2. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 8/16/2019 12:01:55 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

2.1 Files compared

#	Location	File	Last Modified
1	Direct_DSM.zip\Direct_DSM\api\application\controllers\admin	User_settings.php	Tue Aug 13 17:30:40 2019 UTC
2	Direct_DSM.zip\Direct_DSM\api\application\controllers\admin	User_settings.php	Fri Aug 16 14:41:21 2019 UTC

2.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	990
Changed	1	2
Inserted	0	0
Removed	0	0

2.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

2.4 Active regular expressions

No regular expressions were active.

2.5 Comparison detail

	1	<?php defi ned('BASEP ATH') OR e xit('No di rect scrip t access a llowed');
	2
	3	// This ca n be remov ed if you use Modula r Extensio ns
	4	require_on ce APPPATH .'controll ers/admin/ admin_cont roller.php ';
	5	require_on ce APPPATH .'librarie s/REST_Con troller.ph p';
	6	require_on ce APPPATH .'third_pa rty/Pagina tor.php';
	7
	8	class User _Settings extends Ad min_contro ller{
	9
	10	pu blic funct ion __cons truct(){
	11	pare nt::__cons truct();
	12	requ ire_models ('applicat ion', 'ser vice_permi ssion');
	13	}
	14
	15	/* --------- ---------- ---------- *
	16	* USER_SET TINGS TAB FUNCTIONS *
	17	* --------- ---------- ---------- */
	18	pu blic funct ion index( ) {
	19	//ge t user id from sessi on to get permission s
	20	$per missions = $this->ac count_perm issions;
	21	$sho w = $this- >show;
	22
	23	if(i sset($show ['user_set tings']) & & $show['u ser_settin gs']) { $t his->appli cation_lis t(); }
	24	else { redirec t('onboard ing'); }
	25	}
	26
	27	/*
	28	* Edit page for web s ervice acc ess.
	29	* for users when $gro up_name is null
	30	* /
	31	pu blic funct ion webser vice_acces s_edit($ma ilbox_name = null, $ app_id = n ull, $acti ve_cur_pag e = null, $active_it ems_per_pa ge = null,
	32	$pendi ng_cur_pag e = null, $pending_i tems_per_p age = null , $denied_ cur_page = null, $de nied_items _per_page = null)
	33	{
	34	//se t current page and i tems per p age on the sub-tabs
	35	$dat a['active_ cur_page'] = $active _cur_page;
	36	$dat a['active_ items_per_ page'] = $ active_ite ms_per_pag e;
	37
	38	if(i s_null($ap p_id)) { r eturn $thi s->applica tion_list( ); } //if no id is s et, go bac k to appli cation lis t
	39	$dat a['title'] = 'Direct API: Appl ication We b Service Access Edi t';
	40	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	41
	42	//ge t current user id fr om session to get pe rmissions
	43	$use r_id = $th is->user-> id();
	44	$per missions = $this->ac count_perm issions;
	45	$dat a['show'] = $this->s how;
	46	$dat a['api_adm ins'] = $p ermissions ['API']['a dmins'];
	47	$app _permissio n = false;
	48	$app _permissio n = isset( $permissio ns['Applic ation'][$a pp_id]) &&
	49	($permi ssions['Ap plication' ][$app_id] [LDAP_APPL ICATION_US ER_GROUP_N AME] \|\|
	50	$permi ssions['Ap plication' ][$app_id] [LDAP_APPL ICATION_AD MIN_GROUP_ NAME]);
	51
	52	//Ad d an excep tion for t he Account Group Mai nteance Ro le
	53	if($ permission s['Role'][ 0] == "acc ountgroupm aintenance "){
	54	$app_p ermission = true;
	55	}
	56	$dat a['app_per mission'] = $app_per mission;
	57
	58
	59	//ma ilbox_sett ings_setup must happ en before get_mailbo x_settings _by_applic ation
