From b986a8637b57c5cd8b2c5722f29f9893aef3f04c Mon Sep 17 00:00:00 2001
From: Emily Sarneso <ecoff@sei.cmu.edu>
Date: Thu, 19 May 2022 11:14:10 -0400
Subject: [PATCH] Version 1.50.0: Contact Management redesign.

Fix CodeQL alerts 20220527 #96-102, using is_safe_url even when superfluous. Don't trust HTTP_REFERER header.

Upgrade dependencies

Redirect to the appropriate dashboard if bad link.

Add new workflow for MFA Requests.

Fix sort on vincecomm dashboard and case views by last post date, highlight cases with new posts.
---
 CHANGELOG.md                                  |   22 +
 bakery/static_views.py                        |    8 +-
 bigvince/settings_.py                         |    2 +-
 cogauth/forms.py                              |   15 +-
 cogauth/templates/cogauth/loginhelp.html      |   11 +-
 cogauth/templates/cogauth/profile.html        |    2 +-
 cogauth/templates/cogauth/resetmfa.html       |   22 +
 cogauth/templates/cogauth/signup.html         |    6 +
 cogauth/urls.py                               |    3 +-
 cogauth/utils.py                              |   18 +-
 cogauth/views.py                              |   72 +-
 kbworker/views.py                             |  161 ++-
 vince/admin.py                                |    4 +-
 vince/fixtures/EmailTemplate.json             |    2 +-
 vince/forms.py                                |   51 +-
 vince/lib.py                                  |   81 +-
 vince/migrations/0002_auto_20220719_1530.py   |   23 +
 vince/models.py                               |   12 +-
 vince/static/vince/css/style.css              |   17 +-
 vince/static/vince/js/case.js                 |   15 +
 vince/static/vince/js/contact.js              |   33 +
 vince/static/vince/js/contactverify.js        |   37 +-
 vince/static/vince/js/scontact.js             |  141 +-
 vince/static/vince/js/signup.js               |   11 +
 vince/static/vince/js/tickets.js              |    2 +-
 vince/static/vince/js/vinny_dashboard.js      |   18 +-
 vince/templates/vince/add_email_contact.html  |   49 +
 vince/templates/vince/case.html               |    2 +
 vince/templates/vince/case_summary.html       |    1 +
 vince/templates/vince/confirm_rm_email.html   |   25 +
 vince/templates/vince/contact.html            |  241 +++-
 vince/templates/vince/contact_report.html     |    7 +
 vince/templates/vince/contactsresults.html    |    2 +-
 vince/templates/vince/create_case.html        |    4 +-
 vince/templates/vince/edit_case.html          |    2 +-
 vince/templates/vince/editcontact.html        |   79 +-
 vince/templates/vince/editgroup.html          |   94 +-
 vince/templates/vince/group.html              |  169 +--
 .../vince/include/alt_contact_activity.html   |   81 ++
 vince/templates/vince/initcontactverify.html  |   16 +-
 vince/templates/vince/newcontact.html         |  458 +------
 vince/templates/vince/searchcontacts.html     |    5 +-
 vince/templates/vince/share_vulnote.html      |   12 +-
 vince/templates/vince/vincecomm_user.html     |    8 +-
 vince/templatetags/contact_tags.py            |   29 +
 vince/urls.py                                 |    8 +-
 vince/views.py                                | 1134 +++++++++++------
 vincepub/models.py                            |    2 +-
 vinceworker/views.py                          |   49 +-
 vinny/admin.py                                |    9 +-
 vinny/lib.py                                  |   26 +-
 vinny/migrations/0002_auto_20220719_1530.py   |   18 +
 vinny/models.py                               |   10 +-
 vinny/static/vinny/js/gadmin.js               |   12 +
 vinny/static/vinny/js/vinny.js                |    2 +-
 vinny/static/vinny/js/vinny_dashboard.js      |    2 +-
 vinny/templates/vinny/admin.html              |   49 +-
 vinny/templates/vinny/admin_users.html        |    4 +
 .../templates/vinny/confirm_email_change.html |   28 +
 vinny/templates/vinny/dashboard.html          |   27 +-
 vinny/templates/vinny/editcontact.html        |    6 +
 vinny/templates/vinny/include/cases.html      |   19 +-
 vinny/templates/vinny/include/dash_case.html  |    7 +-
 vinny/templates/vinny/post.html               |   17 +-
 vinny/templates/vinny/searchresults.html      |    5 +-
 vinny/templatetags/user_tags.py               |   18 +
 vinny/urls.py                                 |    1 +
 vinny/views.py                                |  183 ++-
 68 files changed, 2376 insertions(+), 1333 deletions(-)
 create mode 100644 cogauth/templates/cogauth/resetmfa.html
 create mode 100644 vince/migrations/0002_auto_20220719_1530.py
 create mode 100644 vince/templates/vince/add_email_contact.html
 create mode 100644 vince/templates/vince/confirm_rm_email.html
 create mode 100644 vince/templates/vince/include/alt_contact_activity.html
 create mode 100644 vinny/migrations/0002_auto_20220719_1530.py
 create mode 100644 vinny/templates/vinny/confirm_email_change.html

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8cc2a1c..33241ed 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,27 @@
 # VINCE Changelog
 
+# Version 1.50.0: 2022-07-19
+============================
+
+New MFA reset workflow
+
+Allow comments when re-assigning tickets
+
+Sorting improvements on VINCEComm Dashboard
+
+Add Vul Note download button in VINCETrack
+
+Bug Fixes
+
+# Version 1.49.0: 2022-07-19
+===========================
+
+Contact Management Updates
+
+Dependency Upgrades
+
+Bug Fixes
+
 # Version 1.48.0: 2022-05-13
 =============================
 
diff --git a/bakery/static_views.py b/bakery/static_views.py
index 77fd1b1..8b8cf20 100644
--- a/bakery/static_views.py
+++ b/bakery/static_views.py
@@ -14,7 +14,8 @@
 from django.http import HttpResponseNotModified
 from django.template import Template, Context, TemplateDoesNotExist
 from django.utils.http import http_date, parse_http_date
-
+from django.conf import settings
+from django.utils.http import is_same_domain, is_safe_url
 
 def serve(request, path, document_root=None, show_indexes=False, default=''):
     """
@@ -52,7 +53,10 @@ def serve(request, path, document_root=None, show_indexes=False, default=''):
             continue
         newpath = os.path.join(newpath, part).replace('\\', '/')
     if newpath and path != newpath:
-        return HttpResponseRedirect(newpath)
+        if is_safe_url(newpath,set(settings.ALLOWED_HOSTS),True):
+            return HttpResponseRedirect(newpath)
+        else:
+            raise Http404("Invalid or Incorrect path found")
     fullpath = os.path.join(document_root, newpath)
     if os.path.isdir(fullpath) and default:
         defaultpath = os.path.join(fullpath, default)
diff --git a/bigvince/settings_.py b/bigvince/settings_.py
index b8fcf83..eef0e43 100644
--- a/bigvince/settings_.py
+++ b/bigvince/settings_.py
@@ -56,7 +56,7 @@
 ROOT_DIR = environ.Path(__file__) - 3
 
 # any change that requires database migrations is a minor release
-VERSION = "1.48.0"
+VERSION = "1.50.0"
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/2.1/howto/deployment/checklist/
diff --git a/cogauth/forms.py b/cogauth/forms.py
index 46c15e0..ce8957b 100644
--- a/cogauth/forms.py
+++ b/cogauth/forms.py
@@ -83,6 +83,13 @@ class Meta:
             'countrycode': CountrySelectWidget()}
 
 
+class COGResetMFA(forms.Form):
+
+    reason = forms.CharField(
+        widget=forms.Textarea(),
+        label=_('Reason for MFA reset'))
+        
+        
 class COGInitialPWResetForm(forms.Form):
     username = forms.CharField(max_length=200, required=True, label=_("Email"))
 
@@ -260,9 +267,11 @@ class SignUpForm(UserCreationForm):
         required=False)
     email = forms.CharField(
         max_length=254,
+        widget=forms.TextInput(attrs={'autocomplete':'username'}),
         required=True,
-        help_text=_('This will be your login username. Please note that this field is CASE SENSITIVE.'),
+        help_text=_('This will be your personal login username. <b>This field is CASE SENSITIVE.</b><br/><b>PLEASE NOTE:</b> Each VINCE user account is intended to be tied to a specific individual. If you would like to use an alias (for example, <i>psirt@example.com</i>) to receive group notifications, please create your account here first, and once your individual account has been approved, you will have the opportunity to create a group, join an existing group, and otherwise manage the email addresses associated with your organization.'), 
         label="Email address")
+
     title = forms.CharField(
         max_length=200,
         required=False,
@@ -279,7 +288,7 @@ class SignUpForm(UserCreationForm):
     password1 = forms.CharField(
         max_length=50,
         required=True,
-        widget=forms.PasswordInput,
+        widget=forms.PasswordInput(attrs={'autocomplete':"new-password"}),
         label="New Password",
         help_text=_('Password Requirements:<ul>\
         <li>Minimum length is 8 characters</li>\
@@ -293,7 +302,7 @@ class SignUpForm(UserCreationForm):
     password2 = forms.CharField(
         max_length=50,
         required=True,
-        widget=forms.PasswordInput,
+        widget=forms.PasswordInput(attrs={'autocomplete':"new-password"}),
         label="Password confirmation",
         help_text=_('Enter the same password as before, for verification')
     )
diff --git a/cogauth/templates/cogauth/loginhelp.html b/cogauth/templates/cogauth/loginhelp.html
index 600b670..cfe6581 100644
--- a/cogauth/templates/cogauth/loginhelp.html
+++ b/cogauth/templates/cogauth/loginhelp.html
@@ -7,8 +7,17 @@
 
 {% block content %}
 
-<p>If you lost your multi-factor authentication (MFA) device, you will need to contact us at <a href="mailto:{{ CONTACT_EMAIL }}" ref="nofollow">{{ CONTACT_EMAIL }}</a> to reset your account.  </p>
+{% if showlink %}
+<p>If you lost your multi-factor authentication (MFA) device, you will need to initiate the MFA reset process.</p>
 
+<p><a href="{% url 'cogauth:resetmfa' %}" class="button expanded primary">Reset MFA</a></p>
+
+{% else %}
+<p>If you lost your multi-factor authentication (MFA) device, you can initiate the reset process with your username and password.  First <a href="{% url 'cogauth:login' %}">login</a> and then click the <b>Troubleshoot MFA</b> link.  You will be provided with further instructions to reset your MFA.  </p>
+<p>If you do not have your password, you can reset it <a href="{% url 'cogauth:init_password_reset' %}">here</a> and then attempt to reset your MFA.</p>
+<p>If you still need help, contact us at <a href="mailto:{{ CONTACT_EMAIL }}" ref="nofollow">{{ CONTACT_EMAIL }}</a>.
+</p>
+{% endif %}
 
 
 {% endblock %}
diff --git a/cogauth/templates/cogauth/profile.html b/cogauth/templates/cogauth/profile.html
index 202b01c..9ef28b0 100644
--- a/cogauth/templates/cogauth/profile.html
+++ b/cogauth/templates/cogauth/profile.html
@@ -75,7 +75,7 @@ <h3>{{ coguser.preferred_username }}</h3>
 	<td>{{ coguser.title }}</td>
       </tr>
       <tr>
-	<td>Vendor Groups:</td>
+	<td>User Groups:</td>
 	<td>{{ my_groups }}</td>
       </tr>
       <tr>
diff --git a/cogauth/templates/cogauth/resetmfa.html b/cogauth/templates/cogauth/resetmfa.html
new file mode 100644
index 0000000..c0313d4
--- /dev/null
+++ b/cogauth/templates/cogauth/resetmfa.html
@@ -0,0 +1,22 @@
+{% extends "vince/login.html" %}
+
+{% load i18n static %}
+
+{% block content_title %}<h3>VINCE MFA Reset</h3>{% endblock %}
+
+
+{% block content %}
+  <p>
+    Please let us know why you need us to reset your multi-factor authentication (MFA) device. To continue the reset, you must follow the directions in the email that will be sent to you upon submitting this form.  Once we receive confirmation, an analyst will reset the MFA associated with your account during business hours.</p>
+  <p>After the reset is complete, you will be prompted to re-associate your MFA device with your VINCE account upon logging in. 
+  </p>
+  <form action="." method="post" class="form">
+    {% csrf_token %}
+    {{ form }}
+    <input type="submit" class="primary button expanded search-button" value="Submit">
+  </form>
+  
+{% endblock %}
+
+
+
diff --git a/cogauth/templates/cogauth/signup.html b/cogauth/templates/cogauth/signup.html
index f8b3a5a..7c4652b 100644
--- a/cogauth/templates/cogauth/signup.html
+++ b/cogauth/templates/cogauth/signup.html
@@ -3,6 +3,8 @@
 
 {% block extrahead %}
 <script type="text/javascript" src="{% static 'vince/js/jquery.min.js' %}"></script>
+<script type="text/javascript" src="{% static 'vince/js/jquery.qtip.min.js' %}"></script>
+<link rel="stylesheet" type="text/css" href="{% static 'vince/css/jquery.qtip.min.css' %}" />
 <script type="text/javascript" src="{% static 'vince/js/signup.js' %}"></script>
 <script src="https://www.google.com/recaptcha/api.js"></script>
 {% endblock %}
@@ -13,6 +15,10 @@
 
 {% block content %}<div id="content-main">
 
+<span class="hidden" id="loginhelp">
+VINCE accounts are intended to be tied to a real person. If you would like to establish a group with multiple people (for example, <i>psirt@example.com</i>) and use an email list or alias for group notifications, please proceed with creating your individual account here, and once your account has been approved, you can request the creation of your group and manage the email addresses associated with your organization.
+</span>
+  
 <form method="post" id="signupform" onsubmit="return noDoubleClicks(this);">{% csrf_token %}
   <div class="login-form">
     {% if form.errors %}
diff --git a/cogauth/urls.py b/cogauth/urls.py
index 8482ea5..8ca24b0 100644
--- a/cogauth/urls.py
+++ b/cogauth/urls.py
@@ -51,13 +51,14 @@
     path('register/', views.RegisterView.as_view(), name='register'),
     path('genapikey/', views.GenerateTokenView.as_view(), name='gentoken'),
     re_path(r'^genapikey/service/(?P<vendor_id>\d+)/', views.GenerateServiceTokenView.as_view(), name='genservicetoken'),
-    path('account/help/', TemplateView.as_view(template_name='cogauth/loginhelp.html'), name='loginhelp'),
+    path('account/help/', views.LoginHelpView.as_view(), name='loginhelp'),
     path('confirmed/', TemplateView.as_view(template_name='cogauth/account_confirmed.html'), name='account_confirmed'),
     path('resetpassword/confirmed/', TemplateView.as_view(template_name='cogauth/pw_confirmed.html'), name='pw_reset_confirmed'),
     path('changePassword/', views.ChangePasswordView.as_view(template_name='cogauth/password_change_form.html'),name='password_change'),
     path('changePassword/done/', TemplateView.as_view(template_name='cogauth/password_change_done.html'), name='password_change_done'),
     path('init/resetpassword/', views.InitialPasswordResetView.as_view(), name='init_password_reset'),
     path('resetpassword/', views.ResetPasswordView.as_view(), name='passwordreset'),
+    path('reset/mfa/unauth/', views.ResetMFAView.as_view(), name='resetmfa'),
     path('changePasswordRegister/', views.ChangePasswordandRegisterView.as_view(),name='password_register'),
     path('account_activation_sent/', views.ConfirmRegister.as_view(), name='account_activation_sent'),
     path('resend/', views.ResendConfirmationCode.as_view(), name='resend'),
diff --git a/cogauth/utils.py b/cogauth/utils.py
index d05643e..016b61a 100644
--- a/cogauth/utils.py
+++ b/cogauth/utils.py
@@ -123,7 +123,6 @@ def token_verify(token, expire_fail=False):
         logger.debug(e)
         if expire_fail:
             return False
-        pass
     except JWTError as e:
         logger.debug('JWT Signature is invalid')
         logger.debug(e)
@@ -292,6 +291,17 @@ def cognito_check_track_permissions(request):
                 else:
                     vincegroup.user_set.add(request.user)
 
