From 5a759d156436128041e204360ec9b3807598c692 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Fri, 26 Jan 2007 16:10:24 +0000
Subject: [PATCH] =?UTF-8?q?Fix:=20am=E9lioration=20de=20la=20restriction?=
 =?UTF-8?q?=20des=20commerciaux=20qui=20pouvait=20interf=E9rer=20avec=20le?=
 =?UTF-8?q?s=20utilisateurs=20externe?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/comm/propal.php | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php
index 78819d11a97..c81984c7838 100644
--- a/htdocs/comm/propal.php
+++ b/htdocs/comm/propal.php
@@ -73,22 +73,25 @@ if ($_GET['propalid'] > 0)
       dolibarr_print_error($db,$propal->error);
       exit;
   }
-  
-  // Protection restriction commercial
-  if (!$user->rights->commercial->client->voir)
+  if ($user->societe_id > 0 && $propal->socid <> $user->societe_id)
   {
-    $sql = "SELECT sc.fk_soc";
+  	accessforbidden();
+  }
+  // Protection restriction commercial
+  else if (!$user->rights->commercial->client->voir)
+  {
+  	$sql = "SELECT sc.fk_soc";
     $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc";
     $sql .= " WHERE sc.fk_soc = ".$propal->socid." AND sc.fk_user = ".$user->id;
     if ( $db->query($sql) )
     {
-      if ( $db->num_rows() == 0) accessforbidden();
+      if ( $db->num_rows() == 0)
+      {
+      	accessforbidden();
+      }
     }
   }
   //fin de Protection restriction commercial
-  
-  if ($user->societe_id > 0 && $propal->socid <> $user->societe_id)
-    accessforbidden();
 }
 
 // Nombre de ligne pour choix de produit/service prédéfinis