How to determine security requirements to run a batch program

we use Security Administrator - Report Maintenance - Create an ObjSecReport and specify the Securable object
the report will show the access, security classes, role and users who have access to it.

I'm also interested in knowing if there is a LID command or IPA equivalent for the question.

Not sure if this helps, but you can type laenv at the prompt in Lid and the select User Desktop/Application Text/Print Technical Text. This will show you what tables are associated with the program, but probably not form security it requires.

The commandline version of JimY's suggestion is dburf
dburf productline ap ap520 > ap520.txt will provide the tables that are accessed for a particular form.
If you want to see if a program invokes (calls) other programs you can use the lstinvk command
lstinvk productline ap520

One of the reasons why I ask the question is we were kicking off an ap520 via process flow to pick up invoices but occasionally it grabs garnishments from payroll.  Those garnishments when picked up by AP520 were losing the comments.  It turned out the process flow account did not have access to L_hcvi which is where the comments are stored when sent over by payroll.

 

The dburf command nor the lstinkvk command does not list L_HCVI as a file being read from?

Hi Jason,

The "attachment" tables travel together with the tables they're based on.

L_HCVI and L_DCVI are connected to the CVI table. which is APCINVOICE (see the pattern?)

My recommendation: assuming you have a SecClass that is something like APFiles to include all of the AP tables, in the SecAdmin tool focus on Files, right-click on AP, Select next level, and it picks all of the tables under AP including the L_ attachment tables. Then when connecting APFiles to every user that has AP screens, the L_ tables are always included!

Regards,
Dave
(303) 773-3535