diff --git a/htdocs/lib/functions.lib.php b/htdocs/lib/functions.lib.php
index 615ece8493b..61a6bd7bf40 100644
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -1577,9 +1577,9 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
//dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select");
if ($dbt_select != 'rowid') $objectid = "'".$objectid."'";
- //print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", object_id=".$objectid;
+ //print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
- //print ", user_societe_contact_lire=".$user->rights->societe->contact->lire."
";
+ //print ", perm: ".$features."->".$feature2."=".$user->rights->$features->$feature2->lire."
";
// More features to check
$features = explode("&",$features);
@@ -1738,6 +1738,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
}
}
+ //print "Delete access is ko";
if (! $deleteok) accessforbidden();
//print "Delete access is ok";
}
diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 26660eb09e3..4511c3c139e 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -634,6 +634,13 @@ class User extends CommonObject
if ($this->db->query($sql))
{
+ }
+
+ // Remove group
+ $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user WHERE fk_user = ".$this->id;
+ if ($this->db->query($sql))
+ {
+
}
// Si contact, supprime lien
diff --git a/htdocs/user/fiche.php b/htdocs/user/fiche.php
index af52d9a8123..30663a3c17b 100644
--- a/htdocs/user/fiche.php
+++ b/htdocs/user/fiche.php
@@ -63,16 +63,9 @@ $confirm=GETPOST("confirm");
// Security check
$socid=0;
-if ($user->societe_id > 0)
-{
- $socid = $user->societe_id;
- $feature2='user';
-}
-if ($user->id == $_GET["id"]) // A user can always read its own card
-{
- $feature2='';
- $canreaduser=1;
-}
+if ($user->societe_id > 0) $socid = $user->societe_id;
+$feature2='user';
+if ($user->id == $_GET["id"]) { $feature2=''; $canreaduser=1; } // A user can always read its own card
$result = restrictedArea($user, 'user', $_GET["id"], '', $feature2);
if ($user->id <> $_GET["id"] && ! $canreaduser) accessforbidden();
@@ -106,7 +99,7 @@ if ($_GET["subaction"] == 'delrights' && $canedituser)
$edituser->delrights($_GET["rights"]);
}
-if ($action == 'confirm_disable' && $confirm == "yes")
+if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser)
{
if ($_GET["id"] <> $user->id)
{
@@ -117,7 +110,7 @@ if ($action == 'confirm_disable' && $confirm == "yes")
exit;
}
}
-if ($action == 'confirm_enable' && $confirm == "yes")
+if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser)
{
if ($_GET["id"] <> $user->id)
{
@@ -144,7 +137,7 @@ if ($action == 'confirm_enable' && $confirm == "yes")
}
}
-if ($action == 'confirm_delete' && $confirm == "yes")
+if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser)
{
if ($_GET["id"] <> $user->id)
{