1. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 4/5/2017 4:21:38 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

1.1 Files compared

#	Location	File	Last Modified
1	C:\working_scrub\Unredacted\Direct Code Base\DSM_Bld2_Source_Code_CIF_2017-02-14\api_build02-sprint01\application\controllers\admin	User_settings.php	Fri Feb 3 00:42:28 2017 UTC
2	eHX-CIF.zip\eHX-CIF\Direct Code Base\DSM_Bld2_Source_Code_CIF_2017-02-14\api_build02-sprint01\application\controllers\admin	User_settings.php	Mon Apr 3 13:53:07 2017 UTC

1.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	922
Changed	1	2
Inserted	0	0
Removed	0	0

1.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

1.4 Active regular expressions

No regular expressions were active.

1.5 Comparison detail

	1	<?php defi ned('BASEP ATH') OR e xit('No di rect scrip t access a llowed');
	2
	3	/**
	4	* @package direct-as -a-service
	5	* @subpack age contro llers
	6	//* */
	7
	8	// This ca n be remov ed if you use Modula r Extensio ns
	9	require_on ce APPPATH .'controll ers/admin/ admin_cont roller.php ';
	10	require_on ce APPPATH .'librarie s/REST_Con troller.ph p';
	11	require_on ce APPPATH .'third_pa rty/Pagina tor.php';
	12
	13	/**
	14	* @package direct-as -a-service
	15	* @subpack age contro llers
	16	*/
	17	class User _Settings extends Ad min_contro ller{
	18
	19	pu blic funct ion __cons truct(){
	20	pare nt::__cons truct();
	21	requ ire_models ('applicat ion', 'ser vice_permi ssion');
	22	}
	23
	24
	25
	26	/* --------- ---------- ---------- *
	27	* USER_SET TINGS TAB FUNCTIONS *
	28	* --------- ---------- ---------- */
	29	pu blic funct ion index( ) {
	30	//ge t user id from sessi on to get permission s
	31	$per missions = $this->ac count_perm issions;
	32	$sho w = $this- >show;
	33
	34	if(i sset($show ['user_set tings']) & & $show['u ser_settin gs']) { $t his->appli cation_lis t(); }
	35	else { redirec t('onboard ing'); }
	36	}
	37
	38	/*
	39	* Edit page for web s ervice acc ess.
	40	* for users when $gro up_name is null
	41	* /
	42	pu blic funct ion webser vice_acces s_edit($ma ilbox_name = null, $ app_id = n ull, $acti ve_cur_pag e = null, $active_it ems_per_pa ge = null,
	43	$pendi ng_cur_pag e = null, $pending_i tems_per_p age = null , $denied_ cur_page = null, $de nied_items _per_page = null)
	44	{
	45	//se t current page and i tems per p age on the sub-tabs
	46	$dat a['active_ cur_page'] = $active _cur_page;
	47	$dat a['active_ items_per_ page'] = $ active_ite ms_per_pag e;
	48
	49	if(i s_null($ap p_id)) { r eturn $thi s->applica tion_list( ); } //if no id is s et, go bac k to appli cation lis t
	50	$dat a['title'] = 'Direct API: Appl ication We b Service Access Edi t';
	51	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	52
	53	//ge t current user id fr om session to get pe rmissions
	54	$use r_id = $th is->user-> id();
	55	$per missions = $this->ac count_perm issions;
	56	$dat a['show'] = $this->s how;
	57	$dat a['api_adm ins'] = $p ermissions ['API']['a dmins'];
	58	$app _permissio n = false;
	59	$dat a['app_per mission'] = $app_pe rmission = isset($pe rmissions[ 'Applicati on'][$app_ id]) &&
	60	($per missions[' Applicatio n'][$app_i d][LDAP_AP PLICATION_ USER_GROUP _NAME] \|\|
	61	$per missions[' Applicatio n'][$app_i d][LDAP_AP PLICATION_ ADMIN_GROU P_NAME]);
	62
	63	//ma ilbox_sett ings_setup must happ en before get_mailbo x_settings _by_applic ation
