From 60e85136df9703e824945111a6e96425c83ebd8b Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Thu, 12 Sep 2019 08:48:55 +0200
Subject: [PATCH 1/3] FIX an admin can not access his own permissions after
 enabling advanced permissions

---
 htdocs/user/perms.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 2560ccc7f04..209e68048c7 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -58,7 +58,8 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS))
 $socid=0;
 if (isset($user->societe_id) && $user->societe_id > 0) $socid = $user->societe_id;
 $feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
-if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms)))	// A user can always read its own card if not advanced perms enabled, or if he has advanced perms
+// A user can always read its own card if not advanced perms enabled, or if he has advanced perms, except for admin
+if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms)) && empty($user->admin))
 {
 	accessforbidden();
 }

From 27e3a2cb1d4db962246298b2a6940b71ce43e103 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 15 Sep 2019 15:32:43 +0200
Subject: [PATCH 2/3] Update perms.php

---
 htdocs/user/perms.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 209e68048c7..137ac659fd7 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -59,7 +59,7 @@ $socid=0;
 if (isset($user->societe_id) && $user->societe_id > 0) $socid = $user->societe_id;
 $feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
 // A user can always read its own card if not advanced perms enabled, or if he has advanced perms, except for admin
-if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms)) && empty($user->admin))
+if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms) && empty($user->admin)))
 {
 	accessforbidden();
 }

From ab07da02c4cabdfecb9220d36bac3304ed6270c5 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 15 Sep 2019 15:53:04 +0200
Subject: [PATCH 3/3] Fix scrutinizer

---
 htdocs/stripe/admin/stripe.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/stripe/admin/stripe.php b/htdocs/stripe/admin/stripe.php
index 02039f3edc2..c3c008a5874 100644
--- a/htdocs/stripe/admin/stripe.php
+++ b/htdocs/stripe/admin/stripe.php
@@ -221,7 +221,7 @@ if (empty($conf->stripeconnect->enabled))
             $endpoint = \Stripe\WebhookEndpoint::retrieve($conf->global->STRIPE_TEST_WEBHOOK_ID);
             $endpoint->enabled_events = $stripearrayofwebhookevents;
             if (GETPOST('webhook', 'alpha') == $conf->global->STRIPE_TEST_WEBHOOK_ID) {
-                if (empty(GETPOST('status', 'alpha'))) {
+                if (! GETPOST('status', 'alpha')) {
                     $endpoint->disabled = true;
                 } else {
                     $endpoint->disabled = false;