diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 7cb41b1d708..8aa36f0544a 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -560,7 +560,7 @@ Permission34=Delete products
 Permission36=See/manage hidden products
 Permission38=Export products
 Permission41=Read projects and tasks (shared project and projects i'm contact for). Can also enter time consumed on assigned tasks (timesheet)
-Permission42=Create/modify projects (shared project and projects i'm contact for)
+Permission42=Create/modify projects (shared project and projects i'm contact for). Can also create tasks and assign users to project and tasks
 Permission44=Delete projects (shared project and projects i'm contact for)
 Permission45=Export projects
 Permission61=Read interventions
@@ -663,7 +663,7 @@ PermissionAdvanced253=Create/modify internal/external users and permissions
 Permission254=Create/modify external users only
 Permission255=Modify other users password
 Permission256=Delete or disable other users
-Permission262=Extend access to all third parties (not only those linked to user). Not effective for external users (always limited to themselves).
+Permission262=Extend access to all third parties (not only third parties that user is a sale representative). Not effective for external users (always limited to themselves for proposals, orders, invoices, contracts, etc). Not effective for projects (only rules on project permissions, visibility and assignement matters).
 Permission271=Read CA
 Permission272=Read invoices
 Permission273=Issue invoices
diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang
index 6b99049e9ef..0e0b3e40960 100644
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -176,6 +176,7 @@ ErrorStockIsNotEnoughToAddProductOnShipment=Stock is not enough for product %s t
 ErrorStockIsNotEnoughToAddProductOnProposal=Stock is not enough for product %s to add it into a new proposal.
 ErrorFailedToLoadLoginFileForMode=Failed to get the login key for mode '%s'.
 ErrorPhpMailDelivery=Check that you don't use a too high number of recipients and that your email content is not similar to a Spam. Ask also your administrator to check firewall and server logs files for a more complete information.
+ErrorUserNotAssignedToTask=User must be assigned to task to be able to enter time consumed.
 
 # Warnings
 WarningPasswordSetWithNoAccount=A password was set for this member. However, no user account was created. So this password is stored but can't be used to login to Dolibarr. It may be used by an external module/interface but if you don't need to define any login nor password for a member, you can disable option "Manage a login for each member" from Member module setup. If you need to manage a login but don't need any password, you can keep this field empty to avoid this warning. Note: Email can also be used as a login if the member is linked to a user.  
diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php
index ad1d718fc55..8345ce69846 100644
--- a/htdocs/projet/card.php
+++ b/htdocs/projet/card.php
@@ -68,7 +68,7 @@ if ($id > 0 || ! empty($ref))
 
 // Security check
 $socid=GETPOST('socid');
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result = restrictedArea($user, 'projet', $object->id,'projet&project');
 
 // fetch optionals attributes and labels
diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php
index 794e9c3af00..492578905d9 100644
--- a/htdocs/projet/contact.php
+++ b/htdocs/projet/contact.php
@@ -46,7 +46,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php';  // Must be inclu
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result = restrictedArea($user, 'projet', $id,'projet&project');
 
 
diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php
index d59dec0dc4a..5bd46389eef 100644
--- a/htdocs/projet/document.php
+++ b/htdocs/projet/document.php
@@ -42,7 +42,7 @@ $mine 		= (GETPOST('mode','alpha') == 'mine' ? 1 : 0);
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result=restrictedArea($user,'projet',$id,'projet&project');
 
 $object = new Project($db);
diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php
index 5673f74aa34..9fc957fa66b 100644
--- a/htdocs/projet/element.php
+++ b/htdocs/projet/element.php
@@ -92,7 +92,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php';  // Must be inclu
 
 // Security check
 $socid=$object->socid;
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result = restrictedArea($user, 'projet', $projectid, 'projet&project');
 
 
diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php
index b86a961bd69..2b992e05ef6 100644
--- a/htdocs/projet/ganttview.php
+++ b/htdocs/projet/ganttview.php
@@ -43,7 +43,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php';  // Must be inclu
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result = restrictedArea($user, 'projet', $id,'projet&project');
 
 $langs->load("users");
diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php
index 752e3615464..20fca4b5abf 100644
--- a/htdocs/projet/index.php
+++ b/htdocs/projet/index.php
@@ -37,7 +37,7 @@ $mine = GETPOST('mode')=='mine' ? 1 : 0;
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 if (!$user->rights->projet->lire) accessforbidden();
 
 $sortfield = GETPOST("sortfield",'alpha');
diff --git a/htdocs/projet/info.php b/htdocs/projet/info.php
index c2e45560f74..281a2f8c94d 100644
--- a/htdocs/projet/info.php
+++ b/htdocs/projet/info.php
@@ -34,7 +34,7 @@ $langs->load("projects");
 // Security check
 $socid=0;
 $id = GETPOST("id",'int');
-if ($user->societe_id) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result=restrictedArea($user,'projet',$id,'');
 
 
diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php
index 6e7ccc26dd5..721baca4ced 100644
--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@@ -40,7 +40,7 @@ $title = $langs->trans("Projects");
 