	64	if(e mpty($mail box_name) \|\| $mailbo x_name === 'null') { $mailbox_ name = $th is->user-> username; }
	65	$mai lbox = $th is->userse ttingsmode l->get_mai lbox_by_na me($mailbo x_name);
	66	$mai lbox_id = $mailbox-> id;
	67	$thi s->userset tingsmodel ->mailbox_ settings_s etup($mail box_id, $a pp_id, 'ad d');
	68	$dat a['mailbox _settings' ] = $this- >usersetti ngsmodel-> get_mailbo x_settings _by_applic ation($mai lbox_id, $ app_id)->r esult();
	69
	70	if($ permission s['API'][' admins'] \| \| $app_per mission) {
	71	if (is set($app_i d) && is_n umeric($ap p_id)){ // make sure its a vali d id
	72	$app = $ this->appl icationmod el->get_ap plication( $app_id)-> result();
	73	if($app) { //if th ere is a r esult, loa d the view
	74	$data['app '] = $app[ 0];
	75	$data['web _services' ] = $this- >usersetti ngsmodel-> get_web_se rvices()-> result();
	76	}
	77	else { s how_404(); } //if no t valid id or no res ult, show 404
	78	}
	79	else { show_404( ); }
	80
	81	if($th is->user-> username ! == $mailbo x->name) {
	82	$data['m ailbox_nam e'] = $mai lbox->name ;
	83	$data['v iew'] = 'w ebservice_ access_edi t';
	84	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	85	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	86	if($mail box->is_gr oup) {
	87	$data['tit le'] = 'Di rect API: Authorized Applicati on List fo r Group';
	88	//get user id from s ession to get permis sions
	89	$this->loa d->view('a pi/adminis tration/ma nage_group s', $data) ;
	90	}
	91	else {
	92	$data['tit le'] = 'Di rect API: Authorized Applicati on List fo r Account' ;
	93	//get user id from s ession to get permis sions
	94	$this->loa d->view('a pi/adminis tration/ma nage_accou nts', $dat a);
	95	}
	96	}
	97	else i f($data['s how']['use r_settings ']) {
	98	$this->l oad->view( 'api/user_ settings/w ebservice_ access_edi t', $data) ;
	99	}
	100	else { show_err or('Forbid den',403); }
	101	}
	102	else { show_e rror('Forb idden',403 ); }
	103	}
	104
	105	/*
	106	* loads the applicati on list vi ew for the applicati on user.
	107	* /
	108	pu blic funct ion applic ation_list ($name = n ull)
	109	{
	110	$dat a['title'] = 'Direct API: Auth orized App lication L ist';
	111	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	112
	113	//gr ab flash d ata to dis play to th e user
	114	if(! empty($thi s->session ->flashdat a('message '))) { $da ta['messag e'] = $thi s->session ->flashdat a('message '); }
	115	if(! empty($thi s->session ->flashdat a('error_m essage'))) { $data[' error_mess age'] = $t his->sessi on->flashd ata('error _message') ; }
	116	if(! empty($thi s->session ->flashdat a('success _message') )) { $data ['success_ message'] = $this->s ession->fl ashdata('s uccess_mes sage'); }
	117
	118	$mai lbox = $th is->userse ttingsmode l->get_mai lbox_by_na me($name);
	119
	120	//ge t current user id fr om session to get pe rmissions
	121	$use r_id = $th is->user-> id();
	122	$dat a['user_id '] = $user _id;
	123	$per missions = $this->ac count_perm issions;
	124	$dat a['show'] = $this->s how;
	125
	126	$app lication_l ist = arra y();
	127	if($ mailbox && $name !== $this->us er->userna me) {
	128	if($pe rmissions[ 'API']['ad mins']) {
	129	//if thi s is for g roup
	130	if($mail box->is_gr oup) {
	131	$this->can _edit_grou p($mailbox ->name);
	132	$group = $ this->grou psmodel->g et_group_f rom_groupn ame($mailb ox->name);
