Fix: limit access setup page of core module to superadmin

htdocs/admin/multicompany.php

@@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT.'/multicompany/multicompany.class.php');
 
 $langs->load("admin");
 
-if (!$user->admin)
+if (!$user->admin || $user->entity)
 accessforbidden();
 
 $mc = new Multicompany($db);
@@ -88,7 +88,7 @@ else
 {
 	print_titre($langs->trans("ListOfEntity"));
 	
-	$mc->getEntities();
+	$mc->getEntities(1);
 	//var_dump($mc->entities);
 	
 	$mc->assign_smarty_values($smarty,$_GET["action"]);

htdocs/multicompany/multicompany.class.php

@@ -163,7 +163,7 @@ class Multicompany
 	/**
 	 *    \brief      List of entities
 	 */
-	function getEntities()
+	function getEntities($details=0)
 	{
 		global $conf;
 		
@@ -195,7 +195,7 @@ class Multicompany
 				
 				$this->entities[$i]['label']   = $obj->value;
 				$this->entities[$i]['id']      = $obj->entity;
-				$this->entities[$i]['details'] = $this->fetch($entity);
+				if ($details) $this->entities[$i]['details'] = $this->fetch($entity);
 				$this->entities[$i]['active']  = $active;
 				
 				$i++;