+                
+            if settings.COGNITO_SUPERUSER_GROUP in groups:
+                request.user.is_superuser=True
+                request.user.save()
+            else:
+                if request.user.is_superuser:
+                    logger.warning("Downgrading permissions on %s" % request.user.username)
+                    request.user.is_superuser=False
+                    request.user.save()
+
+                    
             for g in groups:
                 #Does COGNITO group exist in VINCE?  If so, add the user to that track group.
                 gs = GroupSettings.objects.filter(organization=g).first()
@@ -308,7 +318,8 @@ def cognito_check_track_permissions(request):
                             request.user.usersettings.contacts_write = vgroup.groupsettings.contacts_write
                             request.user.usersettings.save()
                 else:
-                    logger.info(f"LOCAL GROUP tied to Cognito group {g} doesn't exist")
+                    if g not in settings.COGNITO_SUPERUSER_GROUP:
+                        logger.info(f"LOCAL GROUP tied to Cognito group {g} doesn't exist")
 
 
             if settings.COGNITO_ADMIN_GROUP in groups:
@@ -335,8 +346,7 @@ def cognito_check_permissions(request):
                 request.user.vinceprofile.pending = False
                 request.user.vinceprofile.save()
             except:
-                logger.debug("No vinceprofile, this is probably a VINCE (not Vinny) system")
-                pass
+                logger.debug("No vinceprofile, this is probably a VINCE system")
             
         if settings.COGNITO_SUPERUSER_GROUP in groups:
             request.user.is_superuser=True
diff --git a/cogauth/views.py b/cogauth/views.py
index db6d083..a2f8df2 100644
--- a/cogauth/views.py
+++ b/cogauth/views.py
@@ -31,7 +31,6 @@
 from django.contrib.auth.mixins import LoginRequiredMixin, AccessMixin, UserPassesTestMixin
 from django.forms.utils import ErrorList
 from django.http import Http404
-from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render, redirect, get_object_or_404
 from django.utils.translation import ugettext as _
 from django.utils.decorators import method_decorator
@@ -44,21 +43,20 @@
 from rest_framework.authtoken.views import ObtainAuthToken
 from rest_framework.response import Response
 from django.views.generic import FormView, TemplateView
-from django.views.generic.list import ListView
 from django.contrib import messages
 from django.urls import resolve
 from django.contrib.auth import authenticate, login as auth_login
 from django.views.decorators.cache import never_cache
 from django.contrib.auth.views import LogoutView as CALogoutView
-from django.contrib.auth import update_session_auth_hash
 from django.conf import settings
 from django.contrib.auth import logout
 from lib.warrant import UserObj, Cognito
 from django.template.defaulttags import register
-from cogauth.utils import get_cognito, password_challenge_dance, get_group, cognito_verify_email, cognito_to_dict, cognito_check_permissions, mfa_challenge, rm_mfa, cognito_verify_sms, send_courtesy_email
+from cogauth.utils import get_cognito, password_challenge_dance, get_group, cognito_verify_email, cognito_check_permissions, mfa_challenge, rm_mfa, send_courtesy_email
 from cogauth.forms import *
 from vinny.models import Thread, VinceAPIToken, VinceCommGroupAdmin, GroupContact
 from vinny.permissions import is_in_group_vincegroupadmin
+from vinny.lib import vince_comm_send_sqs
 from django.core.exceptions import SuspiciousOperation
 import boto3
 import os
@@ -68,6 +66,7 @@
 import traceback
 from boto3.exceptions import Boto3Error
 from botocore.exceptions import ClientError, ParamValidationError
+from django.utils.http import is_safe_url
 
 logger = logging.getLogger(__name__)
 logger.setLevel(logging.DEBUG)
@@ -78,7 +77,7 @@ def _unread_msg_count(user):
     return len(Thread.ordered(Thread.unread(user)))
 
 def _my_contact_group(user):
-    groups = user.groups.exclude(groupcontact__isnull=True)
+    groups = user.groups.filter(groupcontact__contact__vendor_type__in=["Coordinator", "Vendor"]).exclude(groupcontact__isnull=True)
     return groups
 
 def _other_groups(user):
@@ -118,12 +117,12 @@ class GetUserMixin(object):
     cognito = None
     
     def get_token_groups(self):
-        if (self.cognito == None):
+        if (self.cognito is None):
             self.cognito = get_cognito(self.request)
         return get_group(self.request.session.get('ACCESS_TOKEN'))
     
     def get_user(self):
-        if (self.cognito == None):
+        if (self.cognito is None):
             self.cognito = get_cognito(self.request)
         return self.cognito.get_user(attr_map=settings.COGNITO_ATTR_MAPPING)
 
@@ -282,6 +281,33 @@ def post(self, request, *args, **kwargs):
             context['qrtext'] = f"otpauth://totp/VINCE:{self.request.user.username}?secret={context['secretcode']}&issuer=VINCE"
             return render(request, 'cogauth/totp.html', context)
 
+class ResetMFAView(FormView, AccessMixin):
+    template_name = 'cogauth/resetmfa.html'
+    form_class = COGResetMFA
+    login_url = "cogauth:login"
+
+    def dispatch(self, request, *args, **kwargs):
+        if not (request.session.get('MFAREQUIRED') and request.session.get('username')):
+            return self.handle_no_permission()
+        return super(ResetMFAView, self).dispatch(request, *args, **kwargs)
+
+    def get_context_data(self, **kwargs):
+        context = super(ResetMFAView, self).get_context_data(**kwargs)
+        return context
+
+    def form_valid(self, form):
+
+        del(self.request.session['MFAREQUIRED'])
+
+        vince_comm_send_sqs("ResetMFA", "MFA", "None", self.request.session['username'], None, form.cleaned_data['reason'])
+        
+        del(self.request.session['username'])
+        
+        messages.success(self.request,
+                         "Please check your email for further instructions on resetting your MFA.")
+        
+        return redirect('cogauth:login')
+        
 class RemoveMFAView(LoginRequiredMixin,TokenMixin,GetUserMixin,PendingTestMixin,TemplateView):
     template_name = 'cogauth/rmmfa.html'
     login_url = "cogauth:login"
@@ -297,7 +323,7 @@ def post(self, request, *args, **kwargs):
             logger.debug("trying to auth...")
             user = authenticate(request, username=self.request.user.username, password=password)
             logger.debug(user)
-            if (user == None) and request.session.get('MFAREQUIRED'):
+            if (user is None) and request.session.get('MFAREQUIRED'):
                 request.session['CHANGEMFA'] = True
                 request.session.save()
                 return redirect(settings.MFA_REDIRECT_URL)
@@ -311,8 +337,7 @@ class GenerateTokenView(LoginRequiredMixin,TokenMixin,GetUserMixin,TemplateView)
     def get_context_data(self, **kwargs):
         context = super(GenerateTokenView, self).get_context_data(**kwargs)
         context['coguser'] = self.get_user()
-        # generate a token
-        context['token'] = generate_key()
+        # generate a token        context['token'] = generate_key()
         # does user already have a token
         try:
             token = VinceAPIToken.objects.get(user=self.request.user)
@@ -345,7 +370,7 @@ def get_context_data(self, **kwargs):
         gc = get_object_or_404(GroupContact, id=self.kwargs.get('vendor_id'))
 
         service = User.objects.filter(groups__in=[gc.group], vinceprofile__service=True).first()
-        if service == None:
+        if service is None:
             raise Http404
 
         # generate a token
@@ -548,7 +573,6 @@ def form_valid(self, form):
             c.initiate_forgot_password()
         except (Boto3Error, ClientError) as e:
             logger.warning("User %s does not exist" % form.cleaned_data['username'])
-            pass
             
         self.request.session['RESETPASSWORD']=True
         self.request.session['username']=form.cleaned_data['username']
@@ -741,7 +765,10 @@ def form_valid(self, form):
                 if next_url:
                     logger.debug(next_url)
                     try:
-                        return redirect(next_url)
+                        if is_safe_url(next_url,set(settings.ALLOWED_HOSTS),True):
+                            return redirect(next_url)
+                        else:
+                            return redirect(settings.LOGIN_REDIRECT_URL)
                     except:
                         pass
                 logger.debug("redirecting...")
@@ -915,7 +942,7 @@ def form_valid(self, form):
 #        user = form.save()
         logger.debug(self.request.session.get('username'))
         tokens = password_challenge_dance(self.request.session.get('username'), form.cleaned_data['old_password'], form.cleaned_data['new_password1'])
-        if tokens == None:
+        if tokens is None:
             form._errors.setdefault("old_password", ErrorList([
                         u"Your temporary password is incorrect."
                     ]))
@@ -947,6 +974,20 @@ def dispatch(self, request, *args, **kwargs):
             return self.handle_no_permission()
         return super(ChangePasswordandRegisterView, self).dispatch(
             request, *args, **kwargs)
+
+
+class LoginHelpView(TemplateView):
+    template_name = 'cogauth/loginhelp.html'
+
+    def get_context_data(self, **kwargs):
+        context = super(LoginHelpView, self).get_context_data(**kwargs)
+
+        if self.request.session.get('username'):
+            #this user has already entered their name and password
+            context['showlink'] = 1
+
+            
+        return context
     
 class RegisterView(FormView):
     template_name = 'cogauth/signup.html'
@@ -972,7 +1013,7 @@ def form_valid(self, form):
             'secret' : settings.GOOGLE_RECAPTCHA_SECRET_KEY,
             'response': recaptcha_response
         }
-        logger.debug(data)
+
         r = requests.post(GOOGLE_VERIFY_URL, data=data)
         result = r.json()
         if result['success']:
@@ -991,6 +1032,7 @@ def form_valid(self, form):
                 u'Email already exists. Usernames are <b>CASE SENSITIVE</b>. Or did you forget your password? <a href="/comm/auth/init/resetpassword/">Reset your password</a>.'
             ]))
             return super().form_invalid(form)
+
         c = Cognito(settings.COGNITO_USER_POOL_ID, settings.COGNITO_APP_ID, user_pool_region=settings.COGNITO_REGION)
         c.add_base_attributes(email=form.cleaned_data['email'], given_name=form.cleaned_data['first_name'], family_name=form.cleaned_data['last_name'], preferred_username=form.cleaned_data['preferred_username'])
         c.add_custom_attributes(Organization=form.cleaned_data['organization'], title=form.cleaned_data['title'])
diff --git a/kbworker/views.py b/kbworker/views.py
index d4dffa3..4b832cf 100644
--- a/kbworker/views.py
+++ b/kbworker/views.py
@@ -28,10 +28,11 @@
 ########################################################################
 from django.shortcuts import render
 from django.core.management import call_command
+from django.utils import timezone
 import json
 import boto3
 import logging
-from vincepub.models import VUReport, VendorRecord
+from vincepub.models import VUReport, VendorRecord, VulnerabilityNote, NoteVulnerability, Vendor, VendorVulStatus
 from vincepub import serializers
 from django.views.decorators.csrf import csrf_exempt
 from django.http import JsonResponse
@@ -148,15 +149,151 @@ def check_for_updates(request):
                         send_sns(ldata.get('cert_id'), "Problem building static vulnerability note", traceback.format_exc())
                         return JsonResponse({ 'problem': ldata['idnumber']}, status=500)
 
-                if ldata["DateFirstPublished"] == "":
-                    ldata.pop("DateFirstPublished")
-                if ldata["PublicDate"] == "":
-                    ldata.pop("PublicDate")
-                if 'US-CERTTechnicalAlert' in ldata:
-                    ldata['uscerttechalert'] = ldata['US-CERTTechnicalAlert']
-                    ldata.pop("US-CERTTechnicalAlert")
-                ldatalower = {k.lower(): v for k, v in ldata.items()}
-                for key,val in ldatalower.items():
+                elif ldata.get("kbpublisher"):
+                    logger.debug(f"THIS IS A PUBLISHER GENERATED FILE {ldata['vuid']}")
+                    try:
+                        report = VUReport.objects.filter(idnumber = ldata['vuid']).exclude(vulnote__isnull=True).first()
+                        if report:
+                            if ldata.get('delete') == 1:
+                                #THIS IS A DELETE REQUEST
+                                report.delete()
+                                #send_sns(ldata['vuid'], "PUBLISHED", "Success, the vulnerability note was removed.")
+                                #now remove s3 static file
+                                logger.debug(f"removing vuls/id/{ldata['vuid']}/index.html from bucket {settings.AWS_STORAGE_BUCKET_NAME}") 
+                                s3.Object(settings.AWS_STORAGE_BUCKET_NAME, f"vuls/id/{ldata['vuid']}/index.html").delete()
+                                s3.Object(settings.AWS_STORAGE_BUCKET_NAME, f"vuls/id/{ldata['vuid']}/").delete() 
+                                return JsonResponse({'response':'success'}, status=200)
+                                
+                            logger.debug(f"Re-Publishing {settings.CASE_IDENTIFIER}{report.idnumber}:{report.name}")
+                            report.vulnote.content = ldata['content']
+                            report.vulnote.title = ldata['title']
+                            if ldata['references']:
+                                report.vulnote.references = ldata['references']
+                            report.vulnote.revision_number = report.revision + 1
+                            report.vulnote.dateupdated = timezone.now()
+                            if ldata['publicdate']:
+                                report.vulnote.publicdate = ldata['publicdate']
+                            else:
+                                report.vulnote.publicdate = timezone.now()
+                            report.vulnote.save()
+                            report.overview = ldata['content']
+                            report.name = ldata['title']
+                            report.dateupdated = timezone.now()
+                            if ldata['references']:
+                                report.public = ldata['references'].splitlines()
+                            report.cveids = ldata['cveids']
+                            report.revision = report.vulnote.revision_number
+                            if ldata['publicdate']:
+                                report.publicdate = ldata['publicdate']
+                            else:
+                                report.publicdate = timezone.now()
+                            report.save()
+                            vpnote = report.vulnote
+                            
+                        else:
+                            logger.debug(f"Publishing for the first time {settings.CASE_IDENTIFIER}{ldata['vuid']}: {ldata['title']}")
+                            vpnote = VulnerabilityNote(content = ldata['content'],
+                                                       title = ldata['title'],
+                                                       references = ldata['references'],
+                                                       vuid=ldata['vuid'])
+
+                            if ldata['publicdate']:
+                                vpnote.publicdate = ldata['publicdate']
+                            vpnote.save()
+                            report, created = VUReport.objects.update_or_create(idnumber = ldata['vuid'],
+                                                                                vuid = f"{settings.CASE_IDENTIFIER}{ldata['vuid']}",
+                                                                                defaults={'name':ldata['title'],
+                                                                                          'overview':ldata['content'],
+                                                                                          'dateupdated':timezone.now(),
+                                                                                          'vulnote':vpnote,
+                                                                                          'cveids': ldata['cveids'],
+                                                                                          'publicdate': ldata['publicdate']})
+                            if ldata['references']:
+                                report.public = ldata['references'].splitlines()
+
+                            if created:
+                                report.datefirstpublished = timezone.now()
+                                report.save()
+                            else:
+                                vpnote.revision_number = report.revision + 1
+                                vpnote.save()
+
+
+                        # now update vuls/vendors/status
+                        for vul in ldata['vuls']:
+                            vp_vul = NoteVulnerability.objects.update_or_create(case_increment = vul['case_increment'],
+                                                                                note=vpnote,
+                                                                                defaults = {'cve': vul['cve'],
+                                                                                            'description': vul['description'],
+                                                                                            'uid':vul['uid']})
+                        for vul in ldata['deleted_vuls']:
+                                vp_vul = NoteVulnerability.objects.filter(case_increment = vul, note=vpnote).first()
+                                if vp_vul:
+                                    vp_vul.delete()
+
+                        for vendor in ldata['vendors']:
+                            vp_vendor, created = Vendor.objects.update_or_create(note=vpnote,
+                                                                                 uuid=vendor['uid'],
+                                                                                 defaults = {'contact_date': vendor['contact_date'],
+                                                                                             'references': vendor.get('references'),
+                                                                                             'statement': vendor.get('statement'),
+                                                                                             'statement_date': vendor.get('statement_date'),
+                                                                                             'addendum': vendor.get('addendum'),
+                                                                                             'vendor': vendor['vendor']})
+                            for status in vendor['status']:
+                                vp_vul = NoteVulnerability.objects.filter(case_increment=status['vul_increment'],
+                                                                          note=vpnote).first()
+                                if vp_vul:
+                                    intstatus = 3
+                                    if status['status'] == "Affected":
+                                        intstatus = 1
+                                    elif status['status'] in ["Unaffected", "Not Affected"]:
+                                        intstatus = 2
+                                        
+                                    vp_vulstatus = VendorVulStatus.objects.update_or_create(vendor=vp_vendor,
+                                                                                            vul = vp_vul,
+                                                                                            defaults={'status':intstatus,
+                                                                                                      'references':status.get('references'),
+                                                                                                      'statement':status.get('statement')})
+                                    
+                        vpnote.published=True
+                        vpnote.save()
+
+                        
+                        for vendor in ldata['deleted_vendors']:
+                            vp_vendor = Vendor.objects.filter(note=vpnote, uuid=vendor).first()
+                            if vp_vendor:
+                                vp_vendor.delete()
+
+                        
+                        if report:
+                            call_command('rebuildnotes', ldata['idnumber'])
+                            logger.debug("done building static file")
+                            report.publish = True
+                            report.save()
+                            send_sns(ldata['cert_id'], "PUBLISHED", "Congratulations, the vulnote was published.")
+                            return JsonResponse({'response':'success'}, status=200)
+                    
+                    except:
+                        logger.debug(traceback.format_exc())
+                        send_sns(ldata.get('cert_id'), "Problem building static vulnerability note", traceback.format_exc())
+                        return JsonResponse({ 'problem': ldata['idnumber']}, status=500)
+
+
+    data = {}
+    return render(request, 'vincepub/404.html', data, status=404)
+                        
+"""
+### this is PRE-VINCE old-school publishing
+if ldata["DateFirstPublished"] == "":
+ldata.pop("DateFirstPublished")
+if ldata["PublicDate"] == "":
+ldata.pop("PublicDate")
+            if 'US-CERTTechnicalAlert' in ldata:
+                ldata['uscerttechalert'] = ldata['US-CERTTechnicalAlert']
+                ldata.pop("US-CERTTechnicalAlert")
+            ldatalower = {k.lower(): v for k, v in ldata.items()}
+            for key,val in ldatalower.items():
                     if key.startswith("txt_"):
                         k = key[4:]
                         ldatalower[k] = val
@@ -228,9 +365,7 @@ def check_for_updates(request):
         send_sns(ldatalower['idnumber'], "PUBLISHED", "Congratulations, the vulnote was published.")
         return JsonResponse({'response':'success'}, status=200)
     else:
-        data = {}
-        return render(request, 'vincepub/404.html', data, status=404)
-
+"""
 