	133	if(count($ group) === 0){
	134	$g roup = $th is->groups model->get _group_fro m_groupnam e($mailbox ->name, fa lse);
	135	}
	136	$applicati on_names = $group[0] ['applicat ions'];
	137	$data['gro up'] = $gr oup[0];
	138	$group_app _access = array();
	139	foreach($a pplication _names as $name) {
	140	$a pp_id = $t his->appli cationmode l->get_app lication_i d_by_name( $name);
	141	ar ray_push($ group_app_ access, $a pp_id);
	142	}
	143	$applicati on_list = $this->app licationmo del->get_a pplication s($group_a pp_access) ;
	144	$applicati on_list_si ze = $this ->applicat ionmodel-> get_app_li st_size($g roup_app_a ccess);
	145	}
	146	else {
	147	//get mail box user i d from ses sion to ge t permissi ons
	148	$user = Us er::find_o ne(array(' username' => $mailbo x->name));
	149	$user_perm issions = $user->per missions;
	150	$data['acc ount'] = $ user;
	151	$app_acces s = $this- >permissio ns->get_ap plication_ permission ($user_per missions, 'users');
	152	if(!empty( $app_acces s)) {
	153	$a pplication _list = $t his->appli cationmode l->get_app lications( $app_acces s);
	154	$a pplication _list_size = $this-> applicatio nmodel->ge t_app_list _size($app _access);
	155	}
	156	else {
	157	$a pplication _list = ar ray();
	158	$a pplication _list_size = 0;
	159	}
	160	}
	161	}
	162	}
	163	else {
	164	//grab a list of applicati ons the us er has acc ess to
	165	$app_a ccess = $t his->permi ssions->ge t_applicat ion_permis sion($perm issions, ' users');
	166	//if y ou have ap ps that yo u have acc ess too
	167	if (is set($app_a ccess) && count($app _access) > 0){
	168	$applica tion_list = $this->a pplication model->get _applicati ons($app_a ccess);
	169	$applica tion_list_ size = $th is->applic ationmodel ->get_app_ list_size( $app_acces s);
	170	}
	171	else{
	172	//if cur rent user has no app access se nd empty r esult
	173	$applica tion_list = array();
	174	$applica tion_list_ size = 0;
	175	}
	176	}
	177
	178	//th e active a pplication s list
	179	if($ applicatio n_list) { $data['ac tive_list' ] = $appli cation_lis t->result( ); }
	180	else { $data[ 'active_li st'] = arr ay(); }
	181
	182	if(i sset($_POS T['prefix' ])) { $dat a['anchor' ] = $_POST ['prefix'] . 'link'; }
	183
	184	//de termine wh ich view t o display
	185	if($ mailbox && $name !== $this->us er->userna me) {
	186	if($ma ilbox && $ mailbox->i s_group) {
	187	$data['t itle'] = ' Direct API : Authoriz ed Applica tion List for Group' ;
	188	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	189	//get us er id from session t o get perm issions
	190	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	191	$data['v iew'] = 'a pplication _list';
	192	$this->l oad->view( 'api/admin istration/ manage_gro ups', $dat a);
	193	}
	194	else {
	195	$data['t itle'] = ' Direct API : Authoriz ed Applica tion List for Accoun t';
	196	$data['a ctive_tab' ] = array( 'administr ation'=>tr ue);
	197	//get us er id from session t o get perm issions
	198	$data['a dmin_show' ] = $this- >permissio ns->set_ad min_access _from_perm issions($p ermissions );
	199	$data['v iew'] = 'a pplication _list';
	200	$this->l oad->view( 'api/admin istration/ manage_acc ounts', $d ata);
	201	}
	202	}
	203	else {
	204	$this- >load->vie w('api/use r_settings /applicati on_list', $data);
	205	}
	206	}
	207
	208	/*
	209	* Handles t he storing of values for web s ervice acc ess into t he databas e.
