X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=role_edit.php;h=972d4540cb2e3e9d2f392a640e3d1a00663f664e;hb=770d560338b34e0a869c78778d0cd838905fb192;hp=f5f3762b3221ba24177fe9bc1c050ca4e1d4c97a;hpb=030d2c3ffbf8229cc945427e9e9f7704226effe1;p=timetracker.git

diff --git a/role_edit.php b/role_edit.php
index f5f3762b..972d4540 100644
--- a/role_edit.php
+++ b/role_edit.php
@@ -28,8 +28,6 @@
 
 require_once('initialize.php');
 import('form.Form');
-import('ttTeamHelper'); // TODO: remove this?
-import('ttTaskHelper'); // TODO: remove this?
 import('ttRoleHelper');
 
 // Access checks.
@@ -43,6 +41,7 @@ if (!$role) {
   header('Location: access_denied.php');
   exit();
 }
+// End of access checks.
 
 $assigned_rights = explode(',', $role['rights']);
 $available_rights = array_diff($user->rights, $assigned_rights);
@@ -82,6 +81,7 @@ if ($request->isPost()) {
     // Validate user input.
     if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.thing_name'));
     if (!ttValidString($cl_description, true)) $err->add($i18n->get('error.field'), $i18n->get('label.description'));
+    if ($cl_rank >= $user->rank || $cl_rank < 0) $err->add($i18n->get('error.field'), $i18n->get('form.roles.rank'));
 
     if ($err->no()) {
       $existing_role = ttRoleHelper::getRoleByName($cl_name);