	60	if(e mpty($mail box_name) \|\| $mailbo x_name === 'null') { $mailbox_ name = $th is->user-> username; }
	61	$mai lbox = $th is->userse ttingsmode l->get_mai lbox_by_na me($mailbo x_name);
	62	$mai lbox_id = $mailbox-> id;
	63	$thi s->userset tingsmodel ->mailbox_ settings_s etup($mail box_id, $a pp_id, 'ad d');
	64	$dat a['mailbox _settings' ] = $this- >usersetti ngsmodel-> get_mailbo x_settings _by_applic ation($mai lbox_id, $ app_id)->r esult();
	65
	66	if($ permission s['API'][' admins'] \| \| $app_per mission) {
	67	if (is set($app_i d) && is_n umeric($ap p_id)){ // make sure its a vali d id
	68	$app = $ this->appl icationmod el->get_ap plication( $app_id)-> result();
	69	if($app) { //if th ere is a r esult, loa d the view
	70	$data['app '] = $app[ 0];
	71	$data['web _services' ] = $this- >usersetti ngsmodel-> get_web_se rvices()-> result();
	72	}
	73	else { s how_404(); } //if no t valid id or no res ult, show 404
	74	}
	75	else { show_404( ); }
	76
	77	if($th is->user-> username ! == $mailbo x->name) {
	78	$data['m ailbox_nam e'] = $mai lbox->name ;
	79	$data['v iew'] = 'w ebservice_ access_edi t';
	80	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	81	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	82	if($mail box->is_gr oup) {
	83	$data['tit le'] = 'Di rect API: Authorized Applicati on List fo r Group';
	84	//get user id from s ession to get permis sions
	85	$this->loa d->view('a pi/adminis tration/ma nage_group s', $data) ;
	86	}
	87	else {
	88	$data['tit le'] = 'Di rect API: Authorized Applicati on List fo r Account' ;
	89	//get user id from s ession to get permis sions
	90	$this->loa d->view('a pi/adminis tration/ma nage_accou nts', $dat a);
	91	}
	92	}
	93	else i f($data['s how']['use r_settings ']) {
	94	$this->l oad->view( 'api/user_ settings/w ebservice_ access_edi t', $data) ;
	95	}
	96	else { show_err or('Forbid den',403); }
	97	}
	98	else { show_e rror('Forb idden',403 ); }
	99	}
	100
	101	/*
	102	* loads the applicati on list vi ew for the applicati on user.
	103	* /
	104	pu blic funct ion applic ation_list ($name = n ull)
	105	{
	106	$dat a['title'] = 'Direct API: Auth orized App lication L ist';
	107	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	108
	109	//gr ab flash d ata to dis play to th e user
	110	if(! empty($thi s->session ->flashdat a('message '))) { $da ta['messag e'] = $thi s->session ->flashdat a('message '); }
	111	if(! empty($thi s->session ->flashdat a('error_m essage'))) { $data[' error_mess age'] = $t his->sessi on->flashd ata('error _message') ; }
	112	if(! empty($thi s->session ->flashdat a('success _message') )) { $data ['success_ message'] = $this->s ession->fl ashdata('s uccess_mes sage'); }
	113
	114	$mai lbox = $th is->userse ttingsmode l->get_mai lbox_by_na me($name);
	115
	116	//ge t current user id fr om session to get pe rmissions
	117	$use r_id = $th is->user-> id();
	118	$dat a['user_id '] = $user _id;
	119	$per missions = $this->ac count_perm issions;
	120	$dat a['show'] = $this->s how;
	121
	122	$app lication_l ist = arra y();
	123	if($ mailbox && $name !== $this->us er->userna me) {
	124	if($pe rmissions[ 'API']['ad mins'] \|\| $this->sho w['acct_gr oup_maint' ] ) {
	125	//if thi s is for g roup
	126	if($mail box->is_gr oup) {
	127	$this->can _edit_grou p($mailbox ->name);
	128	$group = $ this->grou psmodel->g et_group_f rom_groupn ame($mailb ox->name);