	210	*/
	211	pu blic funct ion webser vice_acces s_save(){
	212	$thi s->load->l ibrary('fo rm_validat ion');
	213
	214	//pu sh back th e page num ber and it ems per pa ge from th e attempt to edit an applicati on
	215	$thi s->session ->set_flas hdata('act ive_page_s elect_from _applicati on_save',$ this->inpu t->post('a ctive_page _select_fr om_applica tion_save' ,TRUE));
	216	$thi s->session ->set_flas hdata('act ive_items_ per_page_f rom_applic ation_save ',$this->i nput->post ('active_i tems_per_p age_from_a pplication _save',TRU E));
	217
	218	//re trieve the applicati on id
	219	$id = $this->i nput->post ('app_id', TRUE);
	220	$mai lbox_name = $this->i nput->post ('mailbox_ name',TRUE );
	221
	222	//if a mailbox is not in cluded in the post d ata, assum e it's for the curre nt user
	223	#TOD O: This sh ould be re factored i nto a bett er system that has o ne view te mplate for this and deals with everythin g the same way
	224	if(e mpty($mail box_name) \|\| $mailbo x_name === FALSE) { $mailbox_n ame = $thi s->user->u sername; }
	225
	226	//us e permissi ons to det ermine whe ther to al low functi on call at all
	227	$cur _user_id = $this->us er->id();
	228	$per missions = $this->ac count_perm issions;
	229	$mes sage = '';
	230	if($ permission s['API'][' admins'] \| \| isset($p ermissions ['Applicat ion'][$id] )) {
	231	//test if the id has been passed and if it is a valid nu mber
	232	if(emp ty($id) \|\| !$this->i s->nonzero _unsigned_ integer($i d)){
	233	$this->s ession->se t_flashdat a('error_m essage', ' No applica tion id sp ecified. T o request a new appl ication pl ease follo w the link on the on boarding t ab.');
	234	redirect ('user_set tings/appl ication_li st');
	235	}
	236	else {
	237	//retrie ve the app lication f rom the da tabase fro m its id
	238	$app_arr = $this-> applicatio nmodel->ge t_applicat ion($id)-> result();
	239	//if the applicati on exists
	240	if($app_ arr) {
	241	$app = $ap p_arr[0];
	242	$mailbox = $this->us ersettings model->get _mailbox_b y_name($ma ilbox_name );
	243	$mailbox_i d = $mailb ox->id;
	244
	245	//no valid ation need ed for now since the re are onl y checkbox es in the form
	246	$mailbox_s ettings = $this->use rsettingsm odel->get_ mailbox_se ttings_by_ applicatio n($mailbox _id, $id)- >result();
	247	foreach($m ailbox_set tings as $ setting) {
	248	$w eb_service _authorize d = $this- >input->po st('ws'.$s etting->id ,TRUE);
	249
	250	if ($this->us ersettings model->sav e_applicat ion_web_se rvice_acce ss_by_sett ing_id($se tting->id, $web_serv ice_author ized)) {
	251	$mes sage = 'We b service access of the applic ation "'.$ app->name. '" has bee n saved su ccessfully .';
	252	$thi s->eventlo g->create_ event(2, $ id, 3, $cu r_user_id, "Edit web service a ccess of t he applica tion", tim e(), 1);
	253	}
	254	el se {
	255	$err or_message = 'Web se rvice acce ss of the applicatio n "'.$app- >name.'" f ailed to s ave.';
	256	$thi s->eventlo g->create_ event(2, $ id, 3, $cu r_user_id, "Edit web service a ccess of t he applica tion", tim e(), 0);
	257	}
	258	}
	259	}
	260	//if no applicatio n exists i n the data base retur n to the e dit screen
	261	else {
	262	$this->ses sion->set_ flashdata( 'error_mes sage', 'No applicati on exists for id '.$ id.'. Plea se select another ap plication to edit.') ;
	263	redirect(' user_setti ngs/applic ation_list ');
	264	}
	265	}
