How To Fix CMS019 - You do not have authorization to change the data (only display)

The SAP error message CMS019, which states "You do not have authorization to change the data (only display)," typically indicates that the user does not have the necessary authorization to perform a specific action, such as modifying or changing data in the system. This is a common issue in SAP environments where user roles and authorizations are strictly managed to ensure data integrity and security.
Cause:

Authorization Roles: The user’s role does not include the necessary permissions to change the data. This could be due to the way roles are configured in the SAP system.
Object Level Security: The user may have display-only access to certain objects or transactions, which restricts them from making changes.
Transaction-Specific Restrictions: Some transactions may have specific authorizations that are not included in the user's assigned roles.
Profile Issues: The user profile may not be correctly set up to allow for data modification.

Solution:

Check User Roles: Review the user’s assigned roles and authorizations using transaction code SU01 (User Maintenance) or PFCG (Role Maintenance). Ensure that the necessary roles that allow data modification are assigned.
Authorization Object: Identify the specific authorization object that is causing the restriction. This can be done by checking the transaction codes and the associated authorization objects.
Request Additional Authorizations: If the user requires additional permissions, they should request the necessary authorizations from their SAP security administrator or the person responsible for managing user roles.
Testing: After changes are made to the user’s roles or authorizations, test the transaction again to ensure that the issue is resolved.
Consult Documentation: Refer to SAP documentation or internal guidelines for specific authorization requirements related to the transaction or data being accessed.

Related Information:

Transaction Codes: 

SU01: User Maintenance
PFCG: Role Maintenance
SU53: Display Authorization Check (to analyze authorization issues)


Authorization Objects: Common authorization objects related to data modification include S_DATA, S_TCODE, and others depending on the specific module or transaction.
SAP Security: Understanding the basics of SAP security and authorization concepts can help in troubleshooting similar issues in the future.

If the problem persists after checking and updating the authorizations, it may be necessary to involve the SAP Basis team or a security consultant for further investigation.