123. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 3/13/2019 2:49:46 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

123.1 Files compared

#	Location	File	Last Modified
1	C:\AraxisMergeCompare\Pri_un\DSM\Direct_API\application\controllers\admin	User_settings.php	Tue Mar 12 21:59:58 2019 UTC
2	C:\AraxisMergeCompare\Pri_re\DSM-scrubbed\Direct_API\application\controllers\admin	User_settings.php	Wed Mar 13 04:33:44 2019 UTC

123.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	938
Changed	1	2
Inserted	0	0
Removed	0	0

123.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

123.4 Active regular expressions

No regular expressions were active.

123.5 Comparison detail

	1	<?php defi ned('BASEP ATH') OR e xit('No di rect scrip t access a llowed');
	2
	3	/**
	4	* @package direct-as -a-service
	5	* @subpack age contro llers
	6	//* */
	7
	8	// This ca n be remov ed if you use Modula r Extensio ns
	9	require_on ce APPPATH .'controll ers/admin/ admin_cont roller.php ';
	10	require_on ce APPPATH .'librarie s/REST_Con troller.ph p';
	11	require_on ce APPPATH .'third_pa rty/Pagina tor.php';
	12
	13	/**
	14	* @package direct-as -a-service
	15	* @subpack age contro llers
	16	*/
	17	class User _Settings extends Ad min_contro ller{
	18
	19	pu blic funct ion __cons truct(){
	20	pare nt::__cons truct();
	21	requ ire_models ('applicat ion', 'ser vice_permi ssion');
	22	}
	23
	24
	25
	26	/* --------- ---------- ---------- *
	27	* USER_SET TINGS TAB FUNCTIONS *
	28	* --------- ---------- ---------- */
	29	pu blic funct ion index( ) {
	30	//ge t user id from sessi on to get permission s
	31	$per missions = $this->ac count_perm issions;
	32	$sho w = $this- >show;
	33
	34	if(i sset($show ['user_set tings']) & & $show['u ser_settin gs']) { $t his->appli cation_lis t(); }
	35	else { redirec t('onboard ing'); }
	36	}
	37
	38	/*
	39	* Edit page for web s ervice acc ess.
	40	* for users when $gro up_name is null
	41	* /
	42	pu blic funct ion webser vice_acces s_edit($ma ilbox_name = null, $ app_id = n ull, $acti ve_cur_pag e = null, $active_it ems_per_pa ge = null,
	43	$pendi ng_cur_pag e = null, $pending_i tems_per_p age = null , $denied_ cur_page = null, $de nied_items _per_page = null)
	44	{
	45	//se t current page and i tems per p age on the sub-tabs
	46	$dat a['active_ cur_page'] = $active _cur_page;
	47	$dat a['active_ items_per_ page'] = $ active_ite ms_per_pag e;
	48
	49	if(i s_null($ap p_id)) { r eturn $thi s->applica tion_list( ); } //if no id is s et, go bac k to appli cation lis t
	50	$dat a['title'] = 'Direct API: Appl ication We b Service Access Edi t';
	51	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	52
	53	//ge t current user id fr om session to get pe rmissions
	54	$use r_id = $th is->user-> id();
	55	$per missions = $this->ac count_perm issions;
	56	$dat a['show'] = $this->s how;
	57	$dat a['api_adm ins'] = $p ermissions ['API']['a dmins'];
	58	$app _permissio n = false;
	59	$app _permissio n = isset( $permissio ns['Applic ation'][$a pp_id]) &&
	60	($permi ssions['Ap plication' ][$app_id] [LDAP_APPL ICATION_US ER_GROUP_N AME] \|\|
	61	$permi ssions['Ap plication' ][$app_id] [LDAP_APPL ICATION_AD MIN_GROUP_ NAME]);
	62
	63	//Ad d an excep tion for t he Account Group Mai nteance Ro le
	64	if($ permission s['Role'][ 0] == "acc ountgroupm aintenance "){
	65	$app_p ermission = true;
	66	}
	67	$dat a['app_per mission'] = $app_per mission;