	266	$this- >session-> set_flashd ata('succe ss_message ',$message );
	267	if(iss et($error_ message)) { $this->s ession->se t_flashdat a('error_m essage',$e rror_messa ge); }
	268
	269	if($ma ilbox_name ) {
	270	redirect ('administ ration/man age_groups /applicati on_list/' . $mailbox _name);
	271	}
	272	else {
	273	redirect ('user_set tings/appl ication_li st');
	274	}
	275	}
	276	else { show_er ror('Forbi dden', 403 ); }
	277	}
	278
	279	/*
	280	* This func tion loads the edit account vi ew and pro vides the data for t he current user
	281	* /
	282	/ /todo - th is view do esn't relo ad the $_P OST values when ther e are form validatio n errors - not confo rming to b est practi ces, need to fix at some point -- MG 201 6-06-10
	283	pu blic funct ion accoun t_edit() {
	284	$dat a['title'] = 'Direct API: Edit Account';
	285	$dat a['active_ tab'] = ar ray('user_ settings'= >true);
	286
	287	//ge t user id from sessi on to get permission s
	288	$dat a['show'] = $this->s how;
	289	$dat a['admin_s how'] = $t his->permi ssions->se t_admin_ac cess_from_ permission s($this->a ccount_per missions);
	290	$dat a['user'] = $this->u sersmodel- >get_user( $this->use r->id);
	291
	292	//ge t faciliti y list and the facil ity associ ated with the user i f any
	293	$dat a['facilit y_select'] = $this-> usersettin gsmodel->g et_facilit y_id_in_ma ilbox($dat a['user']- >username, false);
	294	$dat a['facilit ies'] = $t his->facil itymodel-> get_facili ties(true) ->result() ;
	295
	296	//gr ab flash d ata to dis play to th e user
	297	if(! empty($thi s->session ->flashdat a('message '))) { $da ta['messag e'] = $thi s->session ->flashdat a('message '); }
	298	if(! empty($thi s->session ->flashdat a('error_m essage'))) { $data[' error_mess age'] = $t his->sessi on->flashd ata('error _message') ; }
	299	if(! empty($thi s->session ->flashdat a('success _message') )) { $data ['success_ message'] = $this->s ession->fl ashdata('s uccess_mes sage'); }
	300
	301	//va lidate for m data, if this form has been submitted
	302	if(! empty($_PO ST)){
	303	$this- >load->lib rary('form _validatio n');
	304	$this- >form_vali dation->se t_rules('f irst_name' ,'First Na me','requi red');
	305	$this- >form_vali dation->se t_rules('l ast_name', 'Last Name ','require d');
	306	$this- >form_vali dation->se t_rules('f acility_se lect','Fac ility','re quired\|val id_facilit y');
	307	$this- >form_vali dation->se t_rules('e xt_mail',' Email','re quired\|va_ email');
	308	$this- >form_vali dation->se t_rules('t elephone', 'Telephone ','validat e_phone');
	309	$this- >form_vali dation->se t_rules('m obile','Mo bile','val idate_phon e');
	310	if($th is->form_v alidation- >run())
	311	return $ this->acco unt_edit_s ave();
	312
	313	$data[ 'error_mes sage'] = v alidation_ errors();
	314	}
	315
	316	$thi s->load->v iew('api/u ser_settin gs/account _edit', $d ata);
	317	}
	318
	319	/* Save acco unt data f rom accoun t edit for m
	320	* /
	321	pr otected fu nction acc ount_edit_ save() {
	322
	323	//ge t user id from sessi on to get permission s
	324	$app _id = $thi s->input-> post('app_ id',TRUE);
	325	$fac _id = $thi s->input-> post('faci lity_selec t',TRUE);
	326
	327	$fir st = $this ->input->p ost('first _name', TR UE);
	328	$mid dle = $thi s->input-> post('midd le_name', TRUE);
	329	$las t = $this- >input->po st('last_n ame', TRUE );