 @csrf_exempt
 def vc_daily_digest(request):
diff --git a/vince/admin.py b/vince/admin.py
index cb3305f..73b3230 100644
--- a/vince/admin.py
+++ b/vince/admin.py
@@ -412,8 +412,8 @@ class EmailContactInLine(admin.TabularInline):
 
     
 class ContactAdmin(admin.ModelAdmin):
-    search_fields=['vendor_id', 'vendor_name']
-    list_display=['vendor_id', 'vendor_name', 'active', "_emails"]
+    search_fields=['vendor_name']
+    list_display=['vendor_name', 'vendor_type', 'active', "_emails"]
 
     inlines = [
         EmailContactInLine
diff --git a/vince/fixtures/EmailTemplate.json b/vince/fixtures/EmailTemplate.json
index ec6cf37..dae87f8 100644
--- a/vince/fixtures/EmailTemplate.json
+++ b/vince/fixtures/EmailTemplate.json
@@ -2182,7 +2182,7 @@
     "subject": "You have been requested to join VINCE",
     "heading": "Invitation to join VINCE",
     "plain_text": "Hello, you have been requested to join VINCE in the group {{ group }} by {{ groupadmin }}. \r\n\r\nPlease create a VINCE account and you will be able to view any vulnerability case information associated with {{ group }}. \r\n\r\nSign up here: {{ signup }} \r\n\r\nThank you, \r\n\r\n{{ team_signature }}",
-    "html": "<p style=\"font-family: sans-serif; font-size: 1em;\">Hello,</p> <p style=\"font-family: sans-serif; font-size: 1em;\">Hello, you have been requested to join VINCE in the group {{ group }} by {{ groupadmin }}. Please create a VINCE account and you will be able to view any vulnerability case information associated with {{ group }}.</p> <p style=\"font-family: sans-serif; font-size: 1em;\"> <b>Sign up here:</b> {{ signup }}<br> </p> \r\n\r\n<p style=\"font-family: sans-serif; font-size: 1em;\"> Thank you,\r\n<br/> {{ team_signature }} </p>",
+    "html": "<p style=\"font-family: sans-serif; font-size: 1em;\">Hello,</p> <p style=\"font-family: sans-serif; font-size: 1em;\">You have been requested to join VINCE in the group {{ group }} by {{ groupadmin }}. Please create a VINCE account and you will be able to view any vulnerability case information associated with {{ group }}.</p> <p style=\"font-family: sans-serif; font-size: 1em;\"> <b>Sign up here:</b> {{ signup }}<br> </p> \r\n\r\n<p style=\"font-family: sans-serif; font-size: 1em;\"> Thank you,\r\n<br/> {{ team_signature }} </p>",
     "locale": "en",
     "body_only": false,
     "user": null,
diff --git a/vince/forms.py b/vince/forms.py
index 64604b0..bbc917f 100644
--- a/vince/forms.py
+++ b/vince/forms.py
@@ -221,7 +221,6 @@ class PreferencesForm(forms.Form):
     def __init__(self, *args, **kwargs):
         super(PreferencesForm, self).__init__(*args, **kwargs)
         #if setting is not set for this user, set to default
-        logger.debug("THIS IS THE INITIAL")
         logger.debug(self.initial)
         if self.initial.get('templates'):
             self.fields['case_template'].choices = self.initial.get('templates')
@@ -1676,6 +1675,12 @@ class AssignTicketTeamForm(forms.Form):
         label=_('Assign a Team'),
     )
 
+    reason = forms.CharField(
+        widget=forms.Textarea(attrs={'placeholder': 'Provide reason for transfer'}),
+        required=False,
+        label=_('Reason for Transfer'),
+    )
+
 class RejectCaseTransferForm(forms.Form):
 
     reason = forms.CharField(
@@ -1836,12 +1841,6 @@ class Meta:
             'queue':forms.HiddenInput()
         }
 
-class TicketDependencyForm(forms.ModelForm):
-    ''' Adds a different ticket as a dependency for this Ticket '''
-
-    class Meta:
-        model = TicketDependency
-        exclude = ('ticket',)
 
 ##### CONTACT FORMS ##########
 
@@ -1862,7 +1861,7 @@ def clean_srmail_peer_name(self):
 
     class Meta:
         model=ContactGroup
-        fields=['name', 'vuid', 'description', 'srmail_peer_name', 'group_type', 'status', 'group_select', 'comment', 'version']
+        fields=['name', 'description', 'group_select', 'comment', 'version']
         widgets = {
             'comment' : forms.Textarea(attrs={'rows': 4}),
             'version':forms.HiddenInput()
@@ -1909,7 +1908,7 @@ def clean_contact(self):
         print(data)
         if data in [None, '', 'None']:
             return
-        contact = Contact.objects.filter(vendor_name=data, active=True).first()
+        contact = Contact.objects.filter(vendor_name=data).first()
         if contact:
             return contact
         else:
@@ -1926,28 +1925,29 @@ def clean_ticket(self):
             raise forms.ValidationError("Invalid Ticket Selection. Use only numeric ID of Ticket.")
         
 class ContactForm(forms.ModelForm):
+
+
+    vtype = forms.ChoiceField(
+        widget=forms.Select(attrs={'class': 'form-control'}),
+        choices=(('User', 'User'), ('Vendor', 'Vendor'), ('Coordinator', 'Coordinator'), ('Group', 'Group')),
+        required=True,
+        label=_('Type'),
+    ) 
+    
     def __init__(self, *args, **kwargs):
         super(ContactForm, self).__init__(*args, **kwargs)
-        self.fields['srmail_peer'].required=True
-        self.fields['lotus_id'].required=False
         self.fields['version'].required=False
+        self.fields['vtype'].initial='Vendor'
+
     class Meta:
         model = Contact
-        fields = ['vendor_name', 'vendor_type', 'srmail_peer', 'srmail_salutation', 'srmail_id', 'lotus_id', 'countrycode', 'active', 'location', 'comment', 'version']
+        fields = ['vendor_name', 'vtype', 'countrycode', 'location', 'comment', 'version']
         widgets = {
             'comment' : forms.Textarea(attrs={'rows': 4}),
             'countrycode': CountrySelectWidget(layout='{widget}</div><div class="large-1 medium-1 columns"><img class="country-select-flag" id="{flag_id}" style="margin: 16px 4px 0" src="{country.flag}"></div>'),
             'version': forms.HiddenInput()
             }
 
-    def clean_srmail_peer(self):
-        data = self.cleaned_data['srmail_peer']
-        if not data.islower():
-            raise forms.ValidationError("srmail peer names should be lowercase")
-        if " " in data or "'" in data or '@' in data or '+' in data:
-            raise forms.ValidationError("srmail peer names can not contain spaces, quotes, apostrophes, @, or + symbols")
-        return data
-
 
 class PostalForm(forms.ModelForm):
     def __init__(self, *args, **kwargs):
@@ -1976,12 +1976,21 @@ class Meta:
 
 
 class EmailContactForm(forms.ModelForm):
+
+    email_type = forms.ChoiceField(                                       
+        choices=[('User', 'User'), ('Notification', 'Notification Only')],
+        label='Is this a user or notification-only email address?',
+        required=False,
+        widget=forms.RadioSelect(attrs={'class':'ul_nobullet horizontal_bullet'}))                         
+    
     def __init__(self, *args, **kwargs):
         super(EmailContactForm, self).__init__(*args, **kwargs)
         self.fields['version'].required=False
         self.fields['email_list'].required=False
+        self.fields['name'].required = False
         self.fields['email_function'].required=False
         self.fields['email_function'].initial = "TO"
+        self.fields['email_type'].initial='User'
 
     def clean_email(self):
         email = self.cleaned_data['email']
@@ -1999,7 +2008,7 @@ def clean_name(self):
 
     class Meta:
         model = EmailContact
-        fields = ['id', 'email', 'email_type', 'name', 'email_function', 'status', 'version', 'email_list']
+        fields = ['id', 'email', 'email_type', 'name', 'email_function', 'status', 'version', 'email_list', 'email_type']
         widgets = {'version':forms.HiddenInput() }
 
 class WebsiteForm(forms.ModelForm):
diff --git a/vince/lib.py b/vince/lib.py
index 956e89e..40fa700 100644
--- a/vince/lib.py
+++ b/vince/lib.py
@@ -47,7 +47,7 @@
 # from vince.models import Attachment, EmailTemplate, ArtifactAttachment, TicketArtifact
 from vince.models import *
 from vinny.models import Message, Case, Post, PostRevision, VinceCommContact, GroupContact, CaseMember, CaseMemberStatus, CaseStatement, CaseVulnerability, VTCaseRequest, VinceCommCaseAttachment, ReportAttachment, VinceCommInvitedUsers, CRFollowUp, VCVUReport, VendorAction, VendorStatusChange, CaseCoordinator, ContactInfoChange, CaseViewed, CaseVulExploit, CaseVulCVSS, CoordinatorSettings, VINCEEmailNotification
-from vince.mailer import send_newticket_mail, send_daily_digest_mail
+from vince.mailer import send_newticket_mail, send_daily_digest_mail, send_reset_mfa_email, get_mail_content
 import email
 import email.header
 import traceback
@@ -1064,6 +1064,28 @@ def create_action(attributes, body):
             change.approved = True
             change.save()
 
+    else:
+        # is this a completion of the contact verification process?
+        # find contact change
+        contact = Contact.objects.filter(vendor_name=group).first()
+        if contact:
+            vccontact = VinceCommContact.objects.filter(vendor_id=contact.id).first()
+            #get new emails added
+            cic = ContactInfoChange.objects.filter(contact=vccontact,model="Email",field="email address").exclude(new_value__isnull=True)
+            for email in cic:
+                #check to see if we have a contact verification open for this user/contact
+                ca = ContactAssociation.objects.filter(contact=contact, email=email.new_value, complete=False).first()
+                if ca:
+                    fup = FollowUp(ticket=ca.ticket,
+                                   title=f"Admin {user} completed contact association process - added email {email.new_value}",
+                                   comment="Contact Association Process Complete")
+                    fup.save()
+                    ca.complete=True
+                    ca.save()
+                    ca.ticket.status=Ticket.CLOSED_STATUS
+                    ca.ticket.resolution = "Group admin completed contact association process"
+                    ca.ticket.save()
+            
     action = Action(title="Contact information change",
                     comment=body)
 
@@ -2920,7 +2942,62 @@ def send_worker_email_all(to, subject, content, tkt, from_user):
         logger.debug(traceback.format_exc())
             
             
-                
+def reset_user_mfa(attributes, body):
+    logger.debug(attributes)
+    logger.debug(body)
+
+    email = attributes['User']
+
+    user = User.objects.using('vincecomm').filter(username=email).first()
+    if not user:
+        send_error_sns("MFA Reset", "MFA Reset Initiation Error", f"User with email {email} requested MFA reset, but user does not exist")
+        return
+
+    queue = TicketQueue.objects.filter(title='Inbox').first()
+
+    if not queue:
+        send_error_sns("MFA Reset", "Configuration Error for MFA Reset", f"User with email {email} requested MFA reset, but Inbox queue does not exist")
+        return
+    
+    ticket = Ticket(title = f"Confirm MFA reset for {user.email}",
+                    status = Ticket.CLOSED_STATUS,
+                    submitter_email = email,
+                    queue = queue,
+                    description=f"User initiated MFA reset\r\nReason:\r\n{body}")
+    ticket.save()
+
+    # don't create more of these, if one exists already                                                                                    
+
+    mfatkt = MFAResetTicket.objects.update_or_create(user_id=int(user.id),
+                                                     ticket=ticket)
+    
+    email_template = EmailTemplate.objects.get(template_name="mfa_reset_request")
+    
+    
+    notification = VendorNotificationEmail(subject=email_template.subject,
+                                           email_body = email_template.plain_text)
+    notification.save()
+    
+    email = VinceEmail(ticket=ticket,
+                       notification=notification,
+                       email_type=1,
+                       to=user.email)
+    email.save()
+
+    send_reset_mfa_email(user, ticket, "mfa_reset_request")
+
+    email_content = get_mail_content(ticket, "mfa_reset_request")
+    
+    fup = FollowUp(title=f"Email sent to {user.email} confirming MFA reset request.",
+                   comment=email_content,
+                   ticket=ticket)
+    
+    fup.save()
+
+
+
+
+
         
     
 
diff --git a/vince/migrations/0002_auto_20220719_1530.py b/vince/migrations/0002_auto_20220719_1530.py
new file mode 100644
index 0000000..b3f1616
--- /dev/null
+++ b/vince/migrations/0002_auto_20220719_1530.py
@@ -0,0 +1,23 @@
+# Generated by Django 2.2.26 on 2022-07-19 15:30
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('vince', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='adminpgpemail',
+            name='pgp_key_data',
+            field=models.TextField(),
+        ),
+        migrations.AlterField(
+            model_name='contact',
+            name='vendor_type',
+            field=models.CharField(choices=[('Contact', 'Contact'), ('Vendor', 'Vendor'), ('User', 'User'), ('Coordinator', 'Coordinator')], default='Vendor', max_length=50),
+        ),
+    ]
diff --git a/vince/models.py b/vince/models.py
index df6a5f3..4680e6d 100644
--- a/vince/models.py
+++ b/vince/models.py
@@ -160,13 +160,17 @@ def search(self, query=None):
         return qs
 
 class Contact(models.Model):
+    #Kept Contact Type for backwards compatibility
+    
     VENDOR_TYPE = (
-    ('Contact', 'Contact'),
-    ('Vendor', 'Vendor'),
+        ('Contact', 'Contact'),
+        ('Vendor', 'Vendor'),
+        ('User', 'User'),
+        ('Coordinator', 'Coordinator'),
     )
     LOCATION_CHOICES=(
-    ('Domestic', 'Domestic'),
-    ('International', 'International')
+        ('Domestic', 'Domestic'),
+        ('International', 'International')
     )
     vendor_id = models.CharField(max_length=10, blank=True, null=True)
     vendor_name = models.CharField(max_length=100)
diff --git a/vince/static/vince/css/style.css b/vince/static/vince/css/style.css
index 0fac7e4..baf73f4 100644
--- a/vince/static/vince/css/style.css
+++ b/vince/static/vince/css/style.css
@@ -716,7 +716,7 @@ ul {
     height:70px;
     background-color:#FFF;
     border: solid 1px white;
-    max-width: 550px;
+    max-width: 600px;
     width: 100%;
     margin: auto;
     padding: 10px;
@@ -944,7 +944,7 @@ body.login {
 }
 