	129	if(count($ group) === 0){
	130	$g roup = $th is->groups model->get _group_fro m_groupnam e($mailbox ->name, fa lse);
	131	}
	132	$applicati on_names = $group[0] ['applicat ions'];
	133	$data['gro up'] = $gr oup[0];
	134	$group_app _access = array();
	135	foreach($a pplication _names as $name) {
	136	$a pp_id = $t his->appli cationmode l->get_app lication_i d_by_name( $name);
	137	ar ray_push($ group_app_ access, $a pp_id);
	138	}
	139	$applicati on_list = $this->app licationmo del->get_a pplication s($group_a pp_access) ;
	140	$applicati on_list_si ze = $this ->applicat ionmodel-> get_app_li st_size($g roup_app_a ccess);
	141	}
	142	else {
	143	//get mail box user i d from ses sion to ge t permissi ons
	144	$user = Us er::find_o ne(array(' username' => $mailbo x->name));
	145	$user_perm issions = $user->per missions;
	146	$data['acc ount'] = $ user;
	147	$app_acces s = $this- >permissio ns->get_ap plication_ permission ($user_per missions, 'users');
	148	if(!empty( $app_acces s)) {
	149	$a pplication _list = $t his->appli cationmode l->get_app lications( $app_acces s);
	150	$a pplication _list_size = $this-> applicatio nmodel->ge t_app_list _size($app _access);
	151	}
	152	else {
	153	$a pplication _list = ar ray();
	154	$a pplication _list_size = 0;
	155	}
	156	}
	157	}
	158	}
	159	else {
	160	//grab a list of applicati ons the us er has acc ess to
	161	$app_a ccess = $t his->permi ssions->ge t_applicat ion_permis sion($perm issions, ' users');
	162	//if y ou have ap ps that yo u have acc ess too
	163	if (is set($app_a ccess) && count($app _access) > 0){
	164	$applica tion_list = $this->a pplication model->get _applicati ons($app_a ccess);
	165	$applica tion_list_ size = $th is->applic ationmodel ->get_app_ list_size( $app_acces s);
	166	}
	167	else{
	168	//if cur rent user has no app access se nd empty r esult
	169	$applica tion_list = array();
	170	$applica tion_list_ size = 0;
	171	}
	172	}
	173
	174	//th e active a pplication s list
	175	if($ applicatio n_list) { $data['ac tive_list' ] = $appli cation_lis t->result( ); }
	176	else { $data[ 'active_li st'] = arr ay(); }
	177
	178	if(i sset($_POS T['prefix' ])) { $dat a['anchor' ] = $_POST ['prefix'] . 'link'; }
	179
	180	//de termine wh ich view t o display
	181	if($ mailbox && $name !== $this->us er->userna me) {
	182	if($ma ilbox && $ mailbox->i s_group) {
	183	$data['t itle'] = ' Direct API : Authoriz ed Applica tion List for Group' ;
	184	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	185	//get us er id from session t o get perm issions
	186	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	187	$data['v iew'] = 'a pplication _list';
	188	$this->l oad->view( 'api/admin istration/ manage_gro ups', $dat a);
	189	}
	190	else {
	191	$data['t itle'] = ' Direct API : Authoriz ed Applica tion List for Accoun t';
	192	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	193	//get us er id from session t o get perm issions
	194	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	195	$data['v iew'] = 'a pplication _list';
	196	$this->l oad->view( 'api/admin istration/ manage_acc ounts', $d ata);
	197	}
	198	}
	199	else {
	200	$this- >load->vie w('api/use r_settings /applicati on_list', $data);
	201	}
	202	}
	203
	204	/*
	205	* Handles t he storing of values for web s ervice acc ess into t he databas e.