	330	$ext _mail = $t his->input ->post('ex t_mail', T RUE);
	331	$tit le = $this ->input->p ost('title ', TRUE);
	332	$dep artment = $this->inp ut->post(' department ', TRUE);
	333	$org anization = $this->i nput->post ('organiza tion', TRU E);
	334	$tel ephone = $ this->inpu t->post('t elephone', TRUE);
	335	$mob ile = $thi s->input-> post('mobi le', TRUE) ;
	336	$loc ation = $t his->input ->post('lo cation', T RUE);
	337	$use r_id = $th is->user-> id;
	338	$fac ility_id = $this->in put->post( 'facility_ select', T RUE);
	339
	340	$use rname = $t his->user- >username;
	341	$att ributes = array(
	342	'cn' => $first . ' ' . $last ,
	343	'givenNa me' => $fi rst,
	344	'initial s' => $mid dle,
	345	'sn' => $last,
	346	'title' => $title,
	347	'departm entNumber' => $depar tment,
	348	'o' => $ organizati on,
	349	'telepho neNumber' => $teleph one,
	350	'mobile' => $mobil e,
	351	'physica lDeliveryO fficeName' => $locat ion,
	352	'facilit y_select' => $facili ty_id
	353	);
	354	//se t optional attribute s / attrib utes that depend on optional a ttributes
	355	$att ributes['d isplayName '] = $last .', '.$fir st;
	356	if(i sset($midd le) && !em pty(trim($ middle))) {
	357	$attri butes['ini tials'] = $middle;
	358	$attri butes['dis playName'] .= ' '.$m iddle;
	359	}
	360
	361	$res ult = $thi s->usersmo del->updat e_user($us er_id,$ext _mail,$fac ility_id,$ attributes );
	362
	363	if(! $result \|\| in_array( FALSE,$res ult)) {
	364	$this- >session-> set_flashd ata('error _message', 'Account i nformation failed to saved pro perly.');
	365	$this- >eventlog- >create_ev ent( 3, $u ser_id, 3, $this->us er->id, "E dit user", time(), 0 );
	366	}
	367	else {
	368	$this- >session-> set_flashd ata('succe ss_message ','Account informati on saved.' ); $this- >eventlog- >create_ev ent( 3, $u ser_id, 3 ,$this->us er->id, "E dit user", time(), 1 );
	369	}
	370
	371	redi rect('user _settings/ account_ed it/');
	372	}
	373
	374
	375	/* --------- ---------- ---------- ---------- -*
	376	* PREVIOUS LY ON THE AUTHORIZE CONTROLLER
	377	* --------- ---------- ---------- ---------- ---*/
	378
	379	pu blic funct ion edit_w ebservice_ permission ($applicat ion_id=nul l, $mailbo x_name=nul l, $redire ct_url=nul l){
	380	$use r = User:: find_from_ session();
	381	if(! User::is_a n_entity($ user) \|\| ! $user->is_ active())
	382	show_e rror(401); //unautho rized acce ss
	383
	384	//ve rify that the applic ation exis ts
	385	if(i s_null($ap plication_ id)) $appl ication_id = $this-> input->get ('id');
	386	if(! Applicatio n::formatt ed_like_an _id($appli cation_id) ) show_404 ();
	387	$app lication = Applicati on::find_o ne($applic ation_id);
	388	if(! Applicatio n::is_an_e ntity($app lication)) show_404( );
	389
	390	//ve rify that the mailbo x exists a nd that th e user has access to it
	391	if(i s_null($ma ilbox_name )) $mailbo x_name = $ this->inpu t->get('ma ilbox_name ');
	392	if(e mpty($mail box_name))
	393	$mailb ox = $user ->mailbox; //okay to default t o logged i n user's m ailbox if needed
	394	else {
	395	$mailb ox = Mailb ox::find_o ne(array(' name' => $ mailbox_na me));
	396	if(!Ma ilbox::is_ an_entity( $mailbox)) show_404( );
	397	if(!$u ser->has_a ccess_to_m ailbox($ma ilbox)){
	398	$service _error_mes sage = '<p >The '.mai lto($appli cation->po c_email, $ applicatio n->name).' </strong> applicatio n is reque sting auth orization to Direct Services ' .
