Fixed a bug related to fields without permission

javiereguiluz · javiereguiluz · commit 8051c8a87080 · 2020-05-09T20:03:50.000+02:00
diff --git a/src/Collection/EntityCollection.php b/src/Collection/EntityCollection.php
@@ -13,14 +13,20 @@ final class EntityCollection implements CollectionInterface
     /** @var EntityDto[] */
     private $entities;
 
-    private function __construct(EntityDto $entityDto, iterable $entityInstances)
+    /**
+     * @param EntityDto[] $entities
+     */
+    private function __construct(array $entities)
     {
-        $this->entities = $this->processEntities($entityDto, $entityInstances);
+        $this->entities = $entities;
     }
 
-    public static function new(EntityDto $entityDto, iterable $entityInstances): self
+    /**
+     * @param EntityDto[] $entities
+     */
+    public static function new(array $entities): self
     {
-        return new self($entityDto, $entityInstances);
+        return new self($entities);
     }
 
     public function get(string $entityId): ?EntityDto
@@ -65,16 +71,4 @@ public function getIterator()
     {
         return new \ArrayIterator($this->entities);
     }
-
-    private function processEntities(EntityDto $entityDto, $entityInstances): array
-    {
-        $dtos = [];
-
-        foreach ($entityInstances as $entityInstance) {
-            $dto = $entityDto->newWithInstance($entityInstance);
-            $dtos[$dto->getPrimaryKeyValue()] = $dto;
-        }
-
-        return $dtos;
-    }
 }
diff --git a/src/Collection/FieldCollection.php b/src/Collection/FieldCollection.php
@@ -48,6 +48,11 @@ public function set(FieldDto $newOrUpdatedField): void
         $this->fields[$newOrUpdatedField->getProperty()] = $newOrUpdatedField;
     }
 
+    public function unset(FieldDto $removedField): void
+    {
+        unset($this->fields[$removedField->getProperty()]);
+    }
+
     public function offsetExists($offset): bool
     {
         return \array_key_exists($offset, $this->fields);
diff --git a/src/Controller/AbstractCrudController.php b/src/Controller/AbstractCrudController.php
@@ -28,6 +28,7 @@
 use EasyCorp\Bundle\EasyAdminBundle\Event\BeforeEntityUpdatedEvent;
 use EasyCorp\Bundle\EasyAdminBundle\Exception\EntityRemoveException;
 use EasyCorp\Bundle\EasyAdminBundle\Exception\ForbiddenActionException;
+use EasyCorp\Bundle\EasyAdminBundle\Exception\InsufficientEntityPermissionException;
 use EasyCorp\Bundle\EasyAdminBundle\Factory\ActionFactory;
 use EasyCorp\Bundle\EasyAdminBundle\Factory\EntityFactory;
 use EasyCorp\Bundle\EasyAdminBundle\Factory\FilterFactory;
@@ -115,7 +116,7 @@ public function index(AdminContext $context)
         $queryBuilder = $this->createIndexQueryBuilder($context->getSearch(), $context->getEntity(), $fields, $filters);
         $paginator = $this->get(PaginatorFactory::class)->create($queryBuilder);
 
-        $entities = EntityCollection::new($context->getEntity(), $paginator->getResults());
+        $entities = $this->get(EntityFactory::class)->createCollection($context->getEntity(), $paginator->getResults());
         $this->get(EntityFactory::class)->processFieldsForAll($entities, $fields);
         $globalActions = $this->get(EntityFactory::class)->processActionsForAll($entities, $context->getCrud()->getActionsConfig());
 
@@ -150,6 +151,10 @@ public function detail(AdminContext $context)
             throw new ForbiddenActionException($context);
         }
 
+        if (!$context->getEntity()->isAccessible()) {
+            throw new InsufficientEntityPermissionException($context);
+        }
+
         $this->get(EntityFactory::class)->processFields($context->getEntity(), FieldCollection::new($this->configureFields(Crud::PAGE_DETAIL)));
         $this->get(EntityFactory::class)->processActions($context->getEntity(), $context->getCrud()->getActionsConfig());
 
@@ -180,6 +185,10 @@ public function edit(AdminContext $context)
             throw new ForbiddenActionException($context);
         }
 