	206	*/
	207	pu blic funct ion webser vice_acces s_save(){
	208	$thi s->load->l ibrary('fo rm_validat ion');
	209
	210	//pu sh back th e page num ber and it ems per pa ge from th e attempt to edit an applicati on
	211	$thi s->session ->set_flas hdata('act ive_page_s elect_from _applicati on_save',$ this->inpu t->post('a ctive_page _select_fr om_applica tion_save' ,TRUE));
	212	$thi s->session ->set_flas hdata('act ive_items_ per_page_f rom_applic ation_save ',$this->i nput->post ('active_i tems_per_p age_from_a pplication _save',TRU E));
	213
	214	//re trieve the applicati on id
	215	$id = $this->i nput->post ('app_id', TRUE);
	216	$mai lbox_name = $this->i nput->post ('mailbox_ name',TRUE );
	217
	218	//if a mailbox is not in cluded in the post d ata, assum e it's for the curre nt user
	219	#TOD O: This sh ould be re factored i nto a bett er system that has o ne view te mplate for this and deals with everythin g the same way
	220	if(e mpty($mail box_name) \|\| $mailbo x_name === FALSE) { $mailbox_n ame = $thi s->user->u sername; }
	221
	222	//us e permissi ons to det ermine whe ther to al low functi on call at all
	223	$cur _user_id = $this->us er->id();
	224	$per missions = $this->ac count_perm issions;
	225	$mes sage = '';
	226	if($ permission s['API'][' admins'] \| \| isset($p ermissions ['Applicat ion'][$id] ) \|\| $perm issions['R ole'][0] = = "account groupmaint enance") {
	227	//test if the id has been passed and if it is a valid nu mber
	228	if(emp ty($id) \|\| !$this->i s->nonzero _unsigned_ integer($i d)){
	229	$this->s ession->se t_flashdat a('error_m essage', ' No applica tion id sp ecified. T o request a new appl ication pl ease follo w the link on the on boarding t ab.');
	230	redirect ('user_set tings/appl ication_li st');
	231	}
	232	else {
	233	//retrie ve the app lication f rom the da tabase fro m its id
	234	$app_arr = $this-> applicatio nmodel->ge t_applicat ion($id)-> result();
	235	//if the applicati on exists
	236	if($app_ arr) {
	237	$app = $ap p_arr[0];
	238	$mailbox = $this->us ersettings model->get _mailbox_b y_name($ma ilbox_name );
	239	$mailbox_i d = $mailb ox->id;
	240
	241	//no valid ation need ed for now since the re are onl y checkbox es in the form
	242	$mailbox_s ettings = $this->use rsettingsm odel->get_ mailbox_se ttings_by_ applicatio n($mailbox _id, $id)- >result();
	243	foreach($m ailbox_set tings as $ setting) {
	244	$w eb_service _authorize d = $this- >input->po st('ws'.$s etting->id ,TRUE);
	245
	246	if ($this->us ersettings model->sav e_applicat ion_web_se rvice_acce ss_by_sett ing_id($se tting->id, $web_serv ice_author ized)) {
	247	$mes sage = 'We b service access of the applic ation "'.$ app->name. '" has bee n saved su ccessfully .';
	248	$thi s->eventlo g->create_ event(2, $ id, 3, $cu r_user_id, "Edit web service a ccess of t he applica tion", tim e(), 1);
	249	}
	250	el se {
	251	$err or_message = 'Web se rvice acce ss of the applicatio n "'.$app- >name.'" f ailed to s ave.';
	252	$thi s->eventlo g->create_ event(2, $ id, 3, $cu r_user_id, "Edit web service a ccess of t he applica tion", tim e(), 0);
	253	}
	254	}
	255	}
	256	//if no applicatio n exists i n the data base retur n to the e dit screen
	257	else {
	258	$this->ses sion->set_ flashdata( 'error_mes sage', 'No applicati on exists for id '.$ id.'. Plea se select another ap plication to edit.') ;
	259	redirect(' user_setti ngs/applic ation_list ');
	260	}
	261	}
	262	$this- >session-> set_flashd ata('succe ss_message ',$message );
	263	if(iss et($error_ message)) { $this->s ession->se t_flashdat a('error_m essage',$e rror_messa ge); }
	264
