Refresh Name button/action does not check Opportunity OWD settings or Edit Opportunity permissions

[jamesbsfdc]

Background

On Opportunities there is a Button/Action called "Refresh Name". This button allows a user to apply the opportunity naming convention set in NPSP Settings to a single opportunity. See documentation here: https://powerofus.force.com/s/article/NPSP-Customize-Opportunity-Names#ariaid-title5

Summary of the Issue

Currently the button does not check to confirm the user who launches the button has Edit permissions for Opportunities or whether Opportunities are Public Read Only in the Organization-Wide Defaults.

Steps to Replicate

1. Create an Opportunity Naming Setting in NPSP Settings
2. Create a new profile or clone an existing profile (Ensure the profile does not have Edit on Opportunities)
3. Assign this profile to a test user and login as that user
4. Launch the Refresh Name button from an opportunity that does not currently have the naming convention applied
5. Confirm the Opportunity Name is updated

Alternatively

1. Set the Organization-Wide Defaults for Opportunity to Public Read Only
2. Login as a test user
3. Launch the Refresh Name button from an opportunity that does not currently have the naming convention applied and is not owned by the test user or any user lower than them in the role hierarchy
4. Confirm the Opportunity Name is updated

Workaround

Remove the Refresh Name button/action from the page layout if you do not want standard users being able to rename an individual opportunity

[jamesbsfdc]

W-8906303

[jamesbsfdc]

This issue has been migrated to the Known Issues site: https://trailblazer.salesforce.com/issues_view?id=a1p4V0000029kQPQAY&title=opportunity-naming-refresh-name-button-action-does-not-check-opportunity-owd-settings-or-edit-opportunity-permissions

Please follow the status of the issue there and select "This Issue Affects me" if you are affected by the issue.