Exception Caught: You are not authorized to create Invoices/Quotes

Hi
After upgraded Sugarcrm from v10.0.4 to v11.0.0

We found that one of the api function throwing an exception and the message were

{ "status": "fail", "message": "Exception Caught: You are not authorized to create Invoices/Quotes. Contact your administrator if you need access." }

I have tried

1. Admin->Repaired Roles
2. Check the roles permission and nothing were set which mean all user have all access right.
3. Check the custom acl module and we did have one custom acl module, but it's not related Invoices/Quotes module.
Can anyone give me any hints to narrow down where I should check?

Thank you.




  • Please review the User account. What license are they assigned? Are they a member of any role? You can see this on the Users profile on the Access Tab. Does the user have the ability to Save the Invoices/Quotes?

  • Hi Jeff,
    Thank you for your reply.

    After spending two days for debugging, I am confusing about the user role thing.
    The exception is throwing by this file /SugarPro/clients/base/api/ModuleApi.php and the method is createBean

            if (!$bean->ACLAccess('save', $this->aclCheckOptions)) {
                // No create access so we construct an error message and throw the exception
                $moduleName = null;
                if(isset($args['module'])){
                    $failed_module_strings = return_module_language($GLOBALS['current_language'], $args['module']);
                    $moduleName = $failed_module_strings['LBL_MODULE_NAME'];
                }
                $args = null;
                if(!empty($moduleName)){
                    $args = array('moduleName' => $moduleName);
                }
                throw new SugarApiExceptionNotAuthorized('EXCEPTION_CREATE_MODULE_NOT_AUTHORIZED', $args);
            }


    In order to use postman for testing, I disable the required login. Then, I try to call our custom api which will turn out creating a new non paid invoice.

    The questions is, if no login require, then how come sugar will check the ACLAccess?


    Which account sugar is using to check the role and permission?

  • In a future post at sugardevelopersguide.substack.com, I will provide step-by-step instructions on using PHPStrorm to debug your Sugar instance. 

    I'll provide examples via Postman, the browser, and CLI.

    If you don't subscribe; please do so so you are notified when there are new posts