diff --git a/htdocs/core/actions_fetchobject.inc.php b/htdocs/core/actions_fetchobject.inc.php index b73f6adbae8..73d37e2ece5 100644 --- a/htdocs/core/actions_fetchobject.inc.php +++ b/htdocs/core/actions_fetchobject.inc.php @@ -30,7 +30,11 @@ if (($id > 0 || (!empty($ref) && !in_array($action, array('create', 'createtask', 'add')))) && (empty($cancel) || $id > 0)) { if (($id > 0 && is_numeric($id)) || !empty($ref)) { // To discard case when id is list of ids like '1,2,3...' - $ret = $object->fetch($id, (empty($ref)? '' : $ref)); + if ($object->element == 'usergroup') { + $ret = $object->fetch($id, (empty($ref)? '' : $ref), true); // to load $object->members + } else { + $ret = $object->fetch($id, (empty($ref)? '' : $ref)); + } if ($ret > 0) { $object->fetch_thirdparty(); $id = $object->id; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 2b5261ed16f..cbd0b22856b 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -222,23 +222,8 @@ $permsgroupbyentity = array(); $sql = "SELECT DISTINCT gr.fk_id, gu.entity"; // fk_id are permission id and entity is entity of the group $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,"; $sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; // all groups of a user -$sql .= " WHERE 1 = 1"; -// A very strange business rules. Must be same than into user->getrights() user/perms.php and user/group/perms.php -if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) { - if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { - $sql .= " AND gu.entity IN (0,".$conf->entity.")"; - } else { - //$sql .= " AND r.entity = ".((int) $conf->entity); - } -} else { - $sql .= " AND gr.entity = ".((int) $conf->entity); // Only groups created in current entity - // The entity on the table usergroup_user should be useless and should never be used because it is alreay into gr and r. - // but when using MULTICOMPANY_TRANSVERSE_MODE, we may insert record that make rubbish result due to duplicate record of - // other entities, so we are forced to add a filter here - $sql .= " AND gu.entity IN (0,".$conf->entity.")"; - //$sql .= " AND r.entity = ".((int) $conf->entity); // Only permission of modules enabled in current entity -} -// End of strange business rule +$sql .= " WHERE gr.entity = ".((int) $entity); +$sql .= " AND gu.entity =".((int) $entity); $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql .= " AND gu.fk_user = ".((int) $object->id);