+        if (!$context->getEntity()->isAccessible()) {
+            throw new InsufficientEntityPermissionException($context);
+        }
+
         $this->get(EntityFactory::class)->processFields($context->getEntity(), FieldCollection::new($this->configureFields(Crud::PAGE_EDIT)));
         $this->get(EntityFactory::class)->processActions($context->getEntity(), $context->getCrud()->getActionsConfig());
         $entityInstance = $context->getEntity()->getInstance();
@@ -259,6 +268,10 @@ public function new(AdminContext $context)
             throw new ForbiddenActionException($context);
         }
 
+        if (!$context->getEntity()->isAccessible()) {
+            throw new InsufficientEntityPermissionException($context);
+        }
+
         $context->getEntity()->setInstance($this->createEntity($context->getEntity()->getFqcn()));
         $this->get(EntityFactory::class)->processFields($context->getEntity(), FieldCollection::new($this->configureFields(Crud::PAGE_NEW)));
         $this->get(EntityFactory::class)->processActions($context->getEntity(), $context->getCrud()->getActionsConfig());
@@ -333,6 +346,10 @@ public function delete(AdminContext $context)
             throw new ForbiddenActionException($context);
         }
 
+        if (!$context->getEntity()->isAccessible()) {
+            throw new InsufficientEntityPermissionException($context);
+        }
+
         $csrfToken = $context->getRequest()->request->get('token');
         if (!$this->isCsrfTokenValid('ea-delete', $csrfToken)) {
             return $this->redirectToRoute($context->getDashboardRouteName());
diff --git a/src/Dto/EntityDto.php b/src/Dto/EntityDto.php
@@ -14,26 +14,26 @@
  */
 final class EntityDto
 {
+    private $isAccessible;
     private $fqcn;
     private $metadata;
     private $instance;
     private $primaryKeyName;
     private $primaryKeyValue;
     private $permission;
-    private $userHasPermission;
     /** @var ?FieldDtoCollection */
     private $fields;
     /** @var ActionCollection */
     private $actions;
 
     public function __construct(string $entityFqcn, ClassMetadata $entityMetadata, ?string $entityPermission = null, $entityInstance = null)
     {
+        $this->isAccessible = true;
         $this->fqcn = $entityFqcn;
         $this->metadata = $entityMetadata;
         $this->instance = $entityInstance;
         $this->primaryKeyName = $this->metadata->getIdentifierFieldNames()[0];
         $this->permission = $entityPermission;
-        $this->userHasPermission = true;
     }
 
     public function getFqcn(): string
@@ -103,14 +103,14 @@ public function getPermission(): ?string
 
     public function isAccessible(): bool
     {
-        return true === $this->userHasPermission;
+        return $this->isAccessible;
     }
 
     public function markAsInaccessible(): void
     {
+        $this->isAccessible = false;
         $this->instance = null;
         $this->fields = null;
-        $this->userHasPermission = false;
     }
 
     public function getFields(): ?FieldCollection
diff --git a/src/Exception/InsufficientEntityPermissionException.php b/src/Exception/InsufficientEntityPermissionException.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace EasyCorp\Bundle\EasyAdminBundle\Exception;
+
+use EasyCorp\Bundle\EasyAdminBundle\Context\AdminContext;
+use EasyCorp\Bundle\EasyAdminBundle\Context\ExceptionContext;
+
+/**
+ * @author Javier Eguiluz <javier.eguiluz@gmail.com>
+ */
+final class InsufficientEntityPermissionException extends BaseException
+{
+    public function __construct(AdminContext $adminContext)
+    {
+        $parameters = [
+            'entity_fqcn' => $adminContext->getEntity()->getFqcn(),
+            'entity_id' => $entityId = $adminContext->getRequest()->query->get('entityId'),
+        ];
+
+        if (empty($entityId)) {
+            $debugMessage = sprintf('You don\'t have enough permissions to access this instance of the "%s" entity.', $parameters['entity_fqcn']);
+        } else {
+            $debugMessage = sprintf('You don\'t have enough permissions to access the instance of the "%s" entity with id  = %s.', $parameters['entity_fqcn'], $entityId);
+        }
+
+        $exceptionContext = new ExceptionContext(
+            'exception.insufficient_entity_permission',
+            $debugMessage,
+            $parameters,
+            403
+        );
+
+        parent::__construct($exceptionContext);
+    }
+}
diff --git a/src/Factory/EntityFactory.php b/src/Factory/EntityFactory.php
@@ -75,6 +75,23 @@ public function createForEntityInstance($entityInstance): EntityDto
         return $this->doCreate(null, null, null, $entityInstance);
     }
 
