From 79a3e414187f48364368ffda39f097196afbb692 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 4 Jun 2019 12:48:06 +0200
Subject: [PATCH] Hook 'getAccessForbiddenMessage'

---
 ChangeLog                               |  1 +
 htdocs/core/class/hookmanager.class.php |  7 ++++---
 htdocs/core/lib/security.lib.php        | 25 +++++++++++++++++++------
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index b641ec2029e..e0f4159c49e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -128,6 +128,7 @@ NEW: Upgrade jquery lib to 3.3.1
 NEW: Add hook 'addHtmlHeader()'
 NEW: Add hook 'createRecurringInvoices()'
 NEW: Add hook 'afterSelectContactOptions'
+NEW: Add hook 'getAccessForbiddenMessage'
 NEW: Add hook support in accountancy index
 NEW: Add hook support in list of template invoices
 NEW: Add parameter 'replaceambiguouschars' on getRandomPassword function
diff --git a/htdocs/core/class/hookmanager.class.php b/htdocs/core/class/hookmanager.class.php
index f23aa1da5a3..f1abc148291 100644
--- a/htdocs/core/class/hookmanager.class.php
+++ b/htdocs/core/class/hookmanager.class.php
@@ -165,11 +165,12 @@ class HookManager
 				'formattachOptions',
 				'formBuilddocLineOptions',
 				'formatNotificationMessage',
-				'getFormMail',
-				'getIdProfUrl',
+				'getAccessForbiddenMessage',
 				'getDirList',
-			    'getFormatedCustomerRef',
+				'getFormMail',
+				'getFormatedCustomerRef',
 			    'getFormatedSupplierRef',
+				'getIdProfUrl',
 				'moveUploadedFile',
 				'moreHtmlStatus',
 				'pdf_build_address',
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index 0dbbb7f0829..11866ea6782 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -659,7 +659,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand
  */
 function accessforbidden($message = '', $printheader = 1, $printfooter = 1, $showonlymessage = 0)
 {
-    global $conf, $db, $user, $langs;
+    global $conf, $db, $user, $langs, $hookmanager;
     if (! is_object($langs))
     {
         include_once DOL_DOCUMENT_ROOT.'/core/class/translate.class.php';
@@ -681,14 +681,27 @@ function accessforbidden($message = '', $printheader = 1, $printfooter = 1, $sho
 	print '<br>';
 	if (empty($showonlymessage))
 	{
-		if ($user->login)
+		global $action, $object;
+		if (empty($hookmanager))
 		{
-			print $langs->trans("CurrentLogin").': <font class="error">'.$user->login.'</font><br>';
-			print $langs->trans("ErrorForbidden2", $langs->trans("Home"), $langs->trans("Users"));
+			$hookmanager = new HookManager($db);
+			// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
+			$hookmanager->initHooks(array('main'));
 		}
-		else
+		$parameters = array('message'=>$message);
+		$reshook=$hookmanager->executeHooks('getAccessForbiddenMessage', $parameters, $object, $action);    // Note that $action and $object may have been modified by some hooks
+		print $hookmanager->resPrint;
+		if (empty($reshook))
 		{
-			print $langs->trans("ErrorForbidden3");
+			if ($user->login)
+			{
+				print $langs->trans("CurrentLogin").': <font class="error">'.$user->login.'</font><br>';
+				print $langs->trans("ErrorForbidden2",$langs->trans("Home"),$langs->trans("Users"));
+			}
+			else
+			{
+				print $langs->trans("ErrorForbidden3");
+			}
 		}
 	}
 	if ($printfooter && function_exists("llxFooter")) llxFooter();