Fix Security "this" variable on ExtendType fields

[charly-ffss]

Fixes #653
Related to #792

Problem

When using #[Security] on a field declared in an #[ExtendType], the this
variable incorrectly points to the resolver instance instead of the source object.

This breaks authorization logic relying on the domain object (e.g. voters).

Fix

Preserve $source when injectSource=true instead of always using
$originalResolver->executionSource($source).

Test coverage

Extends existing end-to-end test to assert that:

• this is the source object
• not the resolver instance

Result

• Correct behavior for #[Security] on #[ExtendType]
• No regression on existing tests

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.84%. Comparing base (53f9d49) to head (39a34b4).
⚠️ Report is 153 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff              @@
##             master     #801      +/-   ##
============================================
- Coverage     95.72%   94.84%   -0.89%     
- Complexity     1773     1893     +120     
============================================
  Files           154      176      +22     
  Lines          4586     4982     +396     
============================================
+ Hits           4390     4725     +335     
- Misses          196      257      +61     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[oojacoboo]

Thanks @charly-ffss!