+    public function createCollection(EntityDto $entityDto, ?iterable $entityInstances): EntityCollection
+    {
+        $entityDtos = [];
+
+        foreach ($entityInstances as $entityInstance) {
+            $newEntityDto = $entityDto->newWithInstance($entityInstance);
+            $newEntityId = $newEntityDto->getPrimaryKeyValue();
+            if (!$this->authorizationChecker->isGranted(Permission::EA_VIEW_ENTITY, $newEntityDto)) {
+                $newEntityDto->markAsInaccessible();
+            }
+
+            $entityDtos[$newEntityId] = $newEntityDto;
+        }
+
+        return EntityCollection::new($entityDtos);
+    }
+
     private function doCreate(?string $entityFqcn = null, $entityId = null, ?string $entityPermission = null, $entityInstance = null): EntityDto
     {
         if (null === $entityInstance && null !== $entityFqcn) {
diff --git a/src/Factory/FieldFactory.php b/src/Factory/FieldFactory.php
@@ -71,6 +71,8 @@ public function processFields(EntityDto $entityDto, FieldCollection $fields): vo
 
         foreach ($fields as $fieldName => $fieldDto) {
             if (false === $this->authorizationChecker->isGranted(Permission::EA_VIEW_FIELD, $fieldDto)) {
+                $fields->unset($fieldDto);
+
                 continue;
             }
 