	68
	69
	70	//ma ilbox_sett ings_setup must happ en before get_mailbo x_settings _by_applic ation
	71	if(e mpty($mail box_name) \|\| $mailbo x_name === 'null') { $mailbox_ name = $th is->user-> username; }
	72	$mai lbox = $th is->userse ttingsmode l->get_mai lbox_by_na me($mailbo x_name);
	73	$mai lbox_id = $mailbox-> id;
	74	$thi s->userset tingsmodel ->mailbox_ settings_s etup($mail box_id, $a pp_id, 'ad d');
	75	$dat a['mailbox _settings' ] = $this- >usersetti ngsmodel-> get_mailbo x_settings _by_applic ation($mai lbox_id, $ app_id)->r esult();
	76
	77	if($ permission s['API'][' admins'] \| \| $app_per mission) {
	78	if (is set($app_i d) && is_n umeric($ap p_id)){ // make sure its a vali d id
	79	$app = $ this->appl icationmod el->get_ap plication( $app_id)-> result();
	80	if($app) { //if th ere is a r esult, loa d the view
	81	$data['app '] = $app[ 0];
	82	$data['web _services' ] = $this- >usersetti ngsmodel-> get_web_se rvices()-> result();
	83	}
	84	else { s how_404(); } //if no t valid id or no res ult, show 404
	85	}
	86	else { show_404( ); }
	87
	88	if($th is->user-> username ! == $mailbo x->name) {
	89	$data['m ailbox_nam e'] = $mai lbox->name ;
	90	$data['v iew'] = 'w ebservice_ access_edi t';
	91	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	92	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	93	if($mail box->is_gr oup) {
	94	$data['tit le'] = 'Di rect API: Authorized Applicati on List fo r Group';
	95	//get user id from s ession to get permis sions
	96	$this->loa d->view('a pi/adminis tration/ma nage_group s', $data) ;
	97	}
	98	else {
	99	$data['tit le'] = 'Di rect API: Authorized Applicati on List fo r Account' ;
	100	//get user id from s ession to get permis sions
	101	$this->loa d->view('a pi/adminis tration/ma nage_accou nts', $dat a);
	102	}
	103	}
	104	else i f($data['s how']['use r_settings ']) {
	105	$this->l oad->view( 'api/user_ settings/w ebservice_ access_edi t', $data) ;
	106	}
	107	else { show_err or('Forbid den',403); }
	108	}
	109	else { show_e rror('Forb idden',403 ); }
	110	}
	111
	112	/*
	113	* loads the applicati on list vi ew for the applicati on user.
	114	* /
	115	pu blic funct ion applic ation_list ($name = n ull)
	116	{
	117	$dat a['title'] = 'Direct API: Auth orized App lication L ist';
	118	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	119
	120	//gr ab flash d ata to dis play to th e user
	121	if(! empty($thi s->session ->flashdat a('message '))) { $da ta['messag e'] = $thi s->session ->flashdat a('message '); }
	122	if(! empty($thi s->session ->flashdat a('error_m essage'))) { $data[' error_mess age'] = $t his->sessi on->flashd ata('error _message') ; }
	123	if(! empty($thi s->session ->flashdat a('success _message') )) { $data ['success_ message'] = $this->s ession->fl ashdata('s uccess_mes sage'); }
	124
	125	$mai lbox = $th is->userse ttingsmode l->get_mai lbox_by_na me($name);
	126
	127	//ge t current user id fr om session to get pe rmissions
	128	$use r_id = $th is->user-> id();
	129	$dat a['user_id '] = $user _id;
	130	$per missions = $this->ac count_perm issions;
	131	$dat a['show'] = $this->s how;
	132
	133	$app lication_l ist = arra y();
	134	if($ mailbox && $name !== $this->us er->userna me) {
	135	if($pe rmissions[ 'API']['ad mins'] \|\| $this->sho w['acct_gr oup_maint' ] ) {
	136	//if thi s is for g roup
	137	if($mail box->is_gr oup) {
	138	$this->can _edit_grou p($mailbox ->name);
