diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php
index 0e91bd5bc9f..881f741650d 100644
--- a/htdocs/viewimage.php
+++ b/htdocs/viewimage.php
@@ -234,7 +234,7 @@ if (empty($modulepart)) {
 	accessforbidden('Bad value for parameter modulepart', 0, 0, 1);
 }
 
-$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $refname);
+$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $user, $refname);
 $accessallowed              = $check_access['accessallowed'];
 $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
 $fullpath_original_file     = $check_access['original_file']; // $fullpath_original_file is now a full path name