 .login ul.messagelist {
-    max-width: 550px;
+    max-width: 600px;
     width: 100%;
     margin: auto;
 }
@@ -957,7 +957,7 @@ body.login {
     height: auto;
     /*background: rgba(54, 54, 54, 0.8) !important;*/
     padding: 0;
-    max-width: 550px;
+    max-width: 600px;
     width: 100%;
     margin: auto;
     background-color: #f1f1f2;
@@ -974,7 +974,7 @@ body.login {
 */
 .login #content {
     /*padding: 20px 20px 0;*/
-    max-width: 550px;
+    max-width: 600px;
     width: 100%;
     margin: auto;
     background-color: #f1f1f2;
@@ -2931,6 +2931,13 @@ tr.equal td {
     box-shadow: 0 2px 10px #35CC0C;
 }
 
+.case-list-item.unseen {
+    border: 1px solid #35CC0C;
+    border-radius: 0.25rem;
+    box-shadow: 0 2px 10px #35CC0C;
+}
+    
+
 .callout {
     border: 1px solid transparent;
     border-radius: 0.25rem;
@@ -4045,7 +4052,7 @@ input:checked ~ .switch-paddle {
 }
 
 #wanttomenu {
-    width:175px;
+    /*width:175px;*/
 }
 
 #switchteam {
diff --git a/vince/static/vince/js/case.js b/vince/static/vince/js/case.js
index 4777150..429ba49 100644
--- a/vince/static/vince/js/case.js
+++ b/vince/static/vince/js/case.js
@@ -35,6 +35,17 @@ function permissionDenied(modal) {
 
 }
 
+function init_modal_markdown() {
+    var simplemde = new EasyMDE({element: $("#id_content")[0],
+                                 renderingConfig: {
+                                     singleLineBreaks: false,
+                                 },
+                                 status: false,
+                                 autoDownloadFontAwesome: false,
+                                });
+}
+
+
 
 function initTooltipster(element, umProfileStore, displayUserCard) {
     /*replaced to use standard jquery tooltip since plugin was failing */
@@ -967,6 +978,9 @@ $(document).ready(function() {
 
     });
 
+
+    
+
     $(document).on("click", "#sharevulnote", function(event) {
         event.preventDefault();
         var url = $(this).attr("action");
@@ -976,6 +990,7 @@ $(document).ready(function() {
             type: "GET",
             success: function(data) {
                 approvemodal.html(data).foundation('open');
+		init_modal_markdown();
             },
 	    error: function(xhr, status) {
                 permissionDenied(addmodal);
diff --git a/vince/static/vince/js/contact.js b/vince/static/vince/js/contact.js
index 677b76f..e48974d 100644
--- a/vince/static/vince/js/contact.js
+++ b/vince/static/vince/js/contact.js
@@ -141,6 +141,39 @@ $(document).ready(function() {
 	searchContacts();
     });
 
+    $(document).on("submit", "#cmgrform", function(event) {
+	event.preventDefault();
+	/*lookup vendor name first */
+	var url = $(this).attr("action");
+        $.ajax({
+            url: url,
+            type: "POST",
+            data: $(this).serialize(),
+            success: function(data) {
+		location.href=data['new'];
+	    },
+	    error: function(xhr, status) {
+		var data = JSON.parse(xhr.responseText);
+		$("#error").html("<p>"+ data["error"] + "</p>");
+		$("#error").show();
+	    }
+	});
+    });
+
+
+    var $modal = $("#modal");
+    
+    $(document).on("click", "#createcontact", function(event) {
+	event.preventDefault();
+        var url = $(this).attr("href");
+        $.ajax({
+            url: url,
+            type: "GET",
+            success: function(data) {
+                $modal.html(data).foundation('open');
+            }
+        });
+    });
     
 
 });
diff --git a/vince/static/vince/js/contactverify.js b/vince/static/vince/js/contactverify.js
index b30faf4..c8944ae 100644
--- a/vince/static/vince/js/contactverify.js
+++ b/vince/static/vince/js/contactverify.js
@@ -32,7 +32,6 @@ function replaceVendor() {
     var val = $("#id_contact").val();
     var email_body = $("#id_email_body").val();
     email_body = email_body.replace(/\[VENDOR\]/g, val);
-    console.log(email_body);
     $("#id_email_body").val(email_body);
 }
 
@@ -40,11 +39,29 @@ function replaceEmail() {
     var val = $("#id_user").val();
     var	email_body = $("#id_email_body").val();
     email_body = email_body.replace(/\[EMAIL\]/g, val);
-    console.log(email_body);
     $("#id_email_body").val(email_body);
 }
 
 
+function getEmails(e, taggle) {
+    if (e) {
+        e.preventDefault();
+    }
+
+    var contact_id = $("#id_contact").val();
+    $.ajax({
+        url: "/vince/ajax_calls/contact/"+contact_id,
+        success: function(data) {
+	    var emails = data['emails'].split(',');
+	    for (let i=0; i< emails.length; i++) {
+		taggle.add(emails[i]);
+	    }
+	}
+    });
+}
+
+
+
 $(document).ready(function() {
 
 
@@ -73,6 +90,7 @@ $(document).ready(function() {
 	options = {
 	    source:data,
 	    minLength: 2,
+	    select: function( event, ui) { $("#id_contact").val(ui.item.value); getEmails(event, taggle); }
 	};
     }
 
@@ -103,5 +121,20 @@ $(document).ready(function() {
 	return true;
     });
 
+    var taggle = null;
+
+    if (document.getElementById("email_tags")) {
+        var available_tags = JSON.parse(document.getElementById('emails').textContent);
+	var tags = [];
+        taggle =  new Taggle('email_tags', {
+            tags: available_tags,
+	    hiddenInputName: "email",
+	    preserveCase:true,
+            duplicateTagClass: 'bounce',
+	    allowedTags: available_tags,
+            placeholder: ["Verification emails must first be added to contact"]
+	});
+    }
+
     
 });
diff --git a/vince/static/vince/js/scontact.js b/vince/static/vince/js/scontact.js
index 8431a6e..e98c9da 100644
--- a/vince/static/vince/js/scontact.js
+++ b/vince/static/vince/js/scontact.js
@@ -43,34 +43,61 @@ function reloadActivity() {
     });
 }
 
+function add_group(taggle, group) {
+    var csrftoken = getCookie('csrftoken');
+    var url = $("#group_taggle").attr("action");
+    $.post(url,
+           {'csrfmiddlewaretoken': csrftoken, 'group': group},
+	   function(data) {
+               console.log("success adding");
+               reloadActivity();
+           })
+        .fail(function (data) {
+            alert("An error occurred while trying to add this group: " + data['responseJSON']['error']);
+            taggle.remove(group);
+        });
+}
 
-function add_admin(taggle, user){
+function del_group(taggle, group) {
+    var csrftoken = getCookie('csrftoken');
+    var url = $("#group_taggle").attr("action");
+    $.post(url,
+           {'rm': 1, 'csrfmiddlewaretoken': csrftoken,
+            'group': group}, function (data) {
+                console.log("success removing");
+                reloadActivity();
+
+            })
+        .fail(function (data) {
+            alert("An error occurred while trying to delete this tag: " + data['responseJSON']['error']);
+            taggle.add(group);
+        });
+}
+
+
+function add_admin(user, url){
     var csrftoken = getCookie('csrftoken');
-    var url = $("#admin_taggle").attr("action");
     $.post(url,
            {'csrfmiddlewaretoken': csrftoken, 'user': user, 'add_admin': true}, function(data) {
                console.log("success adding");
-	       reloadActivity();
+	       window.location.reload(true);
            })
         .fail(function (data) {
-            alert("An error occurred while trying to add this tag: " + data['responseJSON']['error']);
-            taggle.remove(user);
+            alert("An error occurred while trying to add admin: " + data['responseJSON']['error']);
         });
 }
 
-function del_admin(taggle, user){
+function del_admin(user, url){
     var csrftoken = getCookie('csrftoken');
-    var url = $("#admin_taggle").attr("action");
     $.post(url,
            {'state': 0, 'csrfmiddlewaretoken': csrftoken,
 	    'user': user, 'del_admin':true}, function (data) {
 		console.log("success removing");
-		reloadActivity();
+		window.location.reload(true);
 		
             })
         .fail(function (data) {
-            alert("An error occurred while trying to delete this tag: " + data['responseJSON']['error']);
-            taggle.add(user);
+            alert("An error occurred while trying to remove admin permissions: " + data['responseJSON']['error']);
         });
 }
 
@@ -117,7 +144,7 @@ function auto(data, taggle) {
             event.preventDefault();
             if (event.which === 1) {
                 taggle.add(data.item.value);
-                add_admin(taggle, data.item.label)
+                add_group(taggle, data.item.label)
             }
         }
     });
@@ -164,25 +191,26 @@ $(document).ready(function() {
 
     
 
-    if (document.getElementById('admin_taggle')) {
-        var subscribed_users = JSON.parse(document.getElementById('groupadmins').textContent);
-        var assignable = JSON.parse(document.getElementById('assignable_users').textContent);
-        var admin_taggle = new Taggle('admin_taggle', {
-            tags: subscribed_users,
+    if (document.getElementById('group_taggle')) {
+	var contact_groups = JSON.parse(document.getElementById('groups').textContent);
+        var assignable = JSON.parse(document.getElementById('all_groups').textContent);
+        var group_taggle = new Taggle('group_taggle', {
+            tags: contact_groups,
             duplicateTagClass: 'bounce',
             allowedTags: assignable,
-            placeholder: ["Add a user..."],
+	    preserveCase: true,
+            placeholder: ["Add a group..."],
             onTagAdd: function (event, tag) {
                 if (event) {
-                    add_admin(admin_taggle, tag)
+                    add_group(group_taggle, tag)
                 }
             },
             onBeforeTagRemove: function (event, tag) {
-                del_admin(admin_taggle, tag)
+                del_group(group_taggle, tag)
                 return true;
             },
         });
-        auto(assignable, admin_taggle);
+        auto(assignable, group_taggle);
     }
 
     if (document.getElementById('contact_taggle')) {
@@ -264,7 +292,27 @@ $(document).ready(function() {
                 window.location.reload(true);
             });
     });
-    
+
+
+    $('#showcharttip').qtip({
+        content: $("#vendor_type_help"),
+        style: {classes: 'qtip-youtube'}
+    });
+
+    $('#showtypehelp').qtip({
+        content: $("#email_type_help"),
+        style: {classes: 'qtip-youtube'}
+    });
+
+    $(document).on("click", ".adminuser", function(event) {
+	event.preventDefault();
+	add_admin($(this).attr("val"), $(this).attr("href"));
+    });
+
+    $(document).on("click", ".rmadminuser", function(event) {
+	event.preventDefault();
+	del_admin($(this).attr("val"), $(this).attr("href"));
+    });
 
     $(document).on("click", ".task_assign_cancel", function(event) {
         $(this).parent().prev().show();
@@ -295,6 +343,57 @@ $(document).ready(function() {
             }
         });
     });
+
+    $(document).on("click", ".rmemail", function(event) {
+	event.preventDefault();
+	var url = $(this).attr("href");
+        $.ajax({
+            url: url,
+            type: "GET",
+            success: function(data) {
+		$modal.html(data).foundation('open');
+            }
+        });
+    });
     
+    $(document).on("click", "#addemail", function(event) {
+	event.preventDefault();
+	var url = $(this).attr("href");
+	$.ajax({
+            url: url,
+            type: "GET",
+            success: function(data) {
+		$modal.html(data).foundation('open');
+            }
+	});
+    });
+
+    $(document).on("submit", "#addemailform", function(event) {
+	event.preventDefault();
+	var url = $("#addemailform").attr("action");
+	$.ajax({
+            url: url,
+            type: "POST",
+	    data: $("#addemailform").serialize(),
+            success: function(data) {
+		console.log(data);
+		if (data['ticket']) {
+		    location.href = data['ticket'];
+		}
+		else if (data['refresh']) {
+		    window.location.reload(true);
+		} else if (data['msg_body']){
+		    $("#vendor-results").html("<p><b>" + data['text'] + " Or <a href=\""+ data['email_link'] + "\">Request Authorization via Email</a></b></p>")
+                    $("#id_msg").val(data['msg_body']);
+                    $("#msgvendor").removeClass("hidden");
+		} else {
+		    $("#vendor-results").html("<p><b><span class=\"error\">" + data['text'] +"</span></b></p>");
+		    if (data['bypass']) {
+			$("#vendor-results").append("<p><a href=\"" + data['bypass'] + "\">Request Internal Validation for this Email</a></p>");
+		    }
+		}
+            }
+	});
+    });
 
 });
diff --git a/vince/static/vince/js/signup.js b/vince/static/vince/js/signup.js
index 3bad3be..8041787 100644
--- a/vince/static/vince/js/signup.js
+++ b/vince/static/vince/js/signup.js
@@ -46,3 +46,14 @@ $(document).on("submit", "#signupform", function(event) {
     event.preventDefault();
     return noDoubleClicks($(this));
 });
+
+$(document).ready(function() {
+
+
+    $('#showhelptip').qtip({
+        content: $("#loginhelp"),
+	style: {classes: 'qtip-youtube'}
+    });
+
+
+});
diff --git a/vince/static/vince/js/tickets.js b/vince/static/vince/js/tickets.js
index 9347e6e..d2aa9fa 100644
--- a/vince/static/vince/js/tickets.js
+++ b/vince/static/vince/js/tickets.js
@@ -626,7 +626,7 @@ $(document).ready(function() {
             type: "POST",
             data: {'csrfmiddlewaretoken':csrftoken, 'vendor': vendor, 'email':$("#msgadmin").attr("email")},
             success: function(data) {
-		$("#vendor-results").html("<p>" + data['text'] + "</p><p><a href=\""+ data['contact_link']+"\">View Contact</a>")
+		$("#vendor-results").html("<p>" + data['text'] + "</p><p><a href=\""+ data['contact_link']+"\">View Contact</a> <b>OR</b> <a href=\""+data['email_link']+"\">Request Authorization via Email</a></p>")
 		if (data['msg_link']) {
 		    $("#msgadminform").attr("action", data['msg_link']);
 		    $("#msgabutton").prop("disabled", false);
diff --git a/vince/static/vince/js/vinny_dashboard.js b/vince/static/vince/js/vinny_dashboard.js
index 0b223e9..abae74e 100644
--- a/vince/static/vince/js/vinny_dashboard.js
+++ b/vince/static/vince/js/vinny_dashboard.js
@@ -41,16 +41,11 @@ function searchThreads(e, newpage) {
 	page = newpage;
     }
 
-    var url = $("#filter_threads").attr("href");
-    var owner = $("input[id^='id_owner_']:checked").val();
+    var url = $("#searchform").attr("action");
     $.ajax({
         url : url,
         type: "POST",
-        data: {"keyword": $("#filter_threads").val(),
-	       "owner": owner,
-	       "page": page,
-               "csrfmiddlewaretoken": csrftoken
-              },
+        data: $('#searchform').serialize(),
         success: function(data) {
             $("#casecontainer").html(data);
         }
@@ -77,6 +72,15 @@ $(document).ready(function() {
 
     });
 
