From 9af64e6432e64bc241941a8eec9480c4d9dc8cee Mon Sep 17 00:00:00 2001
From: Reede Stockton <reede.stockton@salesforce.com>
Date: Fri, 22 Sep 2023 16:52:32 -0700
Subject: [PATCH 1/2] Add read check on Status__c to findDIRecords.

---
 .../classes/BDI_DataImportDeleteBTN_CTRL.cls  | 37 ++++++++++++++++---
 .../classes/BDI_DataImportDeleteBTN_TEST.cls  |  4 +-
 2 files changed, 33 insertions(+), 8 deletions(-)

diff --git a/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls b/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls
index 0a95ba2a2e8..24d44158834 100644
--- a/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls
+++ b/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls
@@ -46,16 +46,36 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
     @TestVisible
     private List<DataImport__c> dataImports;
 
+    public Boolean canRead {
+        get {
+            if(this.canRead == null) {
+                this.canRead = this.checkRead();
+            }
+            return this.canRead;
+        }
+        private set;
+    }
+
     public Boolean canDelete {
         get {
             if(this.canDelete == null) {
-               this.canDelete = this.checkDelete();
+                this.canDelete = this.checkDelete();
             }
             return this.canDelete;
         }
         private set;
     }
 
+    public UTIL_Permissions perms {
+        get {
+            if(this.perms == null) {
+                this.perms = new UTIL_Permissions();
+            }
+            return this.perms;
+        }
+        private set;
+    }
+
     /** @description Controller constructor */
     public BDI_DataImportDeleteBTN_CTRL() {}
 
@@ -65,8 +85,8 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
      * @return PageReference Page specified in 'retURL' parameter or Home page
      */
     public PageReference buttonClick() {
-        if (!checkDelete()) {
-            displayDeleteError();
+        if (!checkRead() || !checkDelete()) {
+            displayAccessError();
             return null;
         }
 
@@ -91,11 +111,16 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
         return UTIL_Permissions.getInstance().canDelete(DataImport__c.SObjectType);
     }
 
-    private void displayDeleteError() {
+    public Boolean checkRead() {
+        Set<SObjectField> findFields = new Set<SObjectField>{DataImport__c.Status__c.getDescribe().getSobjectField()};
+        return perms.canRead(DataImport__c.SObjectType, findFields);
+    }
+
+    private void displayAccessError() {
         ApexPages.addMessage(new ApexPages.Message(
                 ApexPages.Severity.ERROR,
                 String.format(
-                        System.Label.exceptionDeletePermission,
+                        System.Label.commonAccessErrorMessage,
                         new List<String>{ SObjectType.DataImport__c.getLabel() })));
     }
 
@@ -138,7 +163,7 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
                 delete dataImports;
                 return close();
             } else {
-                displayDeleteError();
+                displayAccessError();
                 return null;
             }
         } catch (Exception e) {
diff --git a/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls b/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls
index 30645a73a2f..a88b9bc2415 100644
--- a/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls
+++ b/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls
@@ -39,7 +39,7 @@
 class BDI_DataImportDeleteBTN_TEST {
 
     /** @description Error message returned when user does not have Delete permission on the SObject */
-    static String INSUFFICIENT_ACCESS_ERROR_MSG = 'INSUFFICIENT_ACCESS_OR_READONLY';
+    static String INSUFFICIENT_ACCESS_ERROR_MSG = System.Label.commonAccessErrorMessage;
 
     /** @description Static method executed before each test method is run */
     static {
@@ -189,7 +189,7 @@ class BDI_DataImportDeleteBTN_TEST {
         testPageErrorMessageDisplayOnDeleteActionException(
             'TestDeleteAllDataImportRecordsBtnExceptionMessageDisplay',
             BDI_DataImportDeleteBTN_CTRL.ACTION_DELETE_ALL,
-            String.format(System.Label.exceptionDeletePermission, new List<String>{ SObjectType.DataImport__c.getLabel() }),
+            String.format(System.Label.commonAccessErrorMessage, new List<String>{ SObjectType.DataImport__c.getLabel() }),
             false
         );
     }

From 97c5ada2c98b146932eded5df04e2e6140a16317 Mon Sep 17 00:00:00 2001
From: Reede Stockton <reede.stockton@salesforce.com>
Date: Sat, 23 Sep 2023 11:00:43 -0700
Subject: [PATCH 2/2] Fix message reference in test & adopt single approach to
 UTIL_Permissions

---
 .../classes/BDI_DataImportDeleteBTN_CTRL.cls  | 22 +------------------
 .../classes/BDI_DataImportDeleteBTN_TEST.cls  |  2 +-
 2 files changed, 2 insertions(+), 22 deletions(-)

diff --git a/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls b/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls
index 24d44158834..daa96335b97 100644
--- a/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls
+++ b/force-app/main/default/classes/BDI_DataImportDeleteBTN_CTRL.cls
@@ -46,16 +46,6 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
     @TestVisible
     private List<DataImport__c> dataImports;
 
-    public Boolean canRead {
-        get {
-            if(this.canRead == null) {
-                this.canRead = this.checkRead();
-            }
-            return this.canRead;
-        }
-        private set;
-    }
-
     public Boolean canDelete {
         get {
             if(this.canDelete == null) {
@@ -66,16 +56,6 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
         private set;
     }
 
-    public UTIL_Permissions perms {
-        get {
-            if(this.perms == null) {
-                this.perms = new UTIL_Permissions();
-            }
-            return this.perms;
-        }
-        private set;
-    }
-
     /** @description Controller constructor */
     public BDI_DataImportDeleteBTN_CTRL() {}
 
@@ -113,7 +93,7 @@ public with sharing class BDI_DataImportDeleteBTN_CTRL {
 
     public Boolean checkRead() {
         Set<SObjectField> findFields = new Set<SObjectField>{DataImport__c.Status__c.getDescribe().getSobjectField()};
-        return perms.canRead(DataImport__c.SObjectType, findFields);
+        return UTIL_Permissions.getInstance().canRead(DataImport__c.SObjectType, findFields);
     }
 
     private void displayAccessError() {
diff --git a/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls b/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls
index a88b9bc2415..98d43b6525c 100644
--- a/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls
+++ b/force-app/main/default/classes/BDI_DataImportDeleteBTN_TEST.cls
@@ -39,7 +39,7 @@
 class BDI_DataImportDeleteBTN_TEST {
 
     /** @description Error message returned when user does not have Delete permission on the SObject */
-    static String INSUFFICIENT_ACCESS_ERROR_MSG = System.Label.commonAccessErrorMessage;
+    static String INSUFFICIENT_ACCESS_ERROR_MSG = 'INSUFFICIENT_ACCESS_OR_READONLY';
 
     /** @description Static method executed before each test method is run */
     static {