	265	if($ma ilbox_name ) {
	266	redirect ('administ ration/man age_groups /applicati on_list/' . $mailbox _name);
	267	}
	268	else {
	269	redirect ('user_set tings/appl ication_li st');
	270	}
	271	}
	272	else { show_er ror('Forbi dden', 403 ); }
	273	}
	274
	275	/*
	276	* This func tion loads the edit account vi ew and pro vides the data for t he current user
	277	* /
	278	/ /todo - th is view do esn't relo ad the $_P OST values when ther e are form validatio n errors - not confo rming to b est practi ces, need to fix at some point -- MG 201 6-06-10
	279	pu blic funct ion accoun t_edit() {
	280	$dat a['title'] = 'Direct API: Edit Account';
	281	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	282
	283	//ge t user id from sessi on to get permission s
	284	$dat a['show'] = $this->s how;
	285	$dat a['admin_s how'] = $t his->permi ssions->se t_admin_ac cess_from_ permission s($this->a ccount_per missions);
	286	$dat a['user'] = $this->u sersmodel- >get_user( $this->use r->id);
	287
	288	//ge t faciliti y list and the facil ity associ ated with the user i f any
	289	$dat a['facilit y_select'] = $this-> usersettin gsmodel->g et_facilit y_id_in_ma ilbox($dat a['user']- >username, false);
	290	$dat a['facilit ies'] = $t his->facil itymodel-> get_facili ties(true) ->result() ;
	291
	292	//gr ab flash d ata to dis play to th e user
	293	if(! empty($thi s->session ->flashdat a('message '))) { $da ta['messag e'] = $thi s->session ->flashdat a('message '); }
	294	if(! empty($thi s->session ->flashdat a('error_m essage'))) { $data[' error_mess age'] = $t his->sessi on->flashd ata('error _message') ; }
	295	if(! empty($thi s->session ->flashdat a('success _message') )) { $data ['success_ message'] = $this->s ession->fl ashdata('s uccess_mes sage'); }
	296
	297	//va lidate for m data, if this form has been submitted
	298	if(! empty($_PO ST)){
	299	$this- >load->lib rary('form _validatio n');
	300	$this- >form_vali dation->se t_rules('f irst_name' ,'First Na me','requi red');
	301	$this- >form_vali dation->se t_rules('l ast_name', 'Last Name ','require d');
	302	$this- >form_vali dation->se t_rules('f acility_se lect','Fac ility','re quired\|num eric\|valid _facility' , array('n umeric' => 'The Faci lity field is invali d.'));
	303	$this- >form_vali dation->se t_rules('e xt_mail',' Email','re quired\|va_ email');
	304	$this- >form_vali dation->se t_rules('t elephone', 'Telephone ','validat e_phone');
	305	$this- >form_vali dation->se t_rules('m obile','Mo bile','val idate_phon e');
	306	if($th is->form_v alidation- >run())
	307	return $ this->acco unt_edit_s ave();
	308
	309	$data[ 'error_mes sage'] = v alidation_ errors();
	310	}
	311
	312	$thi s->load->v iew('api/u ser_settin gs/account _edit', $d ata);
	313	}
	314
	315	/* Save acco unt data f rom accoun t edit for m
	316	* /
	317	pr otected fu nction acc ount_edit_ save() {
	318
	319	//ge t user id from sessi on to get permission s
	320	$app _id = $thi s->input-> post('app_ id',TRUE);
	321	$fac _id = $thi s->input-> post('faci lity_selec t',TRUE);
	322
	323	$fir st = $this ->input->p ost('first _name', TR UE);
	324	$mid dle = $thi s->input-> post('midd le_name', TRUE);
	325	$las t = $this- >input->po st('last_n ame', TRUE );
	326	$ext _mail = $t his->input ->post('ex t_mail', T RUE);
	327	$tit le = $this ->input->p ost('title ', TRUE);
	328	$dep artment = $this->inp ut->post(' department ', TRUE);
	329	$org anization = $this->i nput->post ('organiza tion', TRU E);
	330	$tel ephone = $ this->inpu t->post('t elephone', TRUE);
	331	$mob ile = $thi s->input-> post('mobi le', TRUE) ;
	332	$loc ation = $t his->input ->post('lo cation', T RUE);