	399	' in order t o access t he '.mailt o($mailbox ->email_ad dress()).' mailbox o n your beh alf. Howe ver, you c annot gran t this '.
	400	' permission because t he account that you are logged in as ('. mailto($us er->email_ address()) .') does n ot have ac cess to th is mailbox .</p>'.
	401	' <p>If you believe th is message to be in error, ple ase contac t the admi nistrator for assist ance.</p>' ;
	402
	403	return $ this->load ->view('ap i/authoriz e/edit_web service_pe rmission', compact(' applicatio n', 'servi ce_error_m essage', ' mailbox', 'user'));
	404	}
	405	}
	406
	407	//ve rify that the redire ct url exi sts
	408	if(i s_null($re direct_url )) $redire ct_url = $ this->inpu t->get('re direct_url ');
	409	if(! empty($red irect_url) ) $redirec t_url = ba se64_decod e(rawurlde code($redi rect_url)) ;
	410	if(! $this->is- >string_li ke_a_url($ redirect_u rl)){
	411	$this- >error->sh ould_be_a_ url($redir ect_url);
	412	$redir ect_url = '';
	413	}
	414
	415	//fi nd the ser vice permi ssions for this user
	416	Serv ice_permis sion::set_ up_service _join();
	417	$ser vice_permi ssions = $ mailbox->s ervice_per missions(a rray('appl ication_id ' => $appl ication->i d));
	418
	419	if(! empty($_PO ST)){
	420	$succe ss = true;
	421	$permi ssions_to_ save = ele ment('serv ice_permis sions', $_ POST, arra y());
	422	foreac h($service _permissio ns as $ser vice_permi ssion){
	423	$service _permissio n->authori zed = (boo l)element( $service_p ermission- >name, $pe rmissions_ to_save);
	424	$success = $servic e_permissi on->save() && $succe ss;
	425	}
	426
	427	if(!$s uccess)
	428	$error_m essage = ' <strong>An error occ urred and your chang es were no t saved.</ strong>&nb sp; Please try again in a mome nt, and co ntact an a dministrat or if the problem pe rsists.';
	429	else{
	430	$success _message = '<strong> Success!</ strong>&nb sp; Your changes ha ve been sa ved.';
	431
	432	if(!empt y($redirec t_url))
	433	redirect($ redirect_u rl);
	434
	435	//refres h the serv ice permis sions if s uccess - n ote that n ormal save () method doesn't re fresh all the fields that we g et from th e join
	436	Service_ permission ::set_up_s ervice_joi n();
	437	$service _permissio ns = $mail box->servi ce_permiss ions(array ('applicat ion_id' => $applicat ion->id));
	438
	439	}
	440	}
	441
	442	$thi s->load->v iew('api/a uthorize/e dit_webser vice_permi ssion', co mpact('app lication', 'mailbox' , 'redirec t_url', 's ervice_per missions', 'user'));
	443	}
	444
	445	pr ivate func tion can_e dit_group( $group_nam e) {
	446	if($ this->has_ access('ma nage_group s_all')) { return; }
	447	else if($this- >has_acces s('manage_ groups_lea d')){
	448	if(!$t his->group smodel->us er_is_memb er($group_ name,$this ->user->dn ())){ show _404(); }
	449	else { return; }
	450	}
	451	else { show_40 4(); }
	452	}
	453
	454	/* // this metho d existed on multipl e controll ers - move d this to the form v alidation library ex tension to avoid dup licate cod e -- MG 20 14-05-22
	455	/*
	456	pu blic funct ion va_ema il($email) {
	457	$val id = (preg _match("/^ ([a-z0-9\+ _\-]+)(\.[ a-z0-9\+_\ -]+)@+((. (\.va\.go v))\|va\.go v)$/ix", $ email)) ? TRUE : FAL SE;
	458	if($ valid) { r eturn TRUE ; }
	459	$this->for m_validati on->set_me ssage('va_ email', 'T he %s fiel d must con tain a val id DNS email addr ess.');
	460	retu rn FALSE;
	461	} */
	462	}