diff --git a/src/Resources/translations/EasyAdminBundle.ar.php b/src/Resources/translations/EasyAdminBundle.ar.php
@@ -121,5 +121,6 @@
         // 'entity_not_found' => '',
         // 'entity_remove' => '',
         // 'forbidden_action' => '',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.bg.php b/src/Resources/translations/EasyAdminBundle.bg.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Този елемент вече не е налице.',
         'entity_remove' => 'Този елемент не може да бъде изтрит, защото други елементи зависят от него.',
         'forbidden_action' => 'Заявеното действие не може да се изпълни за този елемент.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.ca.php b/src/Resources/translations/EasyAdminBundle.ca.php
@@ -121,5 +121,6 @@
         // 'entity_not_found' => '',
         // 'entity_remove' => '',
         // 'forbidden_action' => '',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.cs.php b/src/Resources/translations/EasyAdminBundle.cs.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Tato položka již není dostupná.',
         'entity_remove' => 'Tato položka nemůže být smazána, neboť na ní závisí ostatní položky.',
         'forbidden_action' => 'Požadovaná akce nemůže být provedena na této položce.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.da.php b/src/Resources/translations/EasyAdminBundle.da.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Emnet er ikke længerer tilgængeligt.',
         'entity_remove' => 'Dette emne kan ikke slettes, da der er andre emner der er afhængige af det.',
         'forbidden_action' => 'Denne handling kan ikke udføres på dette emne.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.de.php b/src/Resources/translations/EasyAdminBundle.de.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Dieses Element ist nicht mehr verfügbar.',
         'entity_remove' => 'Dieses Element kann nicht gelöscht werden, weil andere Elemente darauf angewiesen sind.',
         'forbidden_action' => 'Die gewünschte Aktion kann kann mit diesem Element nicht ausgeführt werden.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.el.php b/src/Resources/translations/EasyAdminBundle.el.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Αυτό το αντικείμενο δεν είναι πλέον διαθέσιμο.',
         'entity_remove' => 'Το αντικείμενο δεν είναι δυνατόν να διαγραφεί διότη υπάρχουν αντικείμενο που βασίζονται σε αυτό.',
         'forbidden_action' => 'Η ενέργεια αυτή είναι αδύνατον να εφαρμοστεί σε αυτό το αντικείμενο.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.en.php b/src/Resources/translations/EasyAdminBundle.en.php
@@ -122,5 +122,6 @@
         'entity_not_found' => 'This item is no longer available.',
         'entity_remove' => 'This item can\'t be deleted because other items depend on it.',
         'forbidden_action' => 'The requested action can\'t be performed on this item.',
+        'insufficient_entity_permission' => 'You don\'t have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.es.php b/src/Resources/translations/EasyAdminBundle.es.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Este elemento ya no está disponible.',
         'entity_remove' => 'Este elemento no se puede eliminar porque otros elementos dependen de él.',
         'forbidden_action' => 'No se puede realizar la acción solicitada en este elemento.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.eu.php b/src/Resources/translations/EasyAdminBundle.eu.php
@@ -121,5 +121,6 @@
         // 'entity_not_found' => '',
         // 'entity_remove' => '',
         // 'forbidden_action' => '',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.fa.php b/src/Resources/translations/EasyAdminBundle.fa.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'این آیتم دیگر در دسترس نیست',
         'entity_remove' => 'این آیتم نمی‌تواند حذف شود، زیرا آیتم های وابسته‌ای دارد.',
         'forbidden_action' => 'عملیات درخواستی در مورد این آیتم قابل انجام نیست.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.fi.php b/src/Resources/translations/EasyAdminBundle.fi.php
@@ -121,5 +121,6 @@
         // 'entity_not_found' => '',
         // 'entity_remove' => '',
         // 'forbidden_action' => '',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.fr.php b/src/Resources/translations/EasyAdminBundle.fr.php
@@ -122,5 +122,6 @@
         'entity_not_found' => 'Cet élément n\'est plus disponible.',
         'entity_remove' => 'Cet élément ne peut être supprimé car d\'autres éléments en dépendent.',
         'forbidden_action' => 'L\'action demandée ne peut être exécutée sur cet élément.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.gl.php b/src/Resources/translations/EasyAdminBundle.gl.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Este elemento xa no está dispoñible.',
         'entity_remove' => 'Este elemento non se pode eliminar porque outros elementos dependen del.',
         'forbidden_action' => 'Non se pode realizar a acción solicitada neste elemento.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.hr.php b/src/Resources/translations/EasyAdminBundle.hr.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Ta stavka više nije dostupna.',
         'entity_remove' => 'Ta stavka ne može se izbrisati jer ovise o njoj ostale stavke.',
         'forbidden_action' => 'Zatražena radnja ne može se izvršiti na ovoj stavci.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.hu.php b/src/Resources/translations/EasyAdminBundle.hu.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Ez az elem már nem elérhető.',
         'entity_remove' => 'Ez az elem nem törölhető más kapcsolódó adatok miatt.',
         'forbidden_action' => 'A kért művelet nem hajtható végre ezen az elemen.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.it.php b/src/Resources/translations/EasyAdminBundle.it.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Questo elemento non è più disponibile.',
         'entity_remove' => 'L\'elemento selezionato non può essere cancellato perché altri elementi dipendono da questo.',
         'forbidden_action' => 'L\'azione richiesta non può essere eseguita su questo elemento.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.lt.php b/src/Resources/translations/EasyAdminBundle.lt.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Šis elementas nebepasiekiamas.',
         'entity_remove' => 'Šis elementas negali būti ištrintas, nes nuo jo priklauso kiti elementai.',
         'forbidden_action' => 'Norimas atlikti veiksmas šiam elementui negalimas.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.nl.php b/src/Resources/translations/EasyAdminBundle.nl.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Het item is niet langer beschikbaar.',
         'entity_remove' => 'Dit item kan niet verwijderd worden omdat andere items ervan afhankelijk zijn.',
         'forbidden_action' => 'De gevraagde actie kan niet worden uitgevoerd op dit item.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.no.php b/src/Resources/translations/EasyAdminBundle.no.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Elementet er ikke lenger tilgjengelig.',
         'entity_remove' => 'Elementet kan ikke slettes fordi andre elementer er avhengig av det.',
         'forbidden_action' => 'Den angitte handlingen kan ikke utføres på dette elementet.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.pl.php b/src/Resources/translations/EasyAdminBundle.pl.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Ten obiekt nie jest już dostępny.',
         'entity_remove' => 'Ten obiekt nie może być usunięty ponieważ istnieją inne, które są z nim powiązane.',
         'forbidden_action' => 'Na tej pozycji nie można wykonać wybranej akcji.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.pt.php b/src/Resources/translations/EasyAdminBundle.pt.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Este item não está mais disponível.',
         'entity_remove' => 'Esse item não pode ser excluído porque outros itens dependem dele.',
         'forbidden_action' => 'A ação requisitada não pode ser executada nesse item.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.pt_BR.php b/src/Resources/translations/EasyAdminBundle.pt_BR.php
@@ -121,5 +121,6 @@
         'entity_not_found' => 'Este item não está mais disponível.',
         'entity_remove' => 'Esse item não pode ser excluído porque outros itens dependem dele.',
         'forbidden_action' => 'A ação requisitada não pode ser executada nesse item.',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.ro.php b/src/Resources/translations/EasyAdminBundle.ro.php
@@ -121,5 +121,6 @@
         // 'entity_not_found' => '',
         // 'entity_remove' => '',
         // 'forbidden_action' => '',
+        // 'insufficient_entity_permission' => 'You don't have permission to access this item.',
     ],
 ];
diff --git a/src/Resources/translations/EasyAdminBundle.ru.php b/src/Resources/translations/EasyAdminBundle.ru.php
diff --git a/src/Resources/translations/EasyAdminBundle.sl.php b/src/Resources/translations/EasyAdminBundle.sl.php
diff --git a/src/Resources/translations/EasyAdminBundle.sr_RS.php b/src/Resources/translations/EasyAdminBundle.sr_RS.php
diff --git a/src/Resources/translations/EasyAdminBundle.sv.php b/src/Resources/translations/EasyAdminBundle.sv.php
diff --git a/src/Resources/translations/EasyAdminBundle.tr.php b/src/Resources/translations/EasyAdminBundle.tr.php
diff --git a/src/Resources/translations/EasyAdminBundle.uk.php b/src/Resources/translations/EasyAdminBundle.uk.php
diff --git a/src/Resources/translations/EasyAdminBundle.zh_CN.php b/src/Resources/translations/EasyAdminBundle.zh_CN.php