	139	$group = $ this->grou psmodel->g et_group_f rom_groupn ame($mailb ox->name);
	140	if(count($ group) === 0){
	141	$g roup = $th is->groups model->get _group_fro m_groupnam e($mailbox ->name, fa lse);
	142	}
	143	$applicati on_names = $group[0] ['applicat ions'];
	144	$data['gro up'] = $gr oup[0];
	145	$group_app _access = array();
	146	foreach($a pplication _names as $name) {
	147	$a pp_id = $t his->appli cationmode l->get_app lication_i d_by_name( $name);
	148	ar ray_push($ group_app_ access, $a pp_id);
	149	}
	150	$applicati on_list = $this->app licationmo del->get_a pplication s($group_a pp_access) ;
	151	$applicati on_list_si ze = $this ->applicat ionmodel-> get_app_li st_size($g roup_app_a ccess);
	152	}
	153	else {
	154	//get mail box user i d from ses sion to ge t permissi ons
	155	$user = Us er::find_o ne(array(' username' => $mailbo x->name));
	156	$user_perm issions = $user->per missions;
	157	$data['acc ount'] = $ user;
	158	$app_acces s = $this- >permissio ns->get_ap plication_ permission ($user_per missions, 'users');
	159	if(!empty( $app_acces s)) {
	160	$a pplication _list = $t his->appli cationmode l->get_app lications( $app_acces s);
	161	$a pplication _list_size = $this-> applicatio nmodel->ge t_app_list _size($app _access);
	162	}
	163	else {
	164	$a pplication _list = ar ray();
	165	$a pplication _list_size = 0;
	166	}
	167	}
	168	}
	169	}
	170	else {
	171	//grab a list of applicati ons the us er has acc ess to
	172	$app_a ccess = $t his->permi ssions->ge t_applicat ion_permis sion($perm issions, ' users');
	173	//if y ou have ap ps that yo u have acc ess too
	174	if (is set($app_a ccess) && count($app _access) > 0){
	175	$applica tion_list = $this->a pplication model->get _applicati ons($app_a ccess);
	176	$applica tion_list_ size = $th is->applic ationmodel ->get_app_ list_size( $app_acces s);
	177	}
	178	else{
	179	//if cur rent user has no app access se nd empty r esult
	180	$applica tion_list = array();
	181	$applica tion_list_ size = 0;
	182	}
	183	}
	184
	185	//th e active a pplication s list
	186	if($ applicatio n_list) { $data['ac tive_list' ] = $appli cation_lis t->result( ); }
	187	else { $data[ 'active_li st'] = arr ay(); }
	188
	189	if(i sset($_POS T['prefix' ])) { $dat a['anchor' ] = $_POST ['prefix'] . 'link'; }
	190
	191	//de termine wh ich view t o display
	192	if($ mailbox && $name !== $this->us er->userna me) {
	193	if($ma ilbox && $ mailbox->i s_group) {
	194	$data['t itle'] = ' Direct API : Authoriz ed Applica tion List for Group' ;
	195	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	196	//get us er id from session t o get perm issions
	197	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	198	$data['v iew'] = 'a pplication _list';
	199	$this->l oad->view( 'api/admin istration/ manage_gro ups', $dat a);
	200	}
	201	else {
	202	$data['t itle'] = ' Direct API : Authoriz ed Applica tion List for Accoun t';
	203	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	204	//get us er id from session t o get perm issions
	205	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	206	$data['v iew'] = 'a pplication _list';
	207	$this->l oad->view( 'api/admin istration/ manage_acc ounts', $d ata);
	208	}
	209	}
	210	else {
	211	$this- >load->vie w('api/use r_settings /applicati on_list', $data);
	212	}
	213	}
	214
	215	/*
	216	* Handles t he storing of values for web s ervice acc ess into t he databas e.
