diff --git a/htdocs/document.php b/htdocs/document.php
index 7f3e7b1939cce943a4203e16d091544998df9b76..fc047d13056e052daaf949542873ac3eccc0716b 100644
--- a/htdocs/document.php
+++ b/htdocs/document.php
@@ -3,6 +3,7 @@
  * Copyright (C) 2004-2010 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2005      Simon Tosser         <simon@kornog-computing.com>
  * Copyright (C) 2005-2009 Regis Houssin        <regis@dolibarr.fr>
+ * Copyright (C) 2010	   Pierre Morin         <pierre.morin@auguria.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -448,12 +449,17 @@ if ($modulepart)
 	else
 	{
 		$user->getrights($modulepart);
-		if ($user->rights->$modulepart->lire || $user->rights->$modulepart->read || preg_match('/^specimen/i',$original_file))
+		$subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS';
+		if(isset($conf->global->$subPermCategoryConstName)) $subPermCategory = $conf->global->$subPermCategoryConstName;
+		if ( ((isset($subPermCategory)==false) && (($user->rights->$modulepart->lire) || ($user->rights->$modulepart->read) || ($user->rights->$modulepart->download))) || (isset($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download))) || preg_match('/^specimen/i',$original_file) )
 		{
 			$accessallowed=1;
 		}
 		$original_file=$conf->$modulepart->dir_output.'/'.$original_file;
-		$sqlprotectagainstexternals = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$refname."' AND entity=".$conf->entity;
+		$sqlProtectConstName = strtoupper($modulepart).'_SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS';
+		if(isset($conf->global->$sqlProtectConstName)) eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";');
+		//less generic/modular than the 2 lines upper :
+		//$sqlprotectagainstexternals = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$refname."' AND entity=".$conf->entity;
 	}	
 }