From 33866c50d42badb1058053facc8f92e89f5b6b81 Mon Sep 17 00:00:00 2001
From: Oleg Andreyev <oleg.andreyev@lampa.lv>
Date: Wed, 16 Jul 2025 10:42:04 -0400
Subject: [PATCH 1/2] Adding custom test as PoC that shows if field(s) from
 first entity are banned, table is broken - which is a wrong behavior

---
 src/Attribute/AdminDashboard.php              |  4 +-
 .../src/Security/CustomVoter.php              | 61 +++++++++++++++++
 tests/VoterTest.php                           | 68 +++++++++++++++++++
 3 files changed, 131 insertions(+), 2 deletions(-)
 create mode 100644 tests/TestApplication/src/Security/CustomVoter.php
 create mode 100644 tests/VoterTest.php

diff --git a/src/Attribute/AdminDashboard.php b/src/Attribute/AdminDashboard.php
index eef97709d7..dfdda6a268 100644
--- a/src/Attribute/AdminDashboard.php
+++ b/src/Attribute/AdminDashboard.php
@@ -12,11 +12,11 @@ public function __construct(
         /**
          * @var string|null $routePath The path of the Symfony route that will be created for the dashboard (e.g. '/admin)
          */
-        public /* ?string */ $routePath = null,
+        /* ?string */ public $routePath = null,
         /**
          * @var string|null $routeName The name of the Symfony route that will be created for the dashboard (e.g. 'admin')
          */
-        public /* ?string */ $routeName = null,
+        /* ?string */ public $routeName = null,
         /**
          * @var array{
          *     requirements?: array<string, string>,
diff --git a/tests/TestApplication/src/Security/CustomVoter.php b/tests/TestApplication/src/Security/CustomVoter.php
new file mode 100644
index 0000000000..03d52dbb5b
--- /dev/null
+++ b/tests/TestApplication/src/Security/CustomVoter.php
@@ -0,0 +1,61 @@
+<?php
+
+namespace EasyCorp\Bundle\EasyAdminBundle\Tests\TestApplication\Security;
+
+use EasyCorp\Bundle\EasyAdminBundle\Dto\EntityDto;
+use EasyCorp\Bundle\EasyAdminBundle\Dto\FieldDto;
+use EasyCorp\Bundle\EasyAdminBundle\Security\Permission;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Voter;
+
+/**
+ * Custom voter that allows to ban an entity and its property from being processed.
+ *
+ * This is only for testing purposes, to simulate the behavior of the FieldFactory::processFields() method when
+ * EA_VIEW_FIELD will return FALSE, on first entity, which is used to build table theaders.
+ */
+class CustomVoter extends Voter
+{
+    private ?object $banEntity = null;
+    private ?string $banEntityProperty = null;
+
+    protected function supports(string $attribute, mixed $subject): bool
+    {
+        return Permission::exists($attribute);
+    }
+
+    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
+    {
+        static $entities = [];
+
+        if ($subject instanceof EntityDto && $subject->getInstance()) {
+            $entities[] = $subject;
+        }
+
+        foreach ($entities as $entityDto) {
+            if ($this->banEntity && $entityDto->getInstance() === $this->banEntity) {
+                // imitate the behavior of FieldFactory::processFields()
+                // which removes the field from the entity if it is not granted
+                if ($subject instanceof FieldDto) {
+                    if ($fieldDto = $entityDto->getFields()?->getByProperty($this->banEntityProperty)) {
+                        $entityDto->getFields()->unset($fieldDto);
+                    }
+                }
+            }
+        }
+
+        return true;
+    }
+
+    public function ban(object $entity, ?string $propertyName = null): void
+    {
+        $this->banEntity = $entity;
+        $this->banEntityProperty = $propertyName;
+    }
+
+    public function removeBan(): void
+    {
+        $this->banEntity = null;
+        $this->banEntityProperty = null;
+    }
+}
diff --git a/tests/VoterTest.php b/tests/VoterTest.php
new file mode 100644
index 0000000000..3ad65d5a23
--- /dev/null
+++ b/tests/VoterTest.php
@@ -0,0 +1,68 @@
+<?php
+
+namespace EasyCorp\Bundle\EasyAdminBundle\Tests;
+
+use Doctrine\ORM\EntityRepository;
+use EasyCorp\Bundle\EasyAdminBundle\Test\AbstractCrudTestCase;
+use EasyCorp\Bundle\EasyAdminBundle\Tests\TestApplication\Controller\DashboardController;
+use EasyCorp\Bundle\EasyAdminBundle\Tests\TestApplication\Controller\Sort\WebsiteCrudController;
+use EasyCorp\Bundle\EasyAdminBundle\Tests\TestApplication\Entity\Website;
+use EasyCorp\Bundle\EasyAdminBundle\Tests\TestApplication\Security\CustomVoter;
+use Symfony\Component\Security\Core\Authorization\Strategy\UnanimousStrategy;
+
+class VoterTest extends AbstractCrudTestCase
+{
+    /**
+     * @var EntityRepository
+     */
+    private $repository;
+
+    protected function getControllerFqcn(): string
+    {
+        return WebsiteCrudController::class;
+    }
+
+    protected function getDashboardFqcn(): string
+    {
+        return DashboardController::class;
+    }
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+        $this->client->followRedirects();
+        $this->repository = $this->entityManager->getRepository(Website::class);
+    }
+
+    public function testingVoter()
+    {
+        // Arrange
+        $expectedAmountMapping = [];
+        $entities = $this->repository->findAll();
+
+        /** @var CustomVoter $voter */
+        $voter = $this->getContainer()->get(CustomVoter::class);
+        $voter->ban($entities[0], 'name');
+
+        // UnanimousStrategy
+        $accessDecisionManager = $this->getContainer()->get('security.access.decision_manager');
+        \Closure::bind(function () {
+            $this->strategy = new UnanimousStrategy();
+        }, $accessDecisionManager, $accessDecisionManager)();
+
+        /**
+         * @var Website $entity
+         */
+        foreach ($entities as $entity) {
+            $expectedAmountMapping[$entity->getName()] = $entity->getPages()->count();
+        }
+
+        // Act
+        $crawler = $this->client->request('GET', $this->generateIndexUrl());
+
+        // Assert
+        $this->assertResponseIsSuccessful();
+        $this->assertSelectorExists('th[data-column="pages"]');
+        $this->assertSelectorExists('th[data-column="name"]');
+    }
+}

