From 60e85136df9703e824945111a6e96425c83ebd8b Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Thu, 12 Sep 2019 08:48:55 +0200
Subject: [PATCH 1/2] FIX an admin can not access his own permissions after
 enabling advanced permissions

---
 htdocs/user/perms.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 2560ccc7f04..209e68048c7 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -58,7 +58,8 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS))
 $socid=0;
 if (isset($user->societe_id) && $user->societe_id > 0) $socid = $user->societe_id;
 $feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
-if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms)))	// A user can always read its own card if not advanced perms enabled, or if he has advanced perms
+// A user can always read its own card if not advanced perms enabled, or if he has advanced perms, except for admin
+if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms)) && empty($user->admin))
 {
 	accessforbidden();
 }

From 27e3a2cb1d4db962246298b2a6940b71ce43e103 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 15 Sep 2019 15:32:43 +0200
Subject: [PATCH 2/2] Update perms.php

---
 htdocs/user/perms.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 209e68048c7..137ac659fd7 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -59,7 +59,7 @@ $socid=0;
 if (isset($user->societe_id) && $user->societe_id > 0) $socid = $user->societe_id;
 $feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
 // A user can always read its own card if not advanced perms enabled, or if he has advanced perms, except for admin
-if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms)) && empty($user->admin))
+if ($user->id == $id && (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms) && empty($user->admin)))
 {
 	accessforbidden();
 }