+    var form = document.getElementById('searchform');
+    if (form) {
+        if (form.attachEvent) {
+            form.attachEvent("submit", searchThreads);
+        } else {
+            form.addEventListener("submit", searchThreads);
+        }
+    }
+    
     $(document).on("click", '.search_notes', function(event) {
         var page = $(this).attr('next');
 	$("#id_page").val(page);
diff --git a/vince/templates/vince/add_email_contact.html b/vince/templates/vince/add_email_contact.html
new file mode 100644
index 0000000..2f88ee2
--- /dev/null
+++ b/vince/templates/vince/add_email_contact.html
@@ -0,0 +1,49 @@
+{% load i18n markdown_extras %}
+<div class="full_modal">
+  <form method="post" action="{% url 'vince:addemail' contact.id %}" id="addemailform" lookup="{% url 'vince:userlookup' %}">
+  <div class="modal-content">
+    <div class="modal-header">
+      <h3 class="modal-title">Add Email To Contact</h3>
+    </div>
+
+    <div class="modal-body">
+      {% csrf_token %}
+      <p>
+      <div class="form-group">
+        <label for='id_{{ form.email.name }}'>{% trans form.email.label %}<span class='required'>*</span></label>
+        {% if form.email.help_text %}<small class='form-text text-muted'>{% trans form.email.help_text %}</small>{% endif %}
+        {{ form.email }}
+        {% if form.email.errors %}<dd class='error'>{{ form.email.errors }}</dd>{% endif %}
+      </div>
+      {% if contact.vendor_type == "Contact" %}
+      <div class="form-group">
+	<label for='id_{{ form.name.name }}'>{% trans form.name.label %}<span class='required'>*</span></label>
+        {% if form.name.help_text %}<small class='form-text text-muted'>{% trans form.name.help_text %}</small>{% endif %}
+        {{ form.name }}
+        {% if form.name.errors %}<dd class='error'>{{ form.name.errors }}</dd>{% endif %}
+      </div>
+      {% else %}
+      <div class="form-group">
+        <label for='id_{{ form.email_type.name }}'>{% trans form.email_type.label %}<span class='required'>*</span></label>
+        {% if form.email_type.help_text %}<small class='form-text text-muted'>{% trans form.email_type.help_text %}</small>{% endif %}
+        {{ form.email_type }}
+        {% if form.email_type.errors %}<dd class='error'>{{ form.email_type.errors }}</dd>{% endif %}
+      </div>
+      {% endif %}
+      <div id="vendor-results">
+      </div>
+      <div id="msgvendor" class="hidden">
+        <label for='id_msg'>Message to Admins:</label>
+        <textarea name="msg" cols="40" rows="8" id="id_msg"></textarea>
+      </div>
+      </p>
+    </div>
+    <div class="modal-footer text-right">
+      <a href="#" class="hollow button" data-close type="cancel">Cancel</a>
+      <input class="button alert" type='submit' value='{% trans "Add" %}' />
+    </div>
+  </div>
+  <button class="close-button" data-close aria-label="Close modal" type="button">
+    <span aria-hidden="true">&times;</span>
+  </button>
+</div>
diff --git a/vince/templates/vince/case.html b/vince/templates/vince/case.html
index 5d57bfd..b87453c 100644
--- a/vince/templates/vince/case.html
+++ b/vince/templates/vince/case.html
@@ -17,6 +17,8 @@
 <script type="text/javascript" src="{% static 'vince/js/taggle.js' %}"></script>
 <script type="text/javascript" src="{% static 'vince/js/artifactmodal.js' %}"></script>
 <script type="text/javascript" src="{% static 'vince/js/reminder.js' %}"></script>
+<link rel="stylesheet" href="{% static 'vince/css/easymde.min.css' %}">
+<script src="{% static 'vince/js/easymde.min.js' %}"></script>
 
 {% endblock %}
 									 
diff --git a/vince/templates/vince/case_summary.html b/vince/templates/vince/case_summary.html
index ba16e93..3d5d7c2 100644
--- a/vince/templates/vince/case_summary.html
+++ b/vince/templates/vince/case_summary.html
@@ -212,6 +212,7 @@
       <p>
 	{% if vulnote %}
 	<a href="{% url 'vince:edit_vulnote' vulnote.id %}"><button class="button cmu tiny"><i class="fas fa-pencil-alt"></i> Edit Vul Note</button></a>
+	<a href="{% url 'vince:download_vulnote' vulnote.id %}"><button class="button cmu tiny"><i class="fas fa-download"></i> Download</button></a>
 	<a href="{% url 'vince:changelog' vulnote.id %}"><button class="button cmu tiny"> <i class="fas fa-clock"></i> View Full History</button></a>
 	<button id="sharevulnote" class="button cmu tiny" action="{% url 'vince:sharevulnote' vulnote.id %}" {% if case.lotus_notes %}disabled{% endif %}> <i class="fas fa-share-square"></i> Share in VinceComm</button>
 	{% if vulnote.ticket_to_approve %}
diff --git a/vince/templates/vince/confirm_rm_email.html b/vince/templates/vince/confirm_rm_email.html
new file mode 100644
index 0000000..c1a8ef0
--- /dev/null
+++ b/vince/templates/vince/confirm_rm_email.html
@@ -0,0 +1,25 @@
+{% load i18n markdown_extras %}
+<div class="full_modal">
+  <form method="post" action="{% url 'vince:rmemail' contact.id email.id %}" id="rmpostform">
+  <div class="modal-content">
+    <div class="modal-header">
+      <h3 class="modal-title">Remove Email From Contact</h3>
+    </div>
+
+    <div class="modal-body">
+      {% csrf_token %}
+      {% if vcuser %}
+      <p>Are you sure you want to remove {{ email.email }} from this Contact? Removing this email will also remove access for user <b><a href="{% url 'vince:vcuser' vcuser.id %}">{{ vcuser.vinceprofile.preferred_username }}</a></b> to {{ contact.vendor_name }}'s cases.</p>
+      {% else %}
+      <p>Are you sure you want to remove {{ email.email }} from this Contact? </p>
+      {% endif %}
+    </div>
+    <div class="modal-footer text-right">
+      <a href="#" class="hollow button" data-close type="cancel">Cancel</a>
+      <input class="button alert" type='submit' value='{% trans "Yes, Remove" %}' />
+    </div>
+  </div>
+  <button class="close-button" data-close aria-label="Close modal" type="button">
+    <span aria-hidden="true">&times;</span>
+  </button>
+</div>
diff --git a/vince/templates/vince/contact.html b/vince/templates/vince/contact.html
index f46dc42..5e0f53d 100644
--- a/vince/templates/vince/contact.html
+++ b/vince/templates/vince/contact.html
@@ -1,5 +1,5 @@
 {% extends VINCETRACK_BASE_TEMPLATE %}
-{% load i18n humanize ticket_to_link %}
+{% load i18n humanize ticket_to_link contact_tags %}
 {% load staticfiles %}
 {% block js %}
 {{ block.super }}
@@ -9,23 +9,18 @@
 <div class="app-top-panel">
   <div class="row">
     <div class="large-7 medium-7 columns">
-      <h2>Contact: {{ contact.vendor_name }}</h2>
+      <h2>{{ contact.vendor_type }}: {{ contact.vendor_name }}</h2>
     </div>
     <div class="large-5 medium-5 columns text-right">
       {% if changes %}
       <a href="{% url 'vince:contact_changes' object.id %}"><button class="button default small small-only-expanded">Approve Changes</button></a>
       {% endif %}
       <a href="{% url 'vince:editcontact' object.id %}" class="ticket-edit"><button class="button primary small small-only-expanded"><i class="fas fa-pencil-alt"></i> {% trans "Edit Contact" %}</button></a>
-      {% if groupadmins %}
-      <a href="{% url 'vince:msgadminadduser' contact.id %}" id="adduser"><button class="button default small small-only-expanded"><i class="fas fa-plus"></i> {% trans "Add User" %}</button></a>
-      {% else %}
-      <a href="{% url 'vince:initcontactverify' object.id %}"><button class="button default small small-only-expanded"><i class="fas fa-plus"></i> {% trans "Add User" %}</button></a>
-      {% endif %}
     </div>
   </div>
 </div>
 
-<div data-reveal class="reveal" id="modal" "data-close-on-click"=false></div>
+<div data-reveal class="reveal" id="modal" data-close-on-click="false"></div>
 
 {% if changes %}
 <div class="row">
@@ -42,8 +37,8 @@ <h2>Contact: {{ contact.vendor_name }}</h2>
 </div>
 {% endif %}
 
-{{ groupadmins|json_script:"groupadmins" }}
-{{ assignable|json_script:"assignable_users" }}
+{{ groups|json_script:"groups" }}
+{{ all_groups|json_script:"all_groups" }}
 {{ contacttags|json_script:"contact_tags" }}
 {{ othertags|json_script:"other_tags" }}
 
@@ -55,6 +50,15 @@ <h2>Contact: {{ contact.vendor_name }}</h2>
   </div>
 </div>
 
+{% if contact.active %}{% else %}{% if vince_users %}
+<div class="row">
+  <div class="large-12 columns">
+    <div class="callout alert"><b>Uh oh! This contact is inactive but has active VINCE users.  Please remove VINCE users or activate contact!</b></div>
+  </div>
+</div>
+{% endif %}
+{% endif %}
+
 <div class="hidden" id="task_assign">
   <div class="reassign">
     <select class="task_reassign">
@@ -69,7 +73,7 @@ <h2>Contact: {{ contact.vendor_name }}</h2>
 
 
 <div class="row">
-  <div class="large-9 medium-9 small-12 columns">
+  <div class="large-12 medium-12 small-12 columns">
 
     <div class="case-container">
       <ul class="tabs" data-tabs id="case-tabs" data-deep-link="true" data-update-history="true">
@@ -80,49 +84,162 @@ <h2>Contact: {{ contact.vendor_name }}</h2>
       </ul>
       <div class="tabs-content" data-tabs-content="case-tabs">
 	<div class="tabs-panel is-active" id="details">
-
-	  {% if object.active %}
-	  <h4>{{ object.vendor_name }} (Active)</h4>
-	  {% else %}
-	  <h4>{{ object.vendor_name }} (Inactive)</h4>
-	  {% endif %}
-	  <table class="hover unstriped tickets">
-	    <thead>
-	      <tr class="row_tablehead"><td colspan="2">
-		  <span class="ticket_toolbar">
-		    <a href="{% url 'vince:rmcontact' object.id %}" class="ticket-delete"><button class="button tiny alert"><i class="far fa-trash-alt"></i> {% trans "Delete" %}</button></a> {% if vc_contact %}<a href="{% url 'vinny:admin' vc_contact.id %}"><button class="button tiny primary"><i class="fas fa-users-cog"></i>  {% trans "View Case Permissions" %}</button></a>{% endif %}
-		  </span>
-		</td>
-	      </tr>
-	      <tr><th colspan='2'>SRMail: <i>{{ object.srmail_peer }}</i> &nbsp;&nbsp; Salutation: <i>{{ object.srmail_salutation }}</i></th></tr>
-	    </thead>
-	    <tbody>
+	  <div class="row">
+	    <div class="large-8 medium-8 small-6 columns">
+	      {% if object.active %}
+	      <h4>{{ object.vendor_name }} (Active)</h4>
+	      {% else %}
+	      <h4>{{ object.vendor_name }} (Inactive)</h4>
+	      {% endif %}
+	    </div>
+	    <div class="large-4 medium-4 small-6 columns">
+	      <button class="button default dropdown menu float-right" data-dropdown-menu type="button" data-toggle="wanttomenu" aria-haspopup="true" aria-expanded="false" id="iwanttobutton">
+		I want to</button>
+	      <div class="dropdown-pane hoverable bottom" id="wanttomenu" data-dropdown data-hover="true" data-hover-pane="true">
+		<ul class="menu vertical">
+		  {% if contact.active %}
+		  <li><a class="dropdown-item" href="{% url 'vince:editcontact' object.id %}?deactivate=1">{% trans "Deactivate Contact" %}</a></li>
+		  {% else %}
+		  <li><a class="dropdown-item" href="{% url 'vince:editcontact' object.id %}?activate=1">{% trans "Activate Contact" %}</a></li>
+		  {% endif %}
+		  {% if user.is_superuser %}
+		  <li><a class="dropdown-item" href="{% url 'vince:rmcontact' object.id %}">{% trans "Delete Contact" %}</a></li>
+		  {% endif %}
+		  {% if vc_contact %}
+		  <li><a class="dropdown-item" href="{% url 'vinny:admin' vc_contact.id %}">{% trans "View Case Permissions" %}</a></li>
+		  {% endif %}
+		  <li><a class="dropdown-item" href="{% url 'vinny:sendmsggroup' object.id %}">{% trans "Message All Users" %}</a></li>
+		  <li><a class="dropdown-item" href="{% url 'vince:newemail' contact.id %}">{% trans "Email All Users" %}</a></li>
+		  {% if groupadmins %}
+		  <li><a class="dropdown-item" href="{% url 'vinny:sendmsgadmins' object.id %}">{% trans "Message Admins" %}</a></li>
+		  <li><a class="dropdown-item" href="{% url 'vince:newemailadmins' 'admins' contact.id %}">{% trans "Email Group Admins" %}</a></li>
+		  {% endif %}
+		</ul>
+	      </div>
+	    </div>
+	  </div>
+	  <div class="row">
+	    <div class="large-12 columns">
+	      <b>{% trans "Type" %}: </b>
+	      {% if object.vendor_type == "Contact" %}
+	      User
+	      {% else %}
+	      {{ object.vendor_type }}
+	      {% endif %}
+		<span class="hidden" id="vendor_type_help">
+		  {% if object.vendor_type == "Vendor" %}
+		  <p>A vendor type contact is typically a company or organization that creates or sells products. This type of contact usually consists of 1 or more people and has the ability to manage users in their group in VINCEComm. A vendor should name at least 1 group admin.</p>
+		  {% elif object.vendor_type == "Coordinator" %}
+		  <p>A coordinator type contact is able to invite/add users to their group.  A coordinator group should have at least 1 group admin. Coordinator contacts should not be listed as vendors in cases.</p>
+		  {% else %}
+		  <p>A "Contact" or "User" type contact is typically a single person's contact information. They will not be able to add users to their group.</p>
+		  {% endif %}
+		</span>
+		<span class="helptooltip" id="showcharttip" title="Contact Type Help"><i class="fas fa-question-circle"></i></span>
+		<small>&nbsp;({% if vince_users|length == 1 %}1 User{% else %}{{vince_users|length}} Users{% endif %}{% if object.vendor_type == "Contact" %}{% else %}{% if groupadmins|length == 1 %}, &nbsp;1 Admin{% else %},&nbsp;{{ groupadmins|length }} Admins{% endif %}{% endif %})</small>
+	    </div>
+	  </div>
+	  <div class="row">
+	    <div class="large-12 columns">
+	      <b>Location:</b> {{ object.location }} [{{ object.countrycode }}]
+	    </div>
+	  </div>
+	  <div class="row">
+	    <div class="large-12 columns">
 	      {% if object.comment %}
-	      <tr>
-		<th colspan='2'>{% trans "Comment" %}: {{ object.comment }}</th>
-	      </tr>
+	      <p><b>{% trans "Comment" %}:</b> {{ object.comment }}<p>
 	      {% endif %}
-	      <tr>
-		<th width="200">{% trans "Type" %}</th>
-		{% if object.vendor_type == "Vendor" %}
-		<td>{{ object.vendor_type }} [#{{ object.lotus_id }}]</td>
+	    </div>
+	  </div>
+	  <hr/>
+	  <div class="row">
+	    <div class="large-6 columns">
+	      <h4>Emails/Users</h4>
+	    </div>
+	    <div class="large-6 columns text-right">
+	      <a href="{% url 'vince:addemail' object.id %}" class="small button default" id="addemail"><i class="fas fa-plus"></i> Add Email</a>
+	      {% comment %}
+	      {% if groupadmins %}
+	      <a href="{% url 'vince:msgadminadduser' contact.id %}" id="adduser"><button class="button default small small-only-expanded"><i class="fas fa-plus"></i> {% trans "Add User" %}</button></a>
+	      {% else %}
+	      <a href="{% url 'vince:initcontactverify' object.id %}"><button class="button default small small-only-expanded"><i class="fas fa-plus"></i> {% trans "Add User" %}</button></a>
+	      {% endif %}
+	      {% endcomment %}
+	    </div>
+	  </div>
+	  <span class="hidden" id="email_type_help">
+	    <p>A Notification-Only email address is typically a team email or email list address. VINCE users with Notification-Only addresses will NOT be able to access cases associated with this contact.</p>
+	    <p>To change email type, remove email and re-add email with desired type.</p>
+	  </span>
+	    
+	  <div class="row">
+	    <div class="large-12 columns">
+	      <table class="hover usermgmt">
+		<thead>
+		  <tr>
+		    
+		<th>Type <span class="helptooltip" id="showtypehelp" title="Help"><i class="fas fa-question-circle"></i></span></th>
+		<th>Email</th>
+		<th>User (Name)</th>
+		<th>Notifications</th>
+		<th width="80">Actions</th>
+	      </tr>
+	    </thead>
+	    {% for email in object.emailcontact_set.all %}
+	    {% with t=email.email|vince_user_link %}
+		<tr>
+		  <td>
+		  {% if email.email_list %}
+		  Notification-Only
+		  {% elif t %}
+		  User
+		  {% if email.email in groupadmins %}<i class="fas fa-crown" title="Group Admin"></i>                  {% endif %}
+		  {% elif object.id|inviteduser:email.email %}
+		  Invited User
+		  {% else %}
+		  Email
+		  {% endif %}
+		  </td>
+		  
+		  <td>{{ email.email }}{% if email.status %}{% else %}<span class="errornote"><b>(INACTIVE)</b></span>{% endif %}</td>
+
+		{% if email.email in vince_users and t %}
+		<td>  <i class="fas fa-user"></i> <a href="{% url 'vince:vcuser' t.id %}">{{ t.vinceprofile.preferred_username }}</a> ({% if t.get_full_name %}{{ t.get_full_name }}{% else %}{{ email.name }}{% endif %}) </td>
 		{% else %}
-		<td>{{ object.vendor_type }}</td>
+		<td><i class="fas fa-user-alt-slash"></i> {% if email.name %}({{ email.name }}){% endif %}</td>
 		{% endif %}
-	      </tr>
-	      <tr>
-		<th>{% trans "Location" %}</th>
-		<td> {{ object.location }} [{{ object.countrycode }}]</td>
-	      </tr>
-	      {% for email in object.emailcontact_set.all %}
-	      <tr>
-		<th>Email {% if email.email_list %}[EMAIL LIST]{% else %} [{{ email.email_type}}]{% endif %}</th>
-		<td> {{ email.email_function }}: {{ email.email }}, {{ email.name }} {% if email.status %}{% else %}<span class="errornote"><b>(INACTIVE)</b></span>{% endif %}</td>
-	      </tr>
-	      {% endfor %}
+		<td>{% if email.email_function in "TO,CC" %}Enabled  <a href="{% url 'vince:changeemail' email.id %}" class="modemail"><i class="fas fa-edit" title="Disable"></i></a>{% else %}Disabled <a href="{% url 'vince:changeemail' email.id %}" class="modemail"><i class="fas fa-edit" title="Enable"></i></a>{% endif %}</td>
+		  <td>{% if user.usersettings.contacts_write %}<a href="{% url 'vince:rmemail' object.id email.id %}" class="rmemail"><i class="fas fa-trash-alt" aria-hidden="true" title="Remove email/user"></i></a>
+		    {% if email.email_list %}{% else %}
+		  {% if email.email in groupadmins %}
+		  <a href="{% url 'vince:contact' object.id %}" class="rmadminuser" val="{{ email.email }}"><i class="fas fa-ban" title="Remove Admin Access"></i></a>
+		  {% elif t %}
+		  {% if object.vendor_type == "Contact" %}{% else %}
+		  <a href="{% url 'vince:contact' object.id %}" class="adminuser" val="{{ email.email }}"><i class="fas fa-crown" aria-hidden="true" title="Make user group administrator"></i></a>{% endif %}
+		  {% endif %}
+		  {% endif %}
+		  {% endif %}
+		  {% if email.email in vince_users and t %}<a href="{% url 'vinny:sendmsgus' t.id %}"><i class="fas fa-comment" alt="message user" title="message user"></i></a>{% endif %}
+		</td>
+	    </tr>
+	    {% endwith %}
+	    {% endfor %}
+		{% for email in associations %}
+		<tr>
+		  <td><a href="{{ email.ticket.get_absolute_url }}">Verification Initiated</a></td>
+		  <td><i>{{ email.user }}</i></td>
+		  <td></td>
+		  <td></td>
+		</tr>
+		{% endfor %}
+	      </table>
+	    </div>
+	  </div>
+	  <hr/>
+	  <table class="hover unstriped tickets">
 	      {% for phone in object.phonecontact_set.all %}
 	      <tr>
-		<th>Phone [{{ phone.phone_type }}]</th>
+		<th width="200">Phone [{{ phone.phone_type }}]</th>
 		<td>{{ phone.country_code }} {{ phone.phone }} {% if phone.comment %}(Comment: {{ phone.comment }}){% endif %}</td>
 	      </tr>
 	      {% endfor %}
@@ -150,32 +267,16 @@ <h4>{{ object.vendor_name }} (Inactive)</h4>
 		<td><a href="{{ web.url }}">{{ web.url }}</a> {% if web.description %}{{ web.description }}{% endif %}</td>
 	      </tr>
 	      {% endfor %}
-	      <tr>
-		<th>Groups</th>
-		<td>
-		  {% for group in groups %}
-		  <a href="{% url 'vince:group' group.group.id %}">{{ group.group.name }}</a>,
-		  {% empty %}
-		  This vendor is not a member of any groups
-		  {% endfor %}
-		</td>
-	      </tr>
-	      <tr>
-		<th class="text-center">VINCEComm<br/> Users {% if vince_users %}<a title="Message All Users" href="{% url 'vinny:sendmsggroup' object.id %}"><i class="fas fa-comment"></i></a>{% endif %} <a href="{% url 'vince:newemail' contact.id %}" title="Email All Users"><i class="fas fa-paper-plane"></i> </a></th>
-		<td>{% for u in vince_users %}
-		  <a href="{% url 'vince:vcuser' u.id %}">{{ u.username }} ({{ u.vinceprofile__preferred_username}})</a> <a href="{% url 'vinny:sendmsgus' u.id %}"><i class="fas fa-comment" alt="message user" title="message user"></i></a> {% endfor %}</td>
-	      </tr>
 	      