	217	*/
	218	pu blic funct ion webser vice_acces s_save(){
	219	$thi s->load->l ibrary('fo rm_validat ion');
	220
	221	//pu sh back th e page num ber and it ems per pa ge from th e attempt to edit an applicati on
	222	$thi s->session ->set_flas hdata('act ive_page_s elect_from _applicati on_save',$ this->inpu t->post('a ctive_page _select_fr om_applica tion_save' ,TRUE));
	223	$thi s->session ->set_flas hdata('act ive_items_ per_page_f rom_applic ation_save ',$this->i nput->post ('active_i tems_per_p age_from_a pplication _save',TRU E));
	224
	225	//re trieve the applicati on id
	226	$id = $this->i nput->post ('app_id', TRUE);
	227	$mai lbox_name = $this->i nput->post ('mailbox_ name',TRUE );
	228
	229	//if a mailbox is not in cluded in the post d ata, assum e it's for the curre nt user
	230	#TOD O: This sh ould be re factored i nto a bett er system that has o ne view te mplate for this and deals with everythin g the same way
	231	if(e mpty($mail box_name) \|\| $mailbo x_name === FALSE) { $mailbox_n ame = $thi s->user->u sername; }
	232
	233	//us e permissi ons to det ermine whe ther to al low functi on call at all
	234	$cur _user_id = $this->us er->id();
	235	$per missions = $this->ac count_perm issions;
	236	$mes sage = '';
	237	if($ permission s['API'][' admins'] \| \| isset($p ermissions ['Applicat ion'][$id] ) \|\| $perm issions['R ole'][0] = = "account groupmaint enance") {
	238	//test if the id has been passed and if it is a valid nu mber
	239	if(emp ty($id) \|\| !$this->i s->nonzero _unsigned_ integer($i d)){
	240	$this->s ession->se t_flashdat a('error_m essage', ' No applica tion id sp ecified. T o request a new appl ication pl ease follo w the link on the on boarding t ab.');
	241	redirect ('user_set tings/appl ication_li st');
	242	}
	243	else {
	244	//retrie ve the app lication f rom the da tabase fro m its id
	245	$app_arr = $this-> applicatio nmodel->ge t_applicat ion($id)-> result();
	246	//if the applicati on exists
	247	if($app_ arr) {
	248	$app = $ap p_arr[0];
	249	$mailbox = $this->us ersettings model->get _mailbox_b y_name($ma ilbox_name );
	250	$mailbox_i d = $mailb ox->id;
	251
	252	//no valid ation need ed for now since the re are onl y checkbox es in the form
	253	$mailbox_s ettings = $this->use rsettingsm odel->get_ mailbox_se ttings_by_ applicatio n($mailbox _id, $id)- >result();
	254	foreach($m ailbox_set tings as $ setting) {
	255	$w eb_service _authorize d = $this- >input->po st('ws'.$s etting->id ,TRUE);
	256
	257	if ($this->us ersettings model->sav e_applicat ion_web_se rvice_acce ss_by_sett ing_id($se tting->id, $web_serv ice_author ized)) {
	258	$mes sage = 'We b service access of the applic ation "'.$ app->name. '" has bee n saved su ccessfully .';
	259	$thi s->eventlo g->create_ event(2, $ id, 3, $cu r_user_id, "Edit web service a ccess of t he applica tion", tim e(), 1);
	260	}
	261	el se {
	262	$err or_message = 'Web se rvice acce ss of the applicatio n "'.$app- >name.'" f ailed to s ave.';
	263	$thi s->eventlo g->create_ event(2, $ id, 3, $cu r_user_id, "Edit web service a ccess of t he applica tion", tim e(), 0);
	264	}
	265	}
	266	}
	267	//if no applicatio n exists i n the data base retur n to the e dit screen
	268	else {
	269	$this->ses sion->set_ flashdata( 'error_mes sage', 'No applicati on exists for id '.$ id.'. Plea se select another ap plication to edit.') ;
	270	redirect(' user_setti ngs/applic ation_list ');
	271	}
	272	}
