Skip to Content
0

BAPI_GOODSMVT_CREATE Goods Issue auth object V_VBAK_AAT

May 11, 2017 at 01:12 PM

149

avatar image
Former Member

Hi all,

I wrote some code recently using BAPI_GOODSMVT_CREATE to do some automatic Goods Issues to sales order line items movement type 231. Some users are running into runtime errors of 'MESSAGE_TYPE_X' with the error analysis stating the following:

Yes, it seems pretty obvious that they are missing likely change authorization for sales orders of type ZOR, but what has me confused is that they run into no authorization issues when doing the same goods issue from mb1a and (they claim) MIGO. Can anyone help me explain why this additional security is necessary for the BAPI?

Thanks much,

-Chris

z0yni.png (18.3 kB)
10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Best Answer
Raymond Giuseppi
May 16, 2017 at 06:41 AM
0

Call transaction SU24 'Auth. Obj. Check Under Transactions' and input transaction/MB1A, then look at authorization-object V_BAK_AAT row, Column 'Check Ind' should display 'Do not Check' value. For MIGO it should show 'Check'.

(Some reference can be found in online documentation like Level 5: Document: Editing Authorization Default Data (Customer System)Editing Authorization Default Data (Customer System) in ABAP Authorization Concept)

Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Thanks, this is the closest to what I was looking for. I'm aware they have different authorizations between them but was trying to understand the why behind it. I'm guessing MB1A and MIGO/BAPI_GOODSMVT_CREATE are set to check v_vbak_att by default and users have been getting around it for the goods issues using MB1A as that has always worked for them.

0
avatar image
Former Member May 12, 2017 at 07:15 PM
1

Take authorization ST01 trace when you run from BAPI and when you run from MIGO; compare it you will get the answer.

Thanks

Anand

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Second that. Simply run the trace and see what's what.

0
Chintu adi May 12, 2017 at 11:54 AM
0

Hello,

you are talking about 2 different types of authority-checks and here checks are performed by the BAPI itself.

Check S_DEVELOP authorization object.

thank you.

Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

I appreciate the input, but I'm not sure I follow. S_DEVELOP is for developer/debug access. I can't imagine anyone needing that to be able to complete a Goods Issue via BAPI or MB1A/MIGO.

0