diff --git a/addons/document/document.py b/addons/document/document.py
index a841f071b91..a39be42e77c 100644
--- a/addons/document/document.py
+++ b/addons/document/document.py
@@ -69,17 +69,14 @@ class document_file(osv.osv):
     ]
 
     def check(self, cr, uid, ids, mode, context=None, values=None):
+        """Overwrite check to verify access on directory to validate specifications of doc/access_permissions.rst"""
         super(document_file, self).check(cr, uid, ids, mode, context=context, values=values)
         if ids:
+            self.pool.get('ir.model.access').check(cr, uid, 'document.directory', mode)
+
             # use SQL to avoid recursive loop on read
-            cr.execute('SELECT id, parent_id from ir_attachment WHERE id in %s', (tuple(ids),))
-
-            parent_ids = []
-            for attach_id, attach_parent in cr.fetchall():
-                if attach_parent:
-                    parent_ids.append(attach_parent)
-
-            self.pool.get('document.directory').check_access_rule(cr, uid, parent_ids, mode, context=context)
+            cr.execute('SELECT DISTINCT parent_id from ir_attachment WHERE id in %s AND parent_id is not NULL', (tuple(ids),))
+            self.pool.get('document.directory').check_access_rule(cr, uid, [parent_id for (parent_id,) in cr.fetchall()], mode, context=context)
 
     def search(self, cr, uid, args, offset=0, limit=None, order=None, context=None, count=False):
         # Grab ids, bypassing 'count'