	273	$this- >session-> set_flashd ata('succe ss_message ',$message );
	274	if(iss et($error_ message)) { $this->s ession->se t_flashdat a('error_m essage',$e rror_messa ge); }
	275
	276	if($ma ilbox_name ) {
	277	redirect ('administ ration/man age_groups /applicati on_list/' . $mailbox _name);
	278	}
	279	else {
	280	redirect ('user_set tings/appl ication_li st');
	281	}
	282	}
	283	else { show_er ror('Forbi dden', 403 ); }
	284	}
	285
	286	/*
	287	* This func tion loads the edit account vi ew and pro vides the data for t he current user
	288	* /
	289	/ /todo - th is view do esn't relo ad the $_P OST values when ther e are form validatio n errors - not confo rming to b est practi ces, need to fix at some point -- MG 201 6-06-10
	290	pu blic funct ion accoun t_edit() {
	291	$dat a['title'] = 'Direct API: Edit Account';
	292	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	293
	294	//ge t user id from sessi on to get permission s
	295	$dat a['show'] = $this->s how;
	296	$dat a['admin_s how'] = $t his->permi ssions->se t_admin_ac cess_from_ permission s($this->a ccount_per missions);
	297	$dat a['user'] = $this->u sersmodel- >get_user( $this->use r->id);
	298
	299	//ge t faciliti y list and the facil ity associ ated with the user i f any
	300	$dat a['facilit y_select'] = $this-> usersettin gsmodel->g et_facilit y_id_in_ma ilbox($dat a['user']- >username, false);
	301	$dat a['facilit ies'] = $t his->facil itymodel-> get_facili ties(true) ->result() ;
	302
	303	//gr ab flash d ata to dis play to th e user
	304	if(! empty($thi s->session ->flashdat a('message '))) { $da ta['messag e'] = $thi s->session ->flashdat a('message '); }
	305	if(! empty($thi s->session ->flashdat a('error_m essage'))) { $data[' error_mess age'] = $t his->sessi on->flashd ata('error _message') ; }
	306	if(! empty($thi s->session ->flashdat a('success _message') )) { $data ['success_ message'] = $this->s ession->fl ashdata('s uccess_mes sage'); }
	307
	308	//va lidate for m data, if this form has been submitted
	309	if(! empty($_PO ST)){
	310	$this- >load->lib rary('form _validatio n');
	311	$this- >form_vali dation->se t_rules('f irst_name' ,'First Na me','requi red');
	312	$this- >form_vali dation->se t_rules('l ast_name', 'Last Name ','require d');
	313	$this- >form_vali dation->se t_rules('f acility_se lect','Fac ility','re quired\|num eric\|valid _facility' , array('n umeric' => 'The Faci lity field is invali d.'));
	314	$this- >form_vali dation->se t_rules('e xt_mail',' Email','re quired\|va_ email');
	315	$this- >form_vali dation->se t_rules('t elephone', 'Telephone ','validat e_phone');
	316	$this- >form_vali dation->se t_rules('m obile','Mo bile','val idate_phon e');
	317	if($th is->form_v alidation- >run())
	318	return $ this->acco unt_edit_s ave();
	319
	320	$data[ 'error_mes sage'] = v alidation_ errors();
	321	}
	322
	323	$thi s->load->v iew('api/u ser_settin gs/account _edit', $d ata);
	324	}
	325
	326	/* Save acco unt data f rom accoun t edit for m
	327	* /
	328	pr otected fu nction acc ount_edit_ save() {
	329
	330	//ge t user id from sessi on to get permission s
	331	$app _id = $thi s->input-> post('app_ id',TRUE);
	332	$fac _id = $thi s->input-> post('faci lity_selec t',TRUE);
	333
	334	$fir st = $this ->input->p ost('first _name', TR UE);
	335	$mid dle = $thi s->input-> post('midd le_name', TRUE);
	336	$las t = $this- >input->po st('last_n ame', TRUE );
	337	$ext _mail = $t his->input ->post('ex t_mail', T RUE);