	333	$use r_id = $th is->user-> id;
	334	$fac ility_id = $this->in put->post( 'facility_ select', T RUE);
	335
	336	$use rname = $t his->user- >username;
	337	$att ributes = array(
	338	'cn' => $first . ' ' . $last ,
	339	'givenNa me' => $fi rst,
	340	'initial s' => $mid dle,
	341	'sn' => $last,
	342	'title' => $title,
	343	'departm entNumber' => $depar tment,
	344	'o' => $ organizati on,
	345	'telepho neNumber' => $teleph one,
	346	'mobile' => $mobil e,
	347	'physica lDeliveryO fficeName' => $locat ion,
	348	'facilit y_select' => $facili ty_id
	349	);
	350	//se t optional attribute s / attrib utes that depend on optional a ttributes
	351	$att ributes['d isplayName '] = $last .', '.$fir st;
	352	if(i sset($midd le) && !em pty(trim($ middle))) {
	353	$attri butes['ini tials'] = $middle;
	354	$attri butes['dis playName'] .= ' '.$m iddle;
	355	}
	356
	357	$res ult = $thi s->usersmo del->updat e_user($us er_id,$ext _mail,$fac ility_id,$ attributes );
	358
	359	if(! $result \|\| in_array( FALSE,$res ult)) {
	360	$this- >session-> set_flashd ata('error _message', 'Account i nformation failed to saved pro perly.');
	361	$this- >eventlog- >create_ev ent( 3, $u ser_id, 3, $this->us er->id, "E dit user", time(), 0 );
	362	}
	363	else {
	364	$this- >session-> set_flashd ata('succe ss_message ','Account informati on saved.' ); $this- >eventlog- >create_ev ent( 3, $u ser_id, 3 ,$this->us er->id, "E dit user", time(), 1 );
	365	}
	366
	367	redi rect('user _settings/ account_ed it/');
	368	}
	369
	370	/**
	371	* Cal led from w ebmail app lication s ettings ta b
	372	* @pa ram null $ applicatio n_id
	373	* @pa ram null $ mailbox_na me
	374	* @pa ram null $ redirect_u rl
	375	* @re turn mixed
	376	*/
	377	pu blic funct ion edit_w ebservice_ permission ($applicat ion_id=nul l, $mailbo x_name=nul l, $redire ct_url=nul l)
	378	{
	379
	380	// Verify th at the use r exists a nd is acti ve
	381	$u ser = User ::find_fro m_session( );
	382	if (!User::i s_an_entit y($user) \| \| !$user-> is_active( )) {
	383	show_err or(401);
	384	}
	385
	386	// Collect d ata from t he form
	387	$f orm_data = $this->in put->get(n ull, true) ;
	388	lo g_message( 'debug', ' Form Data is ' . pri nt_r($form _data, tru e) . "\n") ;
	389
	390	// Verify th at the app lication e xists
	391	if (is_null( $applicati on_id)) {
	392	$applica tion_id = $form_data ['id'];
	393	}
	394	if (!Applica tion::form atted_like _an_id($ap plication_ id)) {
	395	show_404 ();
	396	}
	397	$a pplication = Applica tion::find _one($appl ication_id );
	398	if (!Applica tion::is_a n_entity($ applicatio n)) {
	399	show_404 ();
	400	}
	401
	402	// Verify th at the mai lbox exist s and that the user has access to it
	403	if (is_null( $mailbox_n ame)) {
	404	$mailbox _name = $f orm_data[' mailbox_na me'];
	405	}
	406	if (empty($m ailbox_nam e)) {
	407	// If th e mailbox is not spe cified, us e the user default
	408	$mailbox = $user-> mailbox;
	409	} else {
	410	$mailb ox = Mailb ox::find_o ne(array(' name' => $ mailbox_na me));
	411	if(!Ma ilbox::is_ an_entity( $mailbox)) {
	412	sh ow_404();
	413	}
	414	if(!$u ser->has_a ccess_to_m ailbox($ma ilbox)) {
	415	$service _error_mes sage = '<p >The '.mai lto($appli cation->po c_email, $ applicatio n->name).' </strong> applicatio n is reque sting auth orization to Direct Services ' .
	416	' in order t o access t he '.mailt o($mailbox ->email_ad dress()).' mailbox o n your beh alf. Howe ver, you c annot gran t this '.
	417	' permission because t he account that you are logged in as ('. mailto($us er->email_ address()) .') does n ot have ac cess to th is mailbox .</p>'.