 	      <tr>
-		<th>Vendor<br/> Admins {% if groupadmins %}<a title="Message Admins" href="{% url 'vinny:sendmsgadmins' object.id %}"><i class="fas fa-comment"></i></a>
-		<a href="{% url 'vince:newemailadmins' 'admins' contact.id %}" title="Email Admins"><i class="fas fa-paper-plane"></i> </a>{% endif %}</th>
+		<th width="100">Groups</th>
 		<td>
-		  <div class="taggle_input custom martie" id="admin_taggle"></div>
+		  <div class="taggle_input custom martie" id="group_taggle" action="{% url 'vince:addtogroup' object.id %}"></div>
 		</td>
 	      </tr>
 
 	      <tr>
-		<th>Tags</th>
+		<th width="100">Tags</th>
 		<td>
 		  <div class="taggle_input custom martie" id="contact_taggle" ></div>
                 </td>
@@ -278,8 +379,10 @@ <h3>No cases found</h3>
       </div>
     </div>
   </div>
-  <div class="large-3 medium-3 small-12 columns activity-div" id="activitypanel" action="{% url 'vince:contact_activity' object.id %}">
-    {% include 'vince/include/contactactivity.html' with object_list=activity_list %}
+</div>
+<div class="row">
+  <div class="large-12 medium-12 small-12 columns" id="activitypanel" action="{% url 'vince:contact_activity' object.id %}">
+    {% include 'vince/include/alt_contact_activity.html' with object_list=activity_list %}
     </div>
 </div>
     
diff --git a/vince/templates/vince/contact_report.html b/vince/templates/vince/contact_report.html
index c3990a6..5e0bdd0 100644
--- a/vince/templates/vince/contact_report.html
+++ b/vince/templates/vince/contact_report.html
@@ -44,6 +44,11 @@ <h2>Contact Reports</h2>
 	  Users without MFA
 	</div>
       </a>
+      <a class="query" href="{% url 'vince:contactreports' 5 %}">
+	<div class="callout">
+	  Users with Email notificiations disabled
+	</div>
+      </a>
     </div>
     
     <div class="large-8 columns">
@@ -59,6 +64,8 @@ <h5 class="text-center">Query Results {% if results %}({{ results|length }} resu
 	  <a href="{% url 'vince:contact' x.id %}">{{ x.vendor_name }}</a>
 	  {% endif %}
 	</div>
+	{% empty %}
+	<p class="text-center"> 0 Results </p>
 	{% endfor %}
       </div>
     </div>
diff --git a/vince/templates/vince/contactsresults.html b/vince/templates/vince/contactsresults.html
index d869027..dea9e72 100644
--- a/vince/templates/vince/contactsresults.html
+++ b/vince/templates/vince/contactsresults.html
@@ -20,7 +20,7 @@
 	    {% if contact.vendor_type == "Contact" %}
 	    <td> <i class="far fa-address-book" title="Contact"></i>  <a href="{% url 'vince:contact' contact.id %}">{{ contact.vendor_name }}</a> </td>
 	    <td> {% autoescape off %}{{ contact.get_tag_html }}{% endautoescape %} </td>
-	    {% elif contact.vendor_type == "Vendor" %}
+	    {% elif contact.vendor_type in "Vendor,Coordinator" %}
 	    <td> <i class="fas fa-building" title="Vendor"></i>  <a href="{% url 'vince:contact' contact.id %}">{{ contact.vendor_name }}</a> </td>
 	    <td> {% autoescape off %}{{ contact.get_tag_html }}{% endautoescape %} </td>
 	    {% elif contact.srmail_peer_name %}
diff --git a/vince/templates/vince/create_case.html b/vince/templates/vince/create_case.html
index 4533347..e8da863 100644
--- a/vince/templates/vince/create_case.html
+++ b/vince/templates/vince/create_case.html
@@ -65,7 +65,7 @@ <h5>{{ REPORT_ID }}: {{ form.vrf_id.value }}</h5>
 	  <h6>Submitted on: {{ form.date_submitted.value }}</h6>
 	  {% else %}
 	  <div class="callout success">{% if create_case %}
-	    You requested to create a Case.  Please fill in the required information before creating the case.
+	    You requested to create a Case.  Please fill in the required information before creating the case. All information can be modified later.
 	    {% else %}
 	    You requested to create a Case Request.  Please fill in the following information to submit the request.
 	    {% endif %}
@@ -81,7 +81,7 @@ <h6>Submitted on: {{ form.date_submitted.value }}</h6>
 	  <h4>Vulnerability Information</h4>
           <div class="form-group">
             <label for="id_product_name">What is the name of the affected product or software? <span class="required">*</span></label>
-            <small class="form-text text-muted">{{ form.product_name.help_text }}</small>
+            <small class="form-text text-muted">{{ form.product_name.help_text }} This will also be used as the Case title.</small>
             {% render_field form.product_name class="form-control" %}
           </div>
           <div class="form-group">
diff --git a/vince/templates/vince/edit_case.html b/vince/templates/vince/edit_case.html
index c386d84..9a2501e 100644
--- a/vince/templates/vince/edit_case.html
+++ b/vince/templates/vince/edit_case.html
@@ -20,7 +20,7 @@ <h2>Edit Case <a href="{{ object.get_absolute_url }}">{{ CASE_ID }}{{ object.vui
     <form method="post" id="caseform">{% csrf_token %}
       {% if form.errors %}
       <p class="errornote">
-        {% if form.errors.items|length == 1 %}"Please correct the error below."{% else %}"Please correct the errors below."{% endif %}
+        {% if form.errors.items|length == 1 %}Please correct the error below.{% else %}Please correct the errors below.{% endif %}
       </p>
       {% endif %}
       <div class="row">
diff --git a/vince/templates/vince/editcontact.html b/vince/templates/vince/editcontact.html
index a4d1bcf..4d1bd33 100644
--- a/vince/templates/vince/editcontact.html
+++ b/vince/templates/vince/editcontact.html
@@ -77,10 +77,10 @@ <h2>Edit Contact: <a href="{% url 'vince:contact' contact.id %}">{{ contact.vend
                   {% render_field form.active class="form-control" %}
                 </div>
                 <div class="large-1 medium-1 columns">
-                  <label for="id_vendor_type">Type:</label>
+                  <label for="id_vtype">Type:</label>
                 </div>
                 <div class="large-3 medium-3 columns">
-                  {% render_field form.vendor_type class="form-control" %}
+                  {% render_field form.vtype class="form-control" %}
                 </div>
                 <div class="large-6 medium-6 columns"></div>
               </div>
@@ -95,66 +95,30 @@ <h2>Edit Contact: <a href="{% url 'vince:contact' contact.id %}">{{ contact.vend
 		<div class="large-4 medium-4 columns"></div>
 	      </div>
 	    </div>
-
-	    <div id="lotus" {% if form.vendor_type.value == "Contact" %} class="row hidden" {% else %} class="row"{% endif %}>
-              <div class="form-group">
-                <div class="large-8 medium-8 columns">
-                  <div class="required"><label for="id_lotus_id">VEND#:</label>
-		    {% if form.lotus_id.value > 0 %}
-		  </div>
-		  {% else %}
-		  <a href="{% url 'vince:generate' %}" id="generateVendor" title="Generate a new vendor ID"><i class="fas fa-cog"></i></a></div>
-		  {% endif %}
-                  {% render_field form.lotus_id|add_class:"form-control"|append_attr:"readonly:readonly"|leading_zeros:6 %}
-
-                </div>
-              <div class="large-4 medium-4 columns"></div>
-	    </div>
-	  </div>
-	  <div class="row">
-	    <div class="form-group">
-	      <div class="large-8 medium-8 columns">
-		{% if form.srmail_peer.errors %}<dd class='error'>{{ form.srmail_peer.errors }}</dd>{% endif %}
-
-		<div class="required"><label for="id_srmail_peer">SRMail Peer Name: </label></div>
-		{% render_field form.srmail_peer|add_class:"form-control" %}
-              </div>
-              <div class="large-4 medium-4 columns"></div>
-	    </div>
-            </div>
-	  <div class="row">
-	    <div class="form-group">
-	      <div class="large-8 medium-8 columns">
-		<label for="id_srmail_salutation">SRMail Salutation:</label>
-                {% render_field form.srmail_salutation class="form-control" %}
-              </div>
-              <div class="large-4 medium-4 columns">
-	      </div>
-	    </div>
-	    </div>
 	    <div class="row">
 	      <div class="form-group">
-              <div class="large-4 medium-4 columns">
-                <label for="id_location">Location:</label>
-                {% render_field form.location class="form-control" %}
-              </div>
-	      <div class="large-4 medium-4 columns">
-                <label for="id_countrycode">Country:</label>
-                {% render_field form.countrycode class="form-control" %}
-
-		<div class="large-3 medium-3 columns"></div>
+		<div class="large-4 medium-4 columns">
+                  <label for="id_location">Location:</label>
+                  {% render_field form.location class="form-control" %}
 		</div>
-	      </div>
-	      <div class="row">
-		<div class="form-group">
-              	  <div class="large-12 medium-12 columns">
-		    <label for="id_comment">Comment:</label>
-		    {% render_field form.comment class="form-control" %}
-                  </div>
+		<div class="large-4 medium-4 columns">
+                  <label for="id_countrycode">Country:</label>
+                  {% render_field form.countrycode class="form-control" %}
+		  
+		  <div class="large-3 medium-3 columns"></div>
 		</div>
-              </div>
 	    </div>
+	    <div class="row">
+	      <div class="form-group">
+              	<div class="large-12 medium-12 columns">
+		  <label for="id_comment">Comment:</label>
+		  {% render_field form.comment class="form-control" %}
+                </div>
+	      </div>
+            </div>
+	  </div>
 	</li>
+	{% comment %}
 	<li class="accordion-item is-active" data-accordion-item>
           <a href="#" class="accordion-title">Emails</a>
           <div class="accordion-content" data-tab-content>
@@ -187,6 +151,7 @@ <h2>Edit Contact: <a href="{% url 'vince:contact' contact.id %}">{{ contact.vend
 	    </table>
 	  </div>
 	</li>
+	{% endcomment %}
 	<li class="accordion-item is-active" data-accordion-item>
           <a href="#" class="accordion-title">Crypto</a>
           <div class="accordion-content" data-tab-content>
@@ -270,6 +235,7 @@ <h2>Edit Contact: <a href="{% url 'vince:contact' contact.id %}">{{ contact.vend
 	    </div>
 	  </div>
 	</li>
+	{% comment "No need for srmail block any longer" %}
 	<li class="accordion-item" data-accordion-item>
           <a href="#" class="accordion-title">SRMail block</a>
           <div class="accordion-content" data-tab-content>
@@ -291,6 +257,7 @@ <h2>Edit Contact: <a href="{% url 'vince:contact' contact.id %}">{{ contact.vend
 	    </div>
 	  </div>
 	</li>
+	{% endcomment %}
 	<li class="accordion-item" data-accordion-item>
           <a href="#" class="accordion-title">Postal</a>
           <div class="accordion-content" data-tab-content>
diff --git a/vince/templates/vince/editgroup.html b/vince/templates/vince/editgroup.html
index 9c84678..a39093b 100644
--- a/vince/templates/vince/editgroup.html
+++ b/vince/templates/vince/editgroup.html
@@ -38,20 +38,12 @@ <h2>Edit Group: {{ group.name }}</h2>
 </div>
 {% endif %}
 