	338	$tit le = $this ->input->p ost('title ', TRUE);
	339	$dep artment = $this->inp ut->post(' department ', TRUE);
	340	$org anization = $this->i nput->post ('organiza tion', TRU E);
	341	$tel ephone = $ this->inpu t->post('t elephone', TRUE);
	342	$mob ile = $thi s->input-> post('mobi le', TRUE) ;
	343	$loc ation = $t his->input ->post('lo cation', T RUE);
	344	$use r_id = $th is->user-> id;
	345	$fac ility_id = $this->in put->post( 'facility_ select', T RUE);
	346
	347	$use rname = $t his->user- >username;
	348	$att ributes = array(
	349	'cn' => $first . ' ' . $last ,
	350	'givenNa me' => $fi rst,
	351	'initial s' => $mid dle,
	352	'sn' => $last,
	353	'title' => $title,
	354	'departm entNumber' => $depar tment,
	355	'o' => $ organizati on,
	356	'telepho neNumber' => $teleph one,
	357	'mobile' => $mobil e,
	358	'physica lDeliveryO fficeName' => $locat ion,
	359	'facilit y_select' => $facili ty_id
	360	);
	361	//se t optional attribute s / attrib utes that depend on optional a ttributes
	362	$att ributes['d isplayName '] = $last .', '.$fir st;
	363	if(i sset($midd le) && !em pty(trim($ middle))) {
	364	$attri butes['ini tials'] = $middle;
	365	$attri butes['dis playName'] .= ' '.$m iddle;
	366	}
	367
	368	$res ult = $thi s->usersmo del->updat e_user($us er_id,$ext _mail,$fac ility_id,$ attributes );
	369
	370	if(! $result \|\| in_array( FALSE,$res ult)) {
	371	$this- >session-> set_flashd ata('error _message', 'Account i nformation failed to saved pro perly.');
	372	$this- >eventlog- >create_ev ent( 3, $u ser_id, 3, $this->us er->id, "E dit user", time(), 0 );
	373	}
	374	else {
	375	$this- >session-> set_flashd ata('succe ss_message ','Account informati on saved.' ); $this- >eventlog- >create_ev ent( 3, $u ser_id, 3 ,$this->us er->id, "E dit user", time(), 1 );
	376	}
	377
	378	redi rect('user _settings/ account_ed it/');
	379	}
	380
	381
	382	/* --------- ---------- ---------- ---------- -*
	383	* PREVIOUS LY ON THE AUTHORIZE CONTROLLER
	384	* --------- ---------- ---------- ---------- ---*/
	385
	386	pu blic funct ion edit_w ebservice_ permission ($applicat ion_id=nul l, $mailbo x_name=nul l, $redire ct_url=nul l){
	387	$use r = User:: find_from_ session();
	388	if(! User::is_a n_entity($ user) \|\| ! $user->is_ active())
	389	show_e rror(401); //unautho rized acce ss
	390
	391	//ve rify that the applic ation exis ts
	392	if(i s_null($ap plication_ id)) $appl ication_id = $this-> input->get ('id');
	393	if(! Applicatio n::formatt ed_like_an _id($appli cation_id) ) show_404 ();
	394	$app lication = Applicati on::find_o ne($applic ation_id);
	395	if(! Applicatio n::is_an_e ntity($app lication)) show_404( );
	396
	397	//ve rify that the mailbo x exists a nd that th e user has access to it
	398	if(i s_null($ma ilbox_name )) $mailbo x_name = $ this->inpu t->get('ma ilbox_name ');
	399	if(e mpty($mail box_name))
	400	$mailb ox = $user ->mailbox; //okay to default t o logged i n user's m ailbox if needed
	401	else {
	402	$mailb ox = Mailb ox::find_o ne(array(' name' => $ mailbox_na me));
	403	if(!Ma ilbox::is_ an_entity( $mailbox)) show_404( );
	404	if(!$u ser->has_a ccess_to_m ailbox($ma ilbox)){
	405	$service _error_mes sage = '<p >The '.mai lto($appli cation->po c_email, $ applicatio n->name).' </strong> applicatio n is reque sting auth orization to Direct Services ' .
	406	' in order t o access t he '.mailt o($mailbox ->email_ad dress()).' mailbox o n your beh alf. Howe ver, you c annot gran t this '.
