From b5a12ff0881eece583ba3d7974cb495fc4ee022e Mon Sep 17 00:00:00 2001
From: simnandez <jmenent@2byte.es>
Date: Mon, 2 Jul 2012 17:36:41 +0200
Subject: [PATCH 1/2] Trad: Add missing translations

---
 htdocs/langs/ca_ES/contracts.lang | 1 +
 htdocs/langs/ca_ES/install.lang   | 6 +++++-
 htdocs/langs/es_ES/contracts.lang | 1 +
 htdocs/langs/es_ES/install.lang   | 4 ++++
 4 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/htdocs/langs/ca_ES/contracts.lang b/htdocs/langs/ca_ES/contracts.lang
index 36a951891cb..08af34a7784 100644
--- a/htdocs/langs/ca_ES/contracts.lang
+++ b/htdocs/langs/ca_ES/contracts.lang
@@ -39,6 +39,7 @@ ConfirmCloseService=Esteu segur de voler tancar aquest servei?
 ValidateAContract=Validar un contracte
 ActivateService=Activar el servei
 ConfirmActivateService=Esteu segur de voler activar aquest servei en data %s?
+RefContract=Ref. contracte
 DateContract=Data contracte
 DateServiceActivate=Data activació del servei
 DateServiceUnactivate=Data desactivació del servei
diff --git a/htdocs/langs/ca_ES/install.lang b/htdocs/langs/ca_ES/install.lang
index 02e7366f001..02e98c0a52c 100644
--- a/htdocs/langs/ca_ES/install.lang
+++ b/htdocs/langs/ca_ES/install.lang
@@ -155,7 +155,11 @@ MigrationShippingDelivery2=Actualització de les dades expedicions 2
 MigrationFinished=Acabada l'actualització
 LastStepDesc=<strong>Últim pas</strong>: Indiqueu aquí el compte i la contrasenya del primer usuari que fareu servir per connectar-se a l'aplicació. No perdi aquests identificadors, és el compte que permet administrar la resta.
 ActivateModule=Activació del mòdul %s
-#########=
+LinkedElementsInvalidDeleted=han estat eliminats <b>%s</b> enllaços invàlids
+NothingToDelete=No s'ha trobat enllaços invàlids
+SourceType=Origen
+TargetType=Destí
+#########
 # upgrade=
 MigrationFixData=Correcció de dades desnormalitzades
 MigrationOrder=Migració de dades de les comandes clients
diff --git a/htdocs/langs/es_ES/contracts.lang b/htdocs/langs/es_ES/contracts.lang
index 0509a2951ae..e81f133a31f 100644
--- a/htdocs/langs/es_ES/contracts.lang
+++ b/htdocs/langs/es_ES/contracts.lang
@@ -39,6 +39,7 @@ ConfirmCloseService=¿Está seguro de querer cerrar este servicio?
 ValidateAContract=Validar un contrato
 ActivateService=Activar el servicio
 ConfirmActivateService=¿Está seguro de querer activar este servicio en fecha %s?
+RefContract=Ref. contrato
 DateContract=Fecha contrato
 DateServiceActivate=Fecha activación del servicio
 DateServiceUnactivate=Fecha desactivación del servicio
diff --git a/htdocs/langs/es_ES/install.lang b/htdocs/langs/es_ES/install.lang
index 3e344427cca..52882e9b7c5 100644
--- a/htdocs/langs/es_ES/install.lang
+++ b/htdocs/langs/es_ES/install.lang
@@ -155,6 +155,10 @@ MigrationShippingDelivery2=Actualización de los datos de expediciones 2
 MigrationFinished=Actualización terminada
 LastStepDesc=<strong>Último paso</strong>: Indique aquí la cuenta y la contraseña del primer usuario que usted utilizará para conectarse a la aplicación. No pierda estos identificadores, es la cuenta que permite administrar el resto.
 ActivateModule=Activación del módulo %s
+LinkedElementsInvalidDeleted=han sido eliminados <b>%s</b> enlaces inválidos
+NothingToDelete=No se han encontrado enlaces inválidos
+SourceType=Origen
+TargetType=Destino
 #########
 # upgrade
 MigrationFixData=Corrección de datos desnormalizados

From ea21064ca22cefdc03d713aba75e2a657aa4f7e6 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Mon, 2 Jul 2012 20:04:28 +0200
Subject: [PATCH 2/2] Fix: access problem if thirdparty module is disable

---
 htdocs/adherents/agenda.php      |  2 +-
 htdocs/core/lib/security.lib.php | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/htdocs/adherents/agenda.php b/htdocs/adherents/agenda.php
index bd5f0f66894..41b23d465d9 100644
--- a/htdocs/adherents/agenda.php
+++ b/htdocs/adherents/agenda.php
@@ -40,7 +40,7 @@ $mesg=isset($_GET["mesg"])?'<div class="ok">'.$_GET["mesg"].'</div>':'';
 $id = GETPOST('id','int');
 
 // Security check
-if (! $user->rights->adherent->lire) accessforbidden();
+$result=restrictedArea($user,'adherent',$id);
 
 $object = new Adherent($db);
 $result=$object->fetch($id);
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index 54567b0bc66..a5051caf0c2 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -286,7 +286,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
         {
             $sql='';
 
-            $check = array('banque','user','usergroup','produit','service','produit|service','categorie'); // Test on entity only (Objects with no link to company)
+            $check = array('adherent','banque','user','usergroup','produit','service','produit|service','categorie'); // Test on entity only (Objects with no link to company)
             $checksoc = array('societe');	 // Test for societe object
             $checkother = array('contact');	 // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...).
             $checkproject = array('projet'); // Test for project object
@@ -319,7 +319,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
                     if ($user->societe_id <> $objectid) accessforbidden();
                 }
                 // If internal user: Check permission for internal users that are restricted on their objects
-                else if (! $user->rights->societe->client->voir)
+                else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
                 {
                     $sql = "SELECT sc.fk_soc";
                     $sql.= " FROM (".MAIN_DB_PREFIX."societe_commerciaux as sc";
@@ -349,7 +349,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
                     $sql.= " AND dbt.fk_soc = ".$user->societe_id;
                 }
                 // If internal user: Check permission for internal users that are restricted on their objects
-                else if (! $user->rights->societe->client->voir)
+                else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
                 {
                     $sql = "SELECT dbt.rowid";
                     $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
@@ -369,7 +369,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
             }
             else if (in_array($feature,$checkproject))
             {
-                if (! $user->rights->projet->all->lire)
+                if (! empty($conf->projet->enabled) && ! $user->rights->projet->all->lire)
                 {
                     include_once(DOL_DOCUMENT_ROOT."/projet/class/project.class.php");
                     $projectstatic=new Project($db);
@@ -396,7 +396,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
                     $sql.= " AND dbt.".$dbt_keyfield." = ".$user->societe_id;
                 }
                 // If internal user: Check permission for internal users that are restricted on their objects
-                else if (! $user->rights->societe->client->voir)
+                else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
                 {
                     $sql = "SELECT sc.fk_soc";
                     $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
@@ -486,4 +486,4 @@ function accessforbidden($message='',$printheader=1,$printfooter=1,$showonlymess
     exit(0);
 }
 
-?>
\ No newline at end of file
+?>