	418	' <p>If you believe th is message to be in error, ple ase contac t the admi nistrator for assist ance.</p>' ;
	419
	420	$this->l oad->view( 'api/autho rize/edit_ webservice _permissio n', compac t('applica tion', 'se rvice_erro r_message' , 'mailbox ', 'user') );
	421	}
	422	}
	423
	424	// V erify that the redir ect url ex ists
	425	if(i s_null($re direct_url )) {
	426	$redirect_ url = $for m_data['re direct_url '];
	427	}
	428	if(! empty($red irect_url) ) {
	429	$redirect_ url = base 64_decode( rawurldeco de($redire ct_url));
	430	}
	431	if(! $this->is- >string_li ke_a_url($ redirect_u rl)) {
	432	$this- >error->sh ould_be_a_ url($redir ect_url);
	433	$redir ect_url = '';
	434	}
	435
	436	// F ind the se rvice perm issions fo r this use r
	437	Serv ice_permis sion::set_ up_service _join();
	438	$ser vice_permi ssions = $ mailbox->s ervice_per missions(a rray('appl ication_id ' => $appl ication->i d));
	439
	440	// I f the form has been submitted, update th e permissi ons
	441	if(! empty($for m_data['se rvice_perm issions']) ) {
	442	$succe ss = true;
	443	$permi ssions_to_ save = $fo rm_data['s ervice_per missions'] ;
	444	foreac h($service _permissio ns as $ser vice_permi ssion){
	445	$service _permissio n->authori zed = (boo l)element( $service_p ermission- >name, $pe rmissions_ to_save);
	446	$success = $servic e_permissi on->save() && $succe ss;
	447	}
	448
	449	if(!$s uccess) {
	450	$e rror_messa ge = '<str ong>An err or occurre d and your changes w ere not sa ved.</stro ng>  Please try again in a moment, and contac t an admin istrator i f the prob lem persis ts.';
	451	} else {
	452	$success _message = '<strong> Success!</ strong>&nb sp; Your changes ha ve been sa ved.';
	453
	454	if(!empt y($redirec t_url)) {
	455	redi rect($redi rect_url);
	456	}
	457
	458	// Refre sh the ser vice permi ssions
	459	Service_ permission ::set_up_s ervice_joi n();
	460	$service _permissio ns = $mail box->servi ce_permiss ions(array ('applicat ion_id' => $applicat ion->id));
	461	}
	462	}
	463
	464	$thi s->load->v iew(
	465	'api/autho rize/edit_ webservice _permissio n',
	466	compact(
	467	'app lication',
	468	'mai lbox',
	469	'red irect_url' ,
	470	'ser vice_permi ssions',
	471	'use r',
	472	'suc cess_messa ge',
	473	'err or_message '
	474	)
	475	);
	476	}
	477
	478	pr ivate func tion can_e dit_group( $group_nam e) {
	479	if($ this->has_ access('ma nage_group s_all')) { return; }
	480	else if($this- >has_acces s('manage_ groups_lea d')){
	481	if(!$t his->group smodel->us er_is_memb er($group_ name,$this ->user->dn ())){ show _404(); }
	482	else { return; }
	483	}
	484	else { show_40 4(); }
	485	}
	486
	487	/* // this metho d existed on multipl e controll ers - move d this to the form v alidation library ex tension to avoid dup licate cod e -- MG 20 14-05-22
	488	/*
	489	pu blic funct ion va_ema il($email) {
	490	// 2017-06-30 - Myke Ca rter - Apo strophe ad ded to acc ommodate u sers with apostrophe s in their names and /or extern al email a ddresses
	491	$val id = (preg _match("/^ ([a-z0-9\' \+_\-]+)(\ .[a-z0-9\' \+_\-]+)@ +((.(\.va \.gov))\|va \.gov)$/ix ", $email) ) ? TRUE : FALSE;
	492	if($ valid) { r eturn TRUE ; }
	493	$this->for m_validati on->set_me ssage('va_ email', 'T he %s fiel d must con tain a val id DNS . URL email add ress.');
	494	retu rn FALSE;
	495	} */
	496	}