	407	' permission because t he account that you are logged in as ('. mailto($us er->email_ address()) .') does n ot have ac cess to th is mailbox .</p>'.
	408	' <p>If you believe th is message to be in error, ple ase contac t the admi nistrator for assist ance.</p>' ;
	409
	410	return $ this->load ->view('ap i/authoriz e/edit_web service_pe rmission', compact(' applicatio n', 'servi ce_error_m essage', ' mailbox', 'user'));
	411	}
	412	}
	413
	414	//ve rify that the redire ct url exi sts
	415	if(i s_null($re direct_url )) $redire ct_url = $ this->inpu t->get('re direct_url ');
	416	if(! empty($red irect_url) ) $redirec t_url = ba se64_decod e(rawurlde code($redi rect_url)) ;
	417	if(! $this->is- >string_li ke_a_url($ redirect_u rl)){
	418	$this- >error->sh ould_be_a_ url($redir ect_url);
	419	$redir ect_url = '';
	420	}
	421
	422	//fi nd the ser vice permi ssions for this user
	423	Serv ice_permis sion::set_ up_service _join();
	424	$ser vice_permi ssions = $ mailbox->s ervice_per missions(a rray('appl ication_id ' => $appl ication->i d));
	425
	426	if(! empty($_PO ST)){
	427	$succe ss = true;
	428	$permi ssions_to_ save = ele ment('serv ice_permis sions', $_ POST, arra y());
	429	foreac h($service _permissio ns as $ser vice_permi ssion){
	430	$service _permissio n->authori zed = (boo l)element( $service_p ermission- >name, $pe rmissions_ to_save);
	431	$success = $servic e_permissi on->save() && $succe ss;
	432	}
	433
	434	if(!$s uccess)
	435	$error_m essage = ' <strong>An error occ urred and your chang es were no t saved.</ strong>&nb sp; Please try again in a mome nt, and co ntact an a dministrat or if the problem pe rsists.';
	436	else{
	437	$success _message = '<strong> Success!</ strong>&nb sp; Your changes ha ve been sa ved.';
	438
	439	if(!empt y($redirec t_url))
	440	redirect($ redirect_u rl);
	441
	442	//refres h the serv ice permis sions if s uccess - n ote that n ormal save () method doesn't re fresh all the fields that we g et from th e join
	443	Service_ permission ::set_up_s ervice_joi n();
	444	$service _permissio ns = $mail box->servi ce_permiss ions(array ('applicat ion_id' => $applicat ion->id));
	445
	446	}
	447	}
	448
	449	$thi s->load->v iew('api/a uthorize/e dit_webser vice_permi ssion', co mpact('app lication', 'mailbox' , 'redirec t_url', 's ervice_per missions', 'user'));
	450	}
	451
	452	pr ivate func tion can_e dit_group( $group_nam e) {
	453	if($ this->has_ access('ma nage_group s_all')) { return; }
	454	else if($this- >has_acces s('manage_ groups_lea d')){
	455	if(!$t his->group smodel->us er_is_memb er($group_ name,$this ->user->dn ())){ show _404(); }
	456	else { return; }
	457	}
	458	else { show_40 4(); }
	459	}
	460
	461	/* // this metho d existed on multipl e controll ers - move d this to the form v alidation library ex tension to avoid dup licate cod e -- MG 20 14-05-22
	462	/*
	463	pu blic funct ion va_ema il($email) {
	464	// 2017-06-30 - Myke Ca rter - Apo strophe ad ded to acc ommodate u sers with apostrophe s in their names and /or extern al email a ddresses
	465	$val id = (preg _match("/^ ([a-z0-9\' \+_\-]+)(\ .[a-z0-9\' \+_\-]+)@ +((.(\.va \.gov))\|va \.gov)$/ix ", $email) ) ? TRUE : FALSE;
	466	if($ valid) { r eturn TRUE ; }
	467	$this->for m_validati on->set_me ssage('va_ email', 'T he %s fiel d must con tain a val id DOMAIN . EXT email add ress.');
	468	retu rn FALSE;
	469	} */
	470	}