From 76f1ea5233c9cfb1f5fa2a210efb2eb0597c7a9b Mon Sep 17 00:00:00 2001
From: rGaillard <remi.gaillard@prestashop.com>
Date: Wed, 8 Aug 2012 09:55:29 +0000
Subject: [PATCH] // small fix on adminpdf

---
 classes/controller/AdminController.php   |  2 --
 controllers/admin/AdminPdfController.php | 10 ++++++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/classes/controller/AdminController.php b/classes/controller/AdminController.php
index 219ac3113..07c35ffcf 100644
--- a/classes/controller/AdminController.php
+++ b/classes/controller/AdminController.php
@@ -1818,8 +1818,6 @@ class AdminControllerCore extends Controller
 			else
 				$this->errors[] = Tools::displayError('You do not have permission to edit here.');
 		}
-		elseif ($submitted_action = Tools::getValue('submitAction'.$this->table))
-				$this->action = $submitted_action;
 		elseif (Tools::getValue('submitAdd'.$this->table)
 				 || Tools::getValue('submitAdd'.$this->table.'AndStay')
 				 || Tools::getValue('submitAdd'.$this->table.'AndPreview'))
diff --git a/controllers/admin/AdminPdfController.php b/controllers/admin/AdminPdfController.php
index b7b10174b..2f4073484 100644
--- a/controllers/admin/AdminPdfController.php
+++ b/controllers/admin/AdminPdfController.php
@@ -35,6 +35,16 @@ class AdminPdfControllerCore extends AdminController
 		exit;
 	}
 
+	public function initProcess()
+	{
+		parent::initProcess();	
+		$access = Profile::getProfileAccess($this->context->employee->id_profile, (int)Tab::getIdFromClassName('AdminOrders'));
+		if ($access['view'] === '1' && ($action = Tools::getValue('submitAction')))
+			$this->action = $action;
+		else
+			$this->errors[] = Tools::displayError('You do not have permission to view here.');
+	}
+
 	public function processGenerateInvoicePdf()
 	{
 		if (Tools::isSubmit('id_order'))