-{% if contacts_without_keys or expired_keys_contacts or contacts_without_emails %}
+{% if inactive_contacts %}
 <div class="row">
   <div class="large-12 columns">
     <div class="callout warning" role="alert">
       <p><b> <span style="color:red;">WARNING</span> - see below for details </b><br/>
-	{% if contacts_without_keys %}
-	This group has contact(s) without keys<br/>
-	{% endif %}
-	{% if expired_keys_contacts %}
-	This group has contact(s) with expired keys<br/>
-	{% endif %}
-	{% if contacts_without_emails %}
-	This group has contact(s) without email addresses<br/>
-	{% endif %}
+	This group has {{ inactive_contacts }} inactive member(s).
     </div>
   </div>
 </div>
@@ -63,15 +55,6 @@ <h2>Edit Group: {{ group.name }}</h2>
   <div class="large-6 medium-6 columns">
   {% csrf_token %}
   <input type="hidden" name="version" value="{{ group.version }}" />
-    <div class="row">      
-      <div class="form-group">
-        <div class="large-4 medium-4 columns">
-          {{ form.status.label_tag }}{% render_field form.status class="form-control" %}
-        </div>
-        <div class="large-8 medium-8 columns">
-        </div>
-      </div>
-    </div>
     <div class="row">
       <div class="large-8 medium-8 columns">
 	<div class="form-group">
@@ -81,25 +64,6 @@ <h2>Edit Group: {{ group.name }}</h2>
       </div>
       <div class="large-4 columns"></div>
     </div>
-    <div class="row">
-      <div class="large-8 medium-8 columns">
-        <div class="form-group">
-          <div class="required"><label for="srmail_peer_name">SRMail Peer Name: </label></div>
-          {% render_field form.srmail_peer_name class="form-control"%}
-        </div>
-      </div>
-      <div class="large-4 columns"></div>
-    </div>
-
-    <div class="row">
-      <div class="large-8 medium-8 columns">
-	<div class="form-group">
-          <div class="required">{{ form.group_type.label_tag }}</div>
-	  {% render_field form.group_type class="form-control"%}
-        </div>
-      </div>
-      <div class="large-4 columns"></div>
-    </div>
     <div class="row">
       <div class="large-8 medium-8 columns">
 	<div class="form-group">
@@ -113,6 +77,14 @@ <h2>Edit Group: {{ group.name }}</h2>
   <div class="large-6 columns">
   </div>
 </div>
+<div class="row">
+  <div class="form-group">
+    <div class="large-12 medium-12 columns">
+      {{ form.comment.label_tag }}
+      {% render_field form.comment class="form-control"%}
+    </div>
+    </div>
+</div>
 <div class="row">
   <div class="large-12 medium-12 columns">	
     <label>Add Contacts to the Group: </label>
@@ -142,14 +114,6 @@ <h2>Edit Group: {{ group.name }}</h2>
   </div>
 </div>
 <br/>
-<div class="row">
-  <div class="form-group">
-    <div class="large-12 medium-12 columns">
-      {{ form.comment.label_tag }}
-      {% render_field form.comment class="form-control"%}
-    </div>
-  </div>
-</div>
 <div class="row">
   <div class="large-12 columns">
     <input type="submit" value="Update Group" class="primary button">
@@ -158,43 +122,5 @@ <h2>Edit Group: {{ group.name }}</h2>
 </div>
 
 </form>
-<br/>
-{% if contacts_without_keys %}
-<div class="row">
-  <div class="large-12 columns">
-    <div class="callout alert" role="alert">
-      <strong>WARNING:</strong> The following contact(s) do not have a PGP key on file:<br/>
-      {% for contact in contacts_without_keys %}
-      <a href="{% url 'vince:contact' contact.id %}">{{ contact }}</a><br/>
-      {% endfor %}
-    </div>
-  </div>
-</div>
-{% endif %}
-{% if expired_keys_contacts %}
-<div class="row">
-  <div class="large-12 columns">
-    <div class="callout alert" role="alert">
-      <strong>WARNING:</strong> The following contact(s) have expired PGP Keys on file:<br/>
-      {% for contact in expired_keys_contacts %}
-      <a href="{% url 'vince:contact' contact.id %}">{{ contact }}</a><br/>
-      {% endfor %}
-    </div>
-  </div>
-</div>
-{% endif %}
-{% if contacts_without_emails %}
-<div class="row">
-  <div class="large-12 columns">
-    <div class="callout alert" role="alert">
-      <strong>WARNING:</strong> The following contact(s) do not have an EMAIL on file:<br/>
-      {% for contact in contacts_without_emails %}
-      <a href="{% url 'vince:contact' contact.id %}">{{ contact }}</a><br/>
-      {% endfor %}
-    </div>
-  </div>
-</div>
-{% endif %}
-
 {% endblock %}
 
diff --git a/vince/templates/vince/group.html b/vince/templates/vince/group.html
index 4aeb70c..038aead 100644
--- a/vince/templates/vince/group.html
+++ b/vince/templates/vince/group.html
@@ -12,7 +12,7 @@
       <h2>Contact Group: {{ group.name }}</h2>
     </div>
     <div class="large-4 columns text-right">
-      <a href="{% url 'vince:editgroup' object.id %}" class="ticket-edit"><button class="button cmu"><i class="fas fa-pencil-alt"></i> {% trans "Edit Group" %}</button></a>
+      <a href="{% url 'vince:editgroup' object.id %}" class="ticket-edit"><button class="button primary small"><i class="fas fa-pencil-alt"></i> {% trans "Edit Group" %}</button></a>
     </div>
   </div>
 </div>
@@ -25,27 +25,19 @@ <h2>Contact Group: {{ group.name }}</h2>
   </div>
 </div>
 
-{% if contacts_without_keys or expired_keys_contacts or contacts_without_emails %}
+{% if inactive_contacts %}
 <div class="row">
   <div class="large-12 columns">
     <div class="callout alert" role="alert">
-      <p><b> <span style="color:red;">WARNING</span> - see list below for details </b><br/>
-	{% if contacts_without_keys %}
-	This group has contact(s) without keys<br/>
-	{% endif %}
-	{% if expired_keys_contacts %}
-	This group has contact(s) with expired keys<br/>
-	{% endif %}
-	{% if contacts_without_emails %}
-	This group has contact(s) without email addresses<br/>
-	{% endif %}
+      <p><b> <span style="color:red;">WARNING</span> </b>
+	This group has {{ inactive_contacts }} inactive member(s).
     </div>
   </div>
 </div>
 {% endif %}
 
 <div class="row">
-  <div class="large-9 columns">
+  <div class="large-12 medium-12 small-12 columns">
     <div class="case-container">
       <ul class="tabs" data-tabs id="case-tabs" data-deep-link="true" data-update-history="true">
         <li class="tabs-title is-active"><a href="#details" aria-selected="true"> <i class="fas fa-mobile-alt"></i> Details</a></li>
@@ -53,85 +45,94 @@ <h2>Contact Group: {{ group.name }}</h2>
       </ul>
       <div class="tabs-content" data-tabs-content="case-tabs">
         <div class="tabs-panel is-active" id="details">
-	  {% if object.status == "Active" %}
-	  <h4>{{ object.name }} Group (Active)</h4>
-	  {% else %}
-	  <h4>{{ object.name }} Group (Inactive)</h4>
-	  {% endif %}
-	  <table class="hover tickets">
-	    <thead>
-              <tr class="row_tablehead"><td colspan="2">
-		  <span class="ticket_toolbar">
-		    <a href="{% url 'vince:rmgroup' object.id %}" class="ticket-delete"><button class="button tiny alert"><i class="far fa-trash-alt"></i> {% trans "Delete" %}</button></a>
-		  </span>
-		</td>
-	      </tr>
-              <tr><th colspan='4'>SRMail: <i>{{ object.srmail_peer_name }}</i></th></tr>
-	    </thead>
-	    <tbody>
-	      {% if object.description %}
-              <tr>
-		<th colspan='4'>{% trans "Description" %}: {{ object.description }}</th>
-              </tr>
-              {% endif %}
-              {% if object.comment %}
-              <tr>
-		<th colspan='4'>{% trans "Comment" %}: {{ object.comment }}</th>
-              </tr>
-              {% endif %}
-              <tr>
-		<th width="150">{% trans "Type" %}</th>
-		<td>{{ object.group_type }}</td>
-              </tr>
-	      <tr>
-		<th colspan="4">{% trans "Members" %} <!--<a id="downloadList" title="Download List of Group Members" class="needtip"><i class="fa fa-download fa-3" aria-hidden="true" id="downloadlist"></i></a>--></th>
-	      </tr>
-	      <tr><td colspan='4'>
-		  {% for member in group_members %}
-		  <ul>
-		    <li><a href="{% url 'vince:contact' member.contact.id %}">{{member.contact.vendor_name}}</a> {% if member.contact in contacts_without_keys %} <b>NO KEY</b>{% endif %}{% if member.contact in contacts_without_emails %} <b>NO EMAIL</b>{% endif %}</li>
-		  </ul>
-		  {% endfor %}
-		  {% if groupmembers %}
-		  <hr>
-		  <b>GROUPS</b>
-		  <hr>
-		  {% endif %}
-		  {% for member in groupmembers %}
-		  <ul>
-		    <li><a href="{{ member.get_absolute_url }}">{{ member.name }}</a> </li>
-		  </ul>
-		  {% endfor %}
-		  {# if forloop.counter|divisibleby:4 #}
-		  <!--</tr><tr>-->
-		  {# endif #}
-	      </td></tr>
+	  <div class="row">
+	    <div class="large-8 medium-8 small-6 columns">
 	      
-	  </table>
-	</div>
-	<div class="tabs-panel" id="cases">
-	  {% for c in cases %}
-          <div class="contact-case-list">
-            <div class="row">
-              <div class="large-8 columns">
-		<h4>
-                  <a href="{{ c.case.get_absolute_url }}#vendors">
-                    {{ c.case.get_title }}</a>
-		</h4>
-                <h6> Last updated {{ c.case.modified|naturaltime }}</h6>
-              </div>
-              <div class="large-4 columns text-right">
-                {% autoescape off %}{{ c.case.get_status_html }}{% endautoescape %}
+	      {% if object.status == "Active" %}
+	      <h4>{{ object.name }} Group (Active)</h4>
+	      {% else %}
+	      <h4>{{ object.name }} Group (Inactive)</h4>
+	      {% endif %}
+	    </div>
+	    <div class="large-4 medium-4 small-6 columns">
+              <button class="button default dropdown menu float-right" data-dropdown-menu type="button" data-toggle="wanttomenu" aria-haspopup="true" aria-expanded="false" id="iwanttobutton">
+		I want to</button>
+              <div class="dropdown-pane hoverable bottom" id="wanttomenu" data-dropdown data-hover="true" data-hover-pane="true">
+		<ul class="menu vertical">
+		  {% if object.status == "Active" %}
+                  <li><a class="dropdown-item" href="{% url 'vince:editgroup' object.id %}?deactivate=1">{% trans "Deactivate Group" %}</a></li>
+                  {% else %}
+                  <li><a class="dropdown-item" href="{% url 'vince:editgroup' object.id %}?activate=1">{% trans "Activate Group" %}</a></li>
+                  {% endif %}
+                  {% if user.is_superuser %}
+                  <li><a class="dropdown-item" href="{% url 'vince:rmgroup' object.id %}">{% trans "Delete Group" %}</a></li>
+                  {% endif %}
+		</ul>
               </div>
+            </div>
+	  </div>
+          <div class="row">
+	    <div class="large-12 columns">
+	      <b>{% trans "Description" %}:</b><br/>
+	      {{ object.description }}
 	    </div>
 	  </div>
-	  {% endfor %}
+	  {% if object.comment %}
+	  <div class="row">
+	    <div class="large-12 columns">
+	      <p><b>{% trans "Comment" %}:</b><br/> {{ object.comment }}</p>
+	    </div>
+	  </div>
+          {% endif %}
+	  <hr/>
+	  <div class="row">
+	    <div class="large-12 columns">
+	      <h4>{% trans "Members" %}</h4>
+	      {% for member in group_members %}
+	      <ul>
+		<li><a href="{% url 'vince:contact' member.contact.id %}">{{member.contact.vendor_name}}</a> {% if member.contact.active == False %}(INACTIVE){% endif %}</li>
+	      </ul>
+	      {% endfor %}
+	      {% if groupmembers %}
+	      <hr>
+	      <b>GROUPS</b>
+	      <hr>
+	      {% endif %}
+	      {% for member in groupmembers %}
+	      <ul>
+		<li><a href="{{ member.get_absolute_url }}">{{ member.name }}</a> </li>
+	      </ul>
+	      {% empty %}
+	      {% if group_members %}{% else %}<p><i>No members in this group. Add members to activate group.</i></p>{% endif %}
+	      {% endfor %}
+	    </div>
+	  </div>
+	</div>
+      </div>
+      <div class="tabs-panel" id="cases">
+	{% for c in cases %}
+        <div class="contact-case-list">
+          <div class="row">
+            <div class="large-8 columns">
+	      <h4>
+                <a href="{{ c.case.get_absolute_url }}#vendors">
+                  {{ c.case.get_title }}</a>
+	      </h4>
+              <h6> Last updated {{ c.case.modified|naturaltime }}</h6>
+            </div>
+            <div class="large-4 columns text-right">
+              {% autoescape off %}{{ c.case.get_status_html }}{% endautoescape %}
+            </div>
+	  </div>
 	</div>
+	{% endfor %}
       </div>
     </div>
   </div>
-  <div class="large-3 medium-3 columns">
-    {% include 'vince/include/groupactivity.html' with object_list=activity %}
+</div>
+<div class="row">
+  <div class="large-12 columns medium-12 small-12" id="activitypanel">
+    {% include 'vince/include/alt_contact_activity.html' with activity_list=activity %}
   </div>
 </div>
 {% endblock %}
diff --git a/vince/templates/vince/include/alt_contact_activity.html b/vince/templates/vince/include/alt_contact_activity.html
new file mode 100644
index 0000000..e91434c
--- /dev/null
+++ b/vince/templates/vince/include/alt_contact_activity.html
@@ -0,0 +1,81 @@
+{% load i18n humanize contact_tags %}
+<h3 class="section-title">{% if title %}{% trans title %}{% else %}{% trans "Activity" %}
+  {% endif %}</h3>
+
+<div class="row">
+  <div class="large-12 columns">
+    <div class="article-row-section">
+      <div class="article-row-section-inner" id="timeline">
+	{% for item in activity_list %}
+	<article class="article-row">
+	  <div class="article-row-img">
+	    {% autoescape off %}{% if item.field %}{{ item.action|contactactionlogo:item.field }}{% else %}{{ item.action|contactactionlogo:"" }}{% endif %}{% endautoescape %}
+	  </div>
+	  <div class="article-row-content">
+	    <p class="article-row-content-description">
+	    {% if item.action == 1 %}
+	    {% if item.contact %}
+	    {{item.user.usersettings.preferred_username}} created vendor: <a href="{% url 'vince:contact' item.contact.id %}">{{ item.contact.vendor_name}}</a>
+	    {% elif item.group %}
+            {{item.user.usersettings.preferred_username}} created group: <a href="{% url 'vince:group' item.group.id %}">{{ item.group.name }}</a>
+	    {% endif %}
+	    {% elif item.action == 2 %}
+	    {% if item.group %}
+	    {{item.user.usersettings.preferred_username}} {{ item.text }}
+	    {% else %}
+	    {{item.user.usersettings.preferred_username}} removed vendor {{ item.contact.vendor_name }}{% endif %}
+	    {% elif item.action == 3 %}
+	    {% if item.user.usersettings.preferred_username %} {{ item.user.usersettings.preferred_username }} {% else %} {{ item.action.user.vinceprofile.preferred_username }}{% endif %} {{ item.text }}
+	    {% if show_contact and item.contact.vendor_name %}
+	    for <b>{{ item.contact.vendor_name }}</b>
+	    {% endif %}
+	    
+	    {% elif item.action == 4 %}
+	    {% if item.user.usersettings.preferred_username %} {{ item.user.usersettings.preferred_username }} {% else %} {{ item.action.user.vinceprofile.preferred_username }}{% endif %} {{ item.text }}
+	    {% if show_contact and item.contact.vendor_name %}
+	    for <b>{{ item.contact.vendor_name }}</b>
+	    {% endif %}
+
+	    {% elif item.action == 5 %}
+	    {% if item.user.usersettings.preferred_username %} {{ item.user.usersettings.preferred_username }} {% else %} {{ item.action.user.vinceprofile.preferred_username }}{% endif %} {{ item.text }}
+	    {% if show_contact and item.contact.vendor_name %}
+	    for <b>{{ item.contact.vendor_name }}</b>
+	    {% endif %}
+
+	    {% elif item.action == 6 %}
+	    {% if item.user.usersettings.preferred_username %} {{ item.user.usersettings.preferred_username }} {% else %} {{ item.action.user.vinceprofile.preferred_username }}{% endif %} {{ item.text }}
+	    for <b>{{ item.contact.vendor_name }}</b>
+	    {% else %}
+	    {% if item.field == "NEW" %}
+	    {{item.action.user.vinceprofile.preferred_username }} {{ item.field }} {{ item.model }} {{ item.new_value }}
+	    
+	    {% elif item.field == "REMOVED" %}
+	    {{item.action.user.vinceprofile.preferred_username }} {{ item.field }} {{ item.model }} {{ item.old_value }}
+
+	    {% else %}
+	    {{item.action.user.vinceprofile.preferred_username }} modified {{ item.model }}:<b>{{ item.field }}</b>
+	    {% if item.old_value and item.new_value %}
+	    from <span class="removedata">{{ item.old_value }} </span> to 
+            <span class="adddata">{{ item.new_value }}</span>
+	    {% elif item.old_value %}
+	    <span class="removedata">{{ item.old_value }} </span>
+	    {% elif item.new_value %}
+	    <span class="adddata">{{ item.new_value }}</span>
+	    {% endif %}
+	    {% endif %}
+	    {% endif %}
+	    </p>
+	    <p class="article-row-content-detail"></p>
+	    <time class="article-row-content-time"><i class="far fa-clock"></i>
+	      {{ item.action_ts|date:"Y-m-d" }}({{ item.action_ts|timesince }} ago)</time>
+	  </div>
+	  
+	</article>
+
+	{% empty %}
+	<p> No recent activity </p>
+	{% endfor %}
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/vince/templates/vince/initcontactverify.html b/vince/templates/vince/initcontactverify.html
index e5ddba6..5148e9e 100644
--- a/vince/templates/vince/initcontactverify.html
+++ b/vince/templates/vince/initcontactverify.html
@@ -19,7 +19,7 @@ <h2>Initialize Contact Verification</h2>
     </div>
   </div>
 </div>
-
+{{ emails|json_script:"emails" }}
 {% if ca %}
 <div class="row">
   <div class="large-12 columns">
@@ -70,13 +70,25 @@ <h2>Initialize Contact Verification</h2>
       </div>
       {% endif %}
       {% for field in form %}
+
+      {% if field.name == "email" %}
+      <label for='id_{{ field.name }}'>{% trans field.label %}{% if field.field.required %} <span class='required'>*</span>{% endif %} </label>
+      <div class="taggle input custom" id="email_tags"></div>
+        {% if field.errors %}<dd class='error'>{{ field.errors }}</dd>{% endif %}
+
+      {% else %}
+      
+
       <div class="form-group">
         <label for='id_{{ field.name }}'>{% trans field.label %}{% if field.field.required %} <span class='required'>*</span>{% endif %} {% if field.name == "email_body" %}<a href="#refresh" title="Customize email with above information" id="customize"><i class="fas fa-sync-alt"></i></a>{% endif %}</label>
         {% if field.help_text %}<small class='form-text text-muted'>{% trans field.help_text %}</small>{% endif %}
+
         {{ field }}
         {% if field.errors %}<dd class='error'>{{ field.errors }}</dd>{% endif %}
-	
+
       </div>
+      	{% endif %}
+
       {% endfor %}
 
