Add OCR read, modify and delete to hasAccess. Check hasAccess in save().

SalesforceFoundation · Nov 9, 2023 · 8eb2765 · 8eb2765
1 parent 34efac3
commit 8eb2765
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 5 deletions.
diff --git a/force-app/main/default/classes/PSC_ManageSoftCredits_CTRL.cls b/force-app/main/default/classes/PSC_ManageSoftCredits_CTRL.cls
@@ -49,6 +49,7 @@ public with sharing class PSC_ManageSoftCredits_CTRL {
     @TestVisible private String currencySymbol;
 
     /** @description Set to true if the user has the appropriate permissions to access the page */
+    @TestVisible
     public Boolean hasAccess {
         get {
             if (hasAccess == null) {
@@ -231,16 +232,32 @@ public with sharing class PSC_ManageSoftCredits_CTRL {
         Boolean accessResult = false;
 
         SObjectType psc = Partial_Soft_Credit__c.getSObjectType();
-        if (perms.canCreate(psc) && UTIL_Permissions.canDelete(Schema.SObjectType.Partial_Soft_Credit__c.getName(), false)) {
-            Set<SObjectField> sObjectFieldsRead = new Set<SObjectField>{
+        SObjectType ocr = OpportunityContactRole.getSObjectType();
+        if (perms.canCreate(psc) && perms.canCreate(ocr) &&
+            UTIL_Permissions.canDelete(Schema.SObjectType.Partial_Soft_Credit__c.getName(), false) &&
+            UTIL_Permissions.canDelete(Schema.SObjectType.OpportunityContactRole.getName(), false)
+        ) {
+            Set<SObjectField> sObjectPSCFieldsRead = new Set<SObjectField>{
                 Partial_Soft_Credit__c.fields.Amount__c,
                 Partial_Soft_Credit__c.fields.Contact_Name__c,
                 Partial_Soft_Credit__c.fields.Contact_Role_ID__c,
                 Partial_Soft_Credit__c.fields.Role_Name__c
             };
-            Set<SObjectField> sObjectFieldsModify = sObjectFieldsRead.clone();
-            sObjectFieldsModify.remove(Partial_Soft_Credit__c.fields.Contact_Name__c);
-            if (!(perms.canRead(psc, sObjectFieldsRead) && perms.canUpdate(psc, sObjectFieldsModify))) {
+            Set<SObjectField> sObjectPSCFieldsModify = sObjectPSCFieldsRead.clone();
+            sObjectPSCFieldsModify.remove(Partial_Soft_Credit__c.fields.Contact_Name__c);
+
+            Set<SObjectField> sObjectOCRFieldsRead = new Set<SobjectField>{
+                OpportunityContactRole.fields.ContactId,
+                OpportunityContactRole.fields.OpportunityId,
+                OpportunityContactRole.fields.IsPrimary,
+                OpportunityContactRole.fields.Role
+            };
+            Set<SObjectField> sObjectOCRFieldsModify = sObjectOCRFieldsRead.clone();
+            sObjectOCRFieldsModify.remove(OpportunityContactRole.fields.OpportunityId);
+
+            if (!(perms.canRead(psc, sObjectPSCFieldsRead) && perms.canUpdate(psc, sObjectPSCFieldsModify) &&
+                  perms.canRead(ocr, sObjectOCRFieldsRead) && perms.canUpdate(ocr, sObjectOCRFieldsModify))
+            ) {
                 return accessResult;
             }
             accessResult = true;
@@ -266,6 +283,11 @@ public with sharing class PSC_ManageSoftCredits_CTRL {
     * @return the Opportunity's detail page if success, or null if any error encountered.
     */ 
     public PageReference save() {
+        if (!hasAccess) {
+            Apexpages.addMessage(new ApexPages.Message(ApexPages.Severity.WARNING, System.Label.commonAccessErrorMessage));
+            return null;
+        }
+
         Map<Id, String> donors = new Map<Id, String>(); // Contact Id, Contact Name
         for (OpportunityContactRole ocr : [SELECT Id, ContactId, Contact.Name FROM OpportunityContactRole WHERE OpportunityId = :opp.Id AND IsPrimary = true]) {
             donors.put(ocr.ContactId, ocr.Contact.Name);

diff --git a/force-app/main/default/classes/PSC_ManageSoftCredits_TEST.cls b/force-app/main/default/classes/PSC_ManageSoftCredits_TEST.cls
@@ -108,6 +108,7 @@ public with sharing class PSC_ManageSoftCredits_TEST {
         initTestDataWithoutPscs();
         Test.setCurrentPage(Page.PSC_ManageSoftCredits);
         PSC_ManageSoftCredits_CTRL ctrl = new PSC_ManageSoftCredits_CTRL(new ApexPages.StandardController(opp));
+
         system.assertEquals(0, ctrl.softCredits.size());
         system.assertEquals(0, ctrl.numberOfSoftCredits);
         system.assertEquals(acc.Id, ctrl.PrimaryContactId);
@@ -132,6 +133,7 @@ public with sharing class PSC_ManageSoftCredits_TEST {
 
         system.assertEquals(600, ctrl.oppTotalSoftCredit.Amount);
         Test.startTest();
+//        ctrl.hasAccess = true;
         system.assertNotEquals(null, ctrl.save());
         Test.stopTest();