Original file line number	Diff line number	Diff line change
`@@ -13,14 +13,20 @@ final class EntityCollection implements CollectionInterface`
`13`	`13`	`/** @var EntityDto[] */`
`14`	`14`	`private $entities;`
`15`	`15`
`16`		`- private function __construct(EntityDto $entityDto, iterable $entityInstances)`
	`16`	`+ /**`
	`17`	`+ * @param EntityDto[] $entities`
	`18`	`+ */`
	`19`	`+ private function __construct(array $entities)`
`17`	`20`	`{`
`18`		`- $this->entities = $this->processEntities($entityDto, $entityInstances);`
	`21`	`+ $this->entities = $entities;`
`19`	`22`	`}`
`20`	`23`
`21`		`- public static function new(EntityDto $entityDto, iterable $entityInstances): self`
	`24`	`+ /**`
	`25`	`+ * @param EntityDto[] $entities`
	`26`	`+ */`
	`27`	`+ public static function new(array $entities): self`
`22`	`28`	`{`
`23`		`- return new self($entityDto, $entityInstances);`
	`29`	`+ return new self($entities);`
`24`	`30`	`}`
`25`	`31`
`26`	`32`	`public function get(string $entityId): ?EntityDto`
`@@ -65,16 +71,4 @@ public function getIterator()`
`65`	`71`	`{`
`66`	`72`	`return new \ArrayIterator($this->entities);`
`67`	`73`	`}`
`68`		`-`
`69`		`- private function processEntities(EntityDto $entityDto, $entityInstances): array`
`70`		`- {`
`71`		`- $dtos = [];`
`72`		`-`
`73`		`- foreach ($entityInstances as $entityInstance) {`
`74`		`- $dto = $entityDto->newWithInstance($entityInstance);`
`75`		`- $dtos[$dto->getPrimaryKeyValue()] = $dto;`
`76`		`- }`
`77`		`-`
`78`		`- return $dtos;`
`79`		`- }`
`80`	`74`	`}`
Original file line number	Diff line number	Diff line change
`@@ -48,6 +48,11 @@ public function set(FieldDto $newOrUpdatedField): void`
`48`	`48`	`$this->fields[$newOrUpdatedField->getProperty()] = $newOrUpdatedField;`
`49`	`49`	`}`
`50`	`50`
	`51`	`+ public function unset(FieldDto $removedField): void`
	`52`	`+ {`
	`53`	`+ unset($this->fields[$removedField->getProperty()]);`
	`54`	`+ }`
	`55`	`+`
`51`	`56`	`public function offsetExists($offset): bool`
`52`	`57`	`{`
`53`	`58`	`return \array_key_exists($offset, $this->fields);`
Original file line number	Diff line number	Diff line change
`@@ -71,6 +71,8 @@ public function processFields(EntityDto $entityDto, FieldCollection $fields): vo`
`71`	`71`
`72`	`72`	`foreach ($fields as $fieldName => $fieldDto) {`
`73`	`73`	`if (false === $this->authorizationChecker->isGranted(Permission::EA_VIEW_FIELD, $fieldDto)) {`
	`74`	`+ $fields->unset($fieldDto);`
	`75`	`+`
`74`	`76`	`continue;`
`75`	`77`	`}`
`76`	`78`