From 7e16d0c1d3de4e30fa0649acaf4a32af715752d3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?=
 <marcosgdf@gmail.com>
Date: Tue, 13 Jan 2015 01:48:58 +0100
Subject: [PATCH] Fix: [ bug #1792 ] Users are not allowed to see margins
 module index page when no product view permission is enabled

---
 ChangeLog                         |  1 +
 htdocs/margin/index.php           | 13 ++++++++++++-
 htdocs/margin/lib/margins.lib.php | 23 ++++++++++++++---------
 3 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f27b039619a..58085ba2c5a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,7 @@ Fix: Paypal link were broken dur to SSL v3 closed.
 Fix: [ bug #1769 ] Error when installing to a PostgreSQL DB that contains numbers
 Fix: [ bug #1752 ] Date filter of margins module, filters since 12H instead of 00H
 Fix: [ bug #1757 ] Sorting breaks product/service statistics
+Fix: [ bug #1792 ] Users are not allowed to see margins module index page when no product view permission is enabled
 
 ***** ChangeLog for 3.5.6 compared to 3.5.5 *****
 Fix: Avoid missing class error for fetch_thirdparty method #1973
diff --git a/htdocs/margin/index.php b/htdocs/margin/index.php
index 6ab989b524c..68c7ef150db 100644
--- a/htdocs/margin/index.php
+++ b/htdocs/margin/index.php
@@ -1,5 +1,6 @@
 <?php
 /* Copyright (C) 2012	Christophe Battarel	<christophe.battarel@altairis.fr>
+ * Copyright (C) 2014   Marcos García       <marcosgdf@gmail.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -21,6 +22,16 @@
  *	\brief      Page d'index du module margin
  */
 
-require 'productMargins.php';
+require '../main.inc.php';
+
+if ($user->rights->produit->lire) {
+	$page = 'productMargins';
+} elseif ($user->rights->societe->lire) {
+	$page = 'customerMargins';
+} else {
+	$page = 'agentMargins';
+}
+
+header('Location: '.dol_buildpath('/margin/'.$page.'.php', 1));
 
 ?>
diff --git a/htdocs/margin/lib/margins.lib.php b/htdocs/margin/lib/margins.lib.php
index 2dadd9500f2..cb73b2289e2 100644
--- a/htdocs/margin/lib/margins.lib.php
+++ b/htdocs/margin/lib/margins.lib.php
@@ -1,5 +1,6 @@
 <?php
 /* Copyright (C) 2012	Christophe Battarel	<christophe.battarel@altairis.fr>
+ * Copyright (C) 2014   Marcos García       <marcosgdf@gmail.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -56,21 +57,25 @@ function marges_admin_prepare_head()
  */
 function marges_prepare_head()
 {
-	global $langs, $conf;
+	global $langs, $conf, $user;
 	$langs->load("marges@marges");
 
 	$h = 0;
 	$head = array();
 
-	$head[$h][0] = DOL_URL_ROOT."/margin/productMargins.php";
-	$head[$h][1] = $langs->trans("ProductMargins");
-	$head[$h][2] = 'productMargins';
-	$h++;
+	if ($user->rights->produit->lire) {
+		$head[$h][0] = DOL_URL_ROOT."/margin/productMargins.php";
+		$head[$h][1] = $langs->trans("ProductMargins");
+		$head[$h][2] = 'productMargins';
+		$h++;
+	}
 
-	$head[$h][0] = DOL_URL_ROOT."/margin/customerMargins.php";
-	$head[$h][1] = $langs->trans("CustomerMargins");
-	$head[$h][2] = 'customerMargins';
-	$h++;
+	if ($user->rights->societe->lire) {
+		$head[$h][0] = DOL_URL_ROOT."/margin/customerMargins.php";
+		$head[$h][1] = $langs->trans("CustomerMargins");
+		$head[$h][2] = 'customerMargins';
+		$h++;
+	}
 
 	$head[$h][0] = DOL_URL_ROOT."/margin/agentMargins.php";
 	$head[$h][1] = $langs->trans("AgentMargins");