From 9709207a4f5c429855e126700e8a6b9a36fd3c97 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@capnetworks.com>
Date: Mon, 2 Jul 2018 10:18:16 +0200
Subject: [PATCH] Fix: superadmin can show all users in master entity

---
 htdocs/core/class/commonobject.class.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 9d020ab8dd4..1dfc9c90718 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -1539,8 +1539,12 @@ abstract class CommonObject
 		else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid';			// If we need to link to societe to limit select to socid
 		if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
 			if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
-				$sql.= " AND (ug.fk_user = te.rowid";
-				$sql.= " AND ug.entity IN (".getEntity($this->element)."))";
+				if (! empty($user->admin) && empty($user->entity) && $conf->entity == 1) {
+					$sql.= " AND te.entity IS NOT NULL"; // Show all users
+				} else {
+					$sql.= " AND ug.fk_user = te.rowid";
+					$sql.= " AND ug.entity IN (".getEntity($this->element).")";
+				}
 			} else {
 				$sql.= ' AND te.entity IN ('.getEntity($this->element).')';
 			}
@@ -1581,8 +1585,12 @@ abstract class CommonObject
 		else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid';			// If we need to link to societe to limit select to socid
 		if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
 			if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
-				$sql.= " AND (ug.fk_user = te.rowid";
-				$sql.= " AND ug.entity IN (".getEntity($this->element)."))";
+				if (! empty($user->admin) && empty($user->entity) && $conf->entity == 1) {
+					$sql.= " AND te.entity IS NOT NULL"; // Show all users
+				} else {
+					$sql.= " AND ug.fk_user = te.rowid";
+					$sql.= " AND ug.entity IN (".getEntity($this->element).")";
+				}
 			} else {
 				$sql.= ' AND te.entity IN ('.getEntity($this->element).')';
 			}