X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/6072ff00f2f58e59e2e1138771038b42bc9f32aa..3d9beabc77b40f26d2ae76269d03ca1c379f0bd0:/WEB-INF/lib/ttReportHelper.class.php

diff --git a/WEB-INF/lib/ttReportHelper.class.php b/WEB-INF/lib/ttReportHelper.class.php
index 74ddd582..acf33681 100644
--- a/WEB-INF/lib/ttReportHelper.class.php
+++ b/WEB-INF/lib/ttReportHelper.class.php
@@ -1936,4 +1936,26 @@ class ttReportHelper {
      */
     return $options;
   }
+
+  // verifyBean is a security function to make sure data in bean makes sense for a group.
+  static function verifyBean($bean) {
+    global $user;
+
+    // Check users.
+    $users_in_bean = $bean->getAttribute('users');
+    if (is_array($users_in_bean)) {
+      $users_in_group = ttTeamHelper::getUsers();
+      foreach ($users_in_group as $user_in_group) {
+        $valid_ids[] = $user_in_group['id'];
+      }
+      foreach ($users_in_bean as $user_in_bean) {
+        if (!in_array($user_in_bean, $valid_ids)) {
+          return false;
+        }
+      }
+    }
+
+    // TODO: add additional checks here. Perhaps do it before saving the bean for consistency.
+    return true;
+  }
 }