From 61d1c005e26aac3a4cbc22749860a03ece9a5bbf Mon Sep 17 00:00:00 2001
From: Oleg Andreyev <oleg.andreyev@lampa.lv>
Date: Wed, 16 Jul 2025 10:51:20 -0400
Subject: [PATCH 2/2] Remove unused expectedAmountMapping and related redundant
 code in VoterTest

Signed-off-by: Oleg Andreyev <oleg.andreyev@lampa.lv>
---
 tests/VoterTest.php | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/tests/VoterTest.php b/tests/VoterTest.php
index 3ad65d5a23..daedd79284 100644
--- a/tests/VoterTest.php
+++ b/tests/VoterTest.php
@@ -37,7 +37,6 @@ protected function setUp(): void
     public function testingVoter()
     {
         // Arrange
-        $expectedAmountMapping = [];
         $entities = $this->repository->findAll();
 
         /** @var CustomVoter $voter */
@@ -50,13 +49,6 @@ public function testingVoter()
             $this->strategy = new UnanimousStrategy();
         }, $accessDecisionManager, $accessDecisionManager)();
 
-        /**
-         * @var Website $entity
-         */
-        foreach ($entities as $entity) {
-            $expectedAmountMapping[$entity->getName()] = $entity->getPages()->count();
-        }
-
         // Act
         $crawler = $this->client->request('GET', $this->generateIndexUrl());