From e382d49299274878a6c8231c5f7aaccda81d8436 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 29 Mar 2021 13:49:24 +0200
Subject: [PATCH] Fix bad permission

---
 htdocs/core/lib/files.lib.php           | 3 ++-
 htdocs/core/modules/modExport.class.php | 4 ++--
 htdocs/document.php                     | 1 +
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index 0cd03ebb475..8c73ca6fd1c 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -2243,6 +2243,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 		$modulepart = 'user';
 	}
 
+	//print 'dol_check_secure_access_document modulepart='.$modulepart.' original_file='.$original_file.' entity='.$entity;
 	dol_syslog('dol_check_secure_access_document modulepart='.$modulepart.' original_file='.$original_file.' entity='.$entity);
 
 	// We define $accessallowed and $sqlprotectagainstexternals
@@ -2727,7 +2728,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 	} elseif ($modulepart == 'export' && !empty($conf->export->dir_temp)) {
 		// Wrapping for export module
 		// Note that a test may not be required because we force the dir of download on the directory of the user that export
-		$accessallowed = $user->rights->export->run;
+		$accessallowed = $user->rights->export->lire;
 		$original_file = $conf->export->dir_temp.'/'.$fuser->id.'/'.$original_file;
 	} elseif ($modulepart == 'import' && !empty($conf->import->dir_temp)) {
 		// Wrapping for import module
diff --git a/htdocs/core/modules/modExport.class.php b/htdocs/core/modules/modExport.class.php
index 6a47b7b74fd..278a70e6339 100644
--- a/htdocs/core/modules/modExport.class.php
+++ b/htdocs/core/modules/modExport.class.php
@@ -78,14 +78,14 @@ class modExport extends DolibarrModules
 
 		$r++;
 		$this->rights[$r][0] = 1201;
-		$this->rights[$r][1] = 'Lire les exports';
+		$this->rights[$r][1] = 'Read exports';
 		$this->rights[$r][2] = 'r';
 		$this->rights[$r][3] = 0;
 		$this->rights[$r][4] = 'lire';
 
 		$r++;
 		$this->rights[$r][0] = 1202;
-		$this->rights[$r][1] = 'Creer/modifier un export';
+		$this->rights[$r][1] = 'Creeate/modify export';
 		$this->rights[$r][2] = 'w';
 		$this->rights[$r][3] = 0;
 		$this->rights[$r][4] = 'creer';
diff --git a/htdocs/document.php b/htdocs/document.php
index 59501cc4701..a0c4fcb640a 100644
--- a/htdocs/document.php
+++ b/htdocs/document.php
@@ -207,6 +207,7 @@ if (empty($modulepart)) {
 
 // Check security and set return info with full path of file
 $check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $user, $refname);
+var_dump($check_access);
 $accessallowed              = $check_access['accessallowed'];
 $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
 $fullpath_original_file     = $check_access['original_file']; // $fullpath_original_file is now a full path name