 // Security check
 $socid = (is_numeric($_GET["socid"]) ? $_GET["socid"] : 0 );
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 if ($socid > 0)
 {
 	$soc = new Societe($db);
@@ -220,7 +220,9 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_lead_status as cls on p.fk_opp_status = cls.rowid";
 // We'll need this table joined to the select in order to filter by sale
-if ($search_sale > 0 || (! $user->rights->societe->client->voir && ! $socid)) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
+// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
+//if ($search_sale > 0 || (! $user->rights->societe->client->voir && ! $socid)) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
+if ($search_sale > 0) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
 if ($search_user > 0)
 {
 	$sql.=", ".MAIN_DB_PREFIX."element_contact as ecp";
@@ -271,7 +273,8 @@ if ($search_opp_status)
 }
 if ($search_public!='') $sql .= " AND p.public = ".$db->escape($search_public);
 if ($search_sale > 0) $sql.= " AND sc.fk_user = " .$search_sale;
-if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
+// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
+//if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
 if ($search_user > 0) $sql.= " AND ecp.fk_c_type_contact IN (".join(',',array_keys($listofprojectcontacttype)).") AND ecp.element_id = p.rowid AND ecp.fk_socpeople = ".$search_user; 
 if ($search_opp_amount != '') $sql .= natural_search('p.opp_amount', $search_opp_amount, 1);
 if ($search_budget_amount != '') $sql .= natural_search('p.budget_amount', $search_budget_amount, 1);
diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php
index 43df7ce3b3d..57bc235c8d0 100644
--- a/htdocs/projet/note.php
+++ b/htdocs/projet/note.php
@@ -41,7 +41,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php';  // Must be inclu
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid=$user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result = restrictedArea($user, 'projet', $id,'projet&project');
 
 $permissionnote=$user->rights->projet->creer;	// Used by the include of actions_setnotes.inc.php
diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php
index 9def807c746..5d5871ec280 100644
--- a/htdocs/projet/tasks.php
+++ b/htdocs/projet/tasks.php
@@ -61,7 +61,7 @@ $extralabels_task=$extrafields_task->fetch_name_optionals_label($taskstatic->tab
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 $result = restrictedArea($user, 'projet', $id,'projet&project');
 
 // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
@@ -413,7 +413,8 @@ else if ($id > 0 || ! empty($ref))
 	
 	// Get list of tasks in tasksarray and taskarrayfiltered
 	// We need all tasks (even not limited to a user because a task to user can have a parent that is not affected to him).
-	$tasksarray=$taskstatic->getTasksArray(0, 0, $object->id, $socid, 0);
+	$filteronthirdpartyid = $socid;
+	$tasksarray=$taskstatic->getTasksArray(0, 0, $object->id, $filteronthirdpartyid, 0);
 	// We load also tasks limited to a particular user
 	$tasksrole=($mode=='mine' ? $taskstatic->getUserRolesForProjectsOrTasks(0,$user,$object->id,0) : '');
 	//var_dump($tasksarray);
diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php
index 6689f966c15..23feb647fc8 100644
--- a/htdocs/projet/tasks/contact.php
+++ b/htdocs/projet/tasks/contact.php
@@ -42,7 +42,7 @@ $project_ref=GETPOST('project_ref','alpha');
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 //$result = restrictedArea($user, 'projet', $id, 'projet_task');
 if (! $user->rights->projet->lire) accessforbidden();
 
diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php
index c9a69fc81a4..15c73450be6 100644
--- a/htdocs/projet/tasks/document.php
+++ b/htdocs/projet/tasks/document.php
@@ -47,7 +47,7 @@ $project_ref = GETPOST('project_ref','alpha');
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 //$result=restrictedArea($user,'projet',$id,'');
 if (!$user->rights->projet->lire) accessforbidden();
 
diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php
index 5573441d646..f733ab03a1c 100644
--- a/htdocs/projet/tasks/list.php
+++ b/htdocs/projet/tasks/list.php
@@ -75,7 +75,7 @@ $search_array_options=$extrafields->getOptionalsFromPost($extralabels,'','search
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 if (!$user->rights->projet->lire) accessforbidden();
 
 $limit = GETPOST("limit")?GETPOST("limit","int"):$conf->liste_limit;
diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php
index 5d5cb38dbe5..880b2a25198 100644
--- a/htdocs/projet/tasks/note.php
+++ b/htdocs/projet/tasks/note.php
@@ -39,7 +39,7 @@ $project_ref = GETPOST('project_ref','alpha');
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 if (!$user->rights->projet->lire) accessforbidden();
 //$result = restrictedArea($user, 'projet', $id, '', 'task'); // TODO ameliorer la verification
 
diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php
index 6e0648b61e6..15ef42d5c83 100644
--- a/htdocs/projet/tasks/task.php
+++ b/htdocs/projet/tasks/task.php
@@ -47,7 +47,7 @@ $planned_workload=((GETPOST('planned_workloadhour')!='' && GETPOST('planned_work
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 if (! $user->rights->projet->lire) accessforbidden();
 
 // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php
index 96c849d8df9..f6da55731fc 100644
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -43,7 +43,7 @@ $project_ref=GETPOST('project_ref','alpha');
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+//if ($user->societe_id > 0) $socid = $user->societe_id;    // For external user, no check is done on company because readability is managed by public status of project and assignement.
 if (!$user->rights->projet->lire) accessforbidden();
 
 // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array