diff --git a/htdocs/document.php b/htdocs/document.php
index bc0cc1eb933..a608dfe820e 100644
--- a/htdocs/document.php
+++ b/htdocs/document.php
@@ -173,7 +173,7 @@ $refname = basename(dirname($original_file)."/");
 if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart');
 
 // Check security and set return info with full path of file
-$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $refname);
+$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $user, $refname);
 $accessallowed              = $check_access['accessallowed'];
 $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
 $fullpath_original_file     = $check_access['original_file']; // $fullpath_original_file is now a full path name