     * @param int[] $ids
+     * @return Sponsor[]
+     */
+    private function loadSponsorsByIds(array $ids): array
+    {
+        if (empty($ids)) return [];
+
+        return $this->getEM()
+            ->createQuery('SELECT s FROM ' . Sponsor::class . ' s WHERE s.id IN (:ids) ORDER BY s.id ASC')
+            ->setParameter('ids', $ids)
+            ->getResult();
     }
 
     /**
@@ -1991,41 +2014,6 @@ public function addSummitRegistrationOrder(SummitOrder $summit_order)
         $summit_order->setOwner($this);
     }
 
-    /**
-     * @param Summit $summit
-     * @return ArrayCollection
-     * @throws Exception
-     */
-    public function getAllowedSponsorsBySummit(Summit $summit): ArrayCollection
-    {
-        $sql = <<<SQL
-SELECT su.SponsorID
-FROM Sponsor_Users su
-INNER JOIN Sponsor s ON s.ID = su.SponsorID
-WHERE su.MemberID = :member_id
-    AND s.SummitID = :summit_id
-    AND (
-        JSON_CONTAINS(COALESCE(su.Permissions, '[]'), JSON_QUOTE(:slug_sponsors))
-        OR JSON_CONTAINS(COALESCE(su.Permissions, '[]'), JSON_QUOTE(:slug_external))
-    )
-SQL;
-        $ids = $this->prepareRawSQL($sql, [
-            'member_id'     => $this->getId(),
-            'summit_id'     => $summit->getId(),
-            'slug_sponsors' => IGroup::Sponsors,
-            'slug_external' => IGroup::SponsorExternalUsers,
-        ])->executeQuery()->fetchFirstColumn();
-
-        if (empty($ids)) {
-            return new ArrayCollection();
-        }
-
-        $position = array_flip($ids);
-        $sponsors = $this->getEM()->getRepository(Sponsor::class)->findBy(['id' => $ids]);
-        usort($sponsors, fn($a, $b) => $position[$a->getId()] <=> $position[$b->getId()]);
-        return new ArrayCollection($sponsors);
-    }
-
     /**
      * @param Summit $summit
      * @param int $sponsor_id

app/Services/Model/Imp/SponsorUserInfoGrantService.php

@@ -178,7 +178,7 @@ public function addBadgeScan(Summit $summit, Member $current_member, array $data
             if(is_null($badge))
                 throw new EntityNotFoundException("badge not found.");
 
-            $member_sponsors = $current_member->getAllowedSponsorsBySummit($summit);
+            $member_sponsors = $current_member->getAccessibleSponsorsBySummit($summit);
 
             if ($member_sponsors->isEmpty())
                 throw new ValidationException("Current member does not have badge scan permissions for any sponsor of this summit.");

database/migrations/model/Version20260408102410.php

@@ -43,7 +43,7 @@ public function up(Schema $schema): void
     SELECT JSON_ARRAYAGG(g.Code)
     FROM Group_Members gm
     INNER JOIN `Group` g ON g.ID = gm.GroupID
-    WHERE gm.MemberID = su.MemberID
+    WHERE gm.MemberID = su.MemberID AND g.Code IN ('sponsors', 'sponsor-external-users')
 )
 WHERE su.Permissions IS NULL
 SQL

tests/oauth2/OAuth2SummitBadgeScanApiControllerTest.php

@@ -91,7 +91,7 @@ public function testAddEncryptedBadgeScan(){
         self::$em->flush();
 
         $this->assertTrue($sponsor->hasUser(self::$member));
-        $this->assertGreaterThan(0, self::$member->getAllowedSponsorsBySummit(self::$summit)->count());
+        $this->assertGreaterThan(0, self::$member->getAccessibleSponsorsBySummit(self::$summit)->count());
 
         $badge = $attendee->getFirstTicket()->getBadge();
         $badge_qr_code = $badge->generateQRCode();
@@ -374,7 +374,7 @@ public function testAddBadgeScanWithMultipleSponsorsWithoutSponsorId()
         self::$member->addSponsorPermission($sponsor1->getId(), IGroup::Sponsors);
         self::$member->addSponsorPermission($sponsor2->getId(), IGroup::Sponsors);
 
-        $this->assertGreaterThan(1, self::$member->getAllowedSponsorsBySummit(self::$summit)->count());
+        $this->assertGreaterThan(1, self::$member->getAccessibleSponsorsBySummit(self::$summit)->count());
 
         $params = [
             'id' => self::$summit->getId(),
@@ -422,7 +422,7 @@ public function testAddBadgeScanWithMultipleSponsorsWithSponsorId()
         self::$member->addSponsorPermission($sponsor1->getId(), IGroup::Sponsors);
         self::$member->addSponsorPermission($sponsor2->getId(), IGroup::Sponsors);
 
-        $this->assertGreaterThan(1, self::$member->getAllowedSponsorsBySummit(self::$summit)->count());
+        $this->assertGreaterThan(1, self::$member->getAccessibleSponsorsBySummit(self::$summit)->count());
 
         $params = [
             'id' => self::$summit->getId(),