06-22-2018 4:50 PM
Hello,
We have a custom program that displays transaction data received from external system. It also allows users to post material documents with certain movement types using goods movement create BAPI. We would like to restrict access such that some users are only able to view the report output and not post any document while some are able to post the documents as well. ST01 suggests authorization object M_MSEG_BWA being checked for posting. Could we achieve this with security config or do we need to include explicit authority check in z program? Thanks.