       <div class="row submitrow">
diff --git a/vince/templates/vince/newcontact.html b/vince/templates/vince/newcontact.html
index a28607b..9f402b2 100644
--- a/vince/templates/vince/newcontact.html
+++ b/vince/templates/vince/newcontact.html
@@ -1,413 +1,71 @@
-{% extends VINCETRACK_BASE_TEMPLATE %}
+{% extends "vince/modal.html" %}
+{% load i18n widget_tweaks %}
 {% load staticfiles %}
-{% block js %}
-{{ block.super }}
-<script type="text/javascript" src="{% static 'vince/js/jquery.formset.js' %}"></script>
-<script type="text/javascript" src="{% static 'vince/js/edit_contact.js' %}"></script>
-{% endblock %}
 {% block content %}
-{% load widget_tweaks %}
-<!-- You can now combine a row and column if you just need a 12 column row -->
-<div class="app-top-panel">
-  <div class="row">
-    <div class="large-8 columns">
-      <h2>New Contact</h2>
-    </div>
-    <div class="large-4 columns text-right"></div>
-  </div>
-</div>
-
-{% if error %}
-<div class="row">
-  <div class="large-12 columns">
-    <div class="callout alert" role="alert">
-      <strong>ERROR:</strong> {{ error }} <a href="{% url 'vince:contact' oldid %}">{{ old_vendor }}</a>
-    </div>
-  </div>
-</div>
-{% endif %}
-{% if email_error %}
-<div class="row">
-  <div class="large-12 columns">
-    <div class="callout alert" role="alert">
-      <strong>ERROR:</strong> Check required email fields.
-    </div>
-  </div>
-</div>
-{% endif %}
-<div class="row">
-  <div class="large-12 columns">
-    {% for field in form %}
-    {% if field.errors %}
-    <div class="callout alert" role="alert">
-      <p>Please fix the following error:</p>
-      {{ field.label }} {{ field.errors }}
-    </div>
-    {% endif %}
-    {% endfor %}
-  </div>
-</div>
-<form name="cmgr" enctype="multipart/form-data" method="POST" action="{% url 'vince:newcontact' %}" id="cmgrform">
-  {% csrf_token %}
-<div class="row">
-  <div class="large-12 medium-12 columns">
-    <div id="contactinfo">
-      <ul class="accordion" data-accordion data-multi-expand="true" id="contact-tabs">
-	<li class="accordion-item is-active" data-accordion-item>
-	  <a href="#" class="accordion-title">General Info</a>
-	  <div class="accordion-content" data-tab-content>
-	    <div class="row">
-		<div class="form-group"
->                  <div class="large-1 medium-1 columns">
-                    {{ form.active.label_tag }}
-                  </div>
-                  <div class="large-1 medium-1 columns">
-                    {% render_field form.active class="form-control" %}
-                  </div>
-                  <div class="large-1 medium-1 columns">
-		    <label for="vendor_type">Type:</label>
-		  </div>
-                  <div class="large-3 medium-3 columns">
-                    {% render_field form.vendor_type class="form-control" %}
-                  </div>
-                  <div class="large-6 medium-6 columns"></div>
-		</div>
-	      </div>
-	      <div class="row">
-		<div class="form-group">
-                  <div class="large-6 medium-6 columns">
-		    {% if form.vendor_name.errors %}<dd class='error'>{{ form.vendor_name.errors }}</dd>{% endif %}
-		    <div class="required"><label for="id_vendor_name">Name:</label></div>
-		    {% render_field form.vendor_name class="form-control" %}
-                  </div>
-		</div>
-	      </div>
-	      <div class="row" id="lotus">
-		<div class="large-6 medium-6 columns">
-                  <div class="required"><label for="lotus_id">VEND#:
-		      <a href="{% url 'vince:generate' %}" id="generateVendor" title="Generate a new vendor ID"><i class="fas fa-cog"></i></a>
-		  </label></div>
-		  {% render_field form.lotus_id|add_class:"form-control"|append_attr:"readonly:readonly" %}
-		</div>
-		<div class="large-6 medium-6 columns"></div>
-	      </div>
-	      <div class="row">
-                <div class="form-group">
-                  <div class="large-6 medium-6 columns">
-		    {% if form.srmail_peer.errors %}<dd class='error'>{{ form.srmail_peer.errors }}</dd>{% endif %}
-		    <div class="required"><label for="id_srmail_peer">SRMail Peer Name:</label></div>
-                    {% render_field form.srmail_peer class="form-control" %}
-                  </div>
-		  <div class="large-6 medium-6 columns"></div>
-                </div>
-	      </div>
-	      <div class="row">
-		<div class="form-group">
-		  <div class="large-6 medium-6 columns">
-		    <label for="id_srmail_salutation">SRMail Salutation:</label>
-		    {% render_field form.srmail_salutation class="form-control" %}
-                  </div>
-		  <div class="large-6 medium-6 columns"></div>
-                </div>
-              </div>
-	      <div class="row">
-		<div class="form-group">
-		  <div class="large-4 medium-4 columns">
-                    <label for="id_location">Location:</label>
-                    {% render_field form.location class="form-control" %}
-                  </div>
-                  <div class="large-4 medium-4 columns">
-		    <label for="id_countrycode">Country:</label>
-		    {% render_field form.countrycode class="form-control" %}
-		  <!--flag js adds extra div -->
-		  <div class="large-3 medium-3 columns"></div>
-		  </div>
-              </div>
-	      <div class="row">
-		<div class="form-group">
-                  <div class="large-12 medium-12 columns">
-		    <label for="id_comment">Comment:</label>
-		    {% render_field form.comment class="form-control" %}
-                  </div>
-	 	</div>
-	      </div>
+<div class="fullmodal">
+  <form name="cmgr" enctype="multipart/form-data" method="POST" action="{% url 'vince:newcontact' %}" id="cmgrform">
+    {% csrf_token %}
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title">Create new VINCE contact</h5>
+      </div>
+      <div class="modal-body">
+	<div class="callout alert hidden" id="error">
+	  
+	</div>
+        <div class="callout warning">
+          <p>Add the basic contact information.  You will be able to add emails and other contact information once the contact is created.</p>
+	</div>
+	<div class="row">
+	  <div class="form-group">
+            <div class="large-12 medium-12 columns">
+	      <div class="required"><label for="vendor_type">Type:</label></div>
+	      {% render_field form.vtype class="form-control" %}
 	    </div>
-	</li>
-	<li class="accordion-item is-active" data-accordion-item>
-          <a href="#" class="accordion-title">Emails</a>
-          <div class="accordion-content" data-tab-content>
-	    {{ email_formset.management_form }}
-	    <div class="hidden" id="email_formset_prefix" value="{{ email_formset.prefix }}"></div>
-	    <table class="unstriped" style="border:none; margin:-10px">
-	      {% for subform in email_formset %}
-	      <tr class="email-formset">
-		<td><label for="email_status">Active:</label>
-		  {% render_field subform.status class="form-control"%}
-		</td>
-		<td><div class="required"><label for="id_email">Email:</label></div>
-		  {% render_field subform.email class="form-control" %}
-		</td>
-		<td><label for="email_type">Type:</label>
-		  {% render_field subform.email_type class="form-control" %}
-		</td>
-		<td><div class="required"><label for="name">Name:</label></div>
-		  {% render_field subform.name class="form-control" %} </td>
-		<td><label for="email_function">Function:</label>
-		  {% render_field subform.email_function class="form-control"%}</td>
-		<td><label for="email_list">List:</label>
-		  {% render_field subform.email_list class="form-control"%}</td>
-		</td>
-		<td></td>
-	      </tr>
-	      {% endfor %}
-	    </table>
 	  </div>
-	</li>
-        <li class="accordion-item is-active" data-accordion-item>
-          <a href="#" class="accordion-title">Crypto</a>
-	  <div class="accordion-content" data-tab-content>
-	    <div id="crypto">
-	      <div class="gentable">
-		{{ pgp_formset.management_form }}
-		<div class="hidden" id="pgp_formset_prefix" value="{{ pgp_formset.prefix }}"></div>
-		{% for subform in pgp_formset %}
-		<div class="pgp-formset">
-		  <div class="row">
-		    <div class="large-11 columns">
-		      <div class="row">
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <label for="pgp_key_id">PGP Key ID:</label>
-			    {% render_field subform.pgp_key_id class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <label for="pgp_protocol">PGP Protocol:</label>
-			    {% render_field subform.pgp_protocol class="form-control"%}
-			  </div>
-			</div>
-			<div class="large-1 medium-1 columns">
-			  <div class="form-group">
-			    {{ subform.revoked.label_tag }}
-			  </div>
-			</div>
-			<div class="large-3 medium-3 columns">
-			  <div class="form-group">
-			    {% render_field subform.revoked class="form-control"%}
-			  </div>
-			</div>
-		      </div>
-		      <div class="row">
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <label for="startdate">Start Date (YYYYMMDD):</label>
-			    {% render_field subform.startdate class="form-control"%}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <label for="enddate">End Date (YYYYMMDD):</label>
-			    {% render_field subform.enddate class="form-control"%}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns">
-			</div>
-		      </div>
-		      <div class="row">
-                        <div class="large-12 columns">
-                          <div class="form-group">
-                            <label for="pgp_email">Email for PGP Key:</label>
-                            {% render_field subform.pgp_email class="form-control" %}
-                          </div>
-                        </div>
-                      </div>
-		      <div class="row">
-                        <div class="large-12 columns">
-			  <div class="form-group">
-                            <label for="pgp_key_data">PGP Key:</label>
-                            {% render_field subform.pgp_key_data class="form-control" %}
-			  </div>
-                        </div>
-                      </div>
-		      <div class="row">
-                        <div class="large-12 columns">
-			  <div class="form-group">
-                            <label for="pgp_fingerprint">Comment:</label>
-                            {% render_field subform.pgp_fingerprint class="form-control" %}
-			  </div>
-                        </div>
-                      </div>
-		      <hr/>
-		    </div>
-		  </div>
-		</div>
-		{% endfor %}
-	      </div>
-	    </div>
+	</div>
+	<div class="row">
+	  <div class="form-group">
+	    <div class="large-12 medium-12 columns">
+	      {% if form.vendor_name.errors %}<dd class='error'>{{ form.vendor_name.errors }}</dd>{% endif %}
+	      <div class="required"><label for="id_vendor_name">Name:</label></div>
+	      {% render_field form.vendor_name class="form-control" %}
+            </div>
 	  </div>
-	</li>
-        <li class="accordion-item" data-accordion-item>
-          <a href="#" class="accordion-title">Postal</a>
-	  <div class="accordion-content" data-tab-content>
-	    <div id="postal">
-	      <div class="gentable">
-		{{ postal_formset.management_form }}
-		<div class="hidden" id="postal_formset_prefix" value="{{ postal_formset.prefix }}"></div>
-		{% for subform in postal_formset %}
-		<div class="postal-formset">
-		  <div class="row">
-		    <div class="large-11 columns">
-		      <div class="row">
-			<div class="large-6 columns">
-			  <div class="form-group">
-			    <div class="required">
-			      <label for="country">Country:</label>
-			    </div>
-			    {% render_field subform.country class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-6 columns">
-			</div>
-		      </div>
-		      <div class="row">
-			<div class="large-2 medium-2 columns">
-			  <div class="form-group">
-			    <label for="address_type">Type:</label>
-			    {% render_field subform.address_type class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <div class="required">
-			      {{ subform.street.label_tag }}
-			    </div>
-			    {% render_field subform.street class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    {{ subform.street2.label_tag }}
-			    {% render_field subform.street2 class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-2 medium-2 columns">
-			</div>
-		      </div>
-		      <div class="row">
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <div class="required">
-			      {{ subform.city.label_tag }}
-			    </div>
-			    {% render_field subform.city class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-2 medium-2 columns">
-			  <div class="form-group">
-			    <div class="required">
-			      {{ subform.state.label_tag }}
-			    </div>
-			    {% render_field subform.state class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns">
-			  <div class="form-group">
-			    <div class="required">
-			      {{ subform.zip_code.label_tag }}
-			    </div>
-			    {% render_field subform.zip_code class="form-control" %}
-			  </div>
-			</div>
-			<div class="large-2 medium-2 columns">
-			</div>
-		      </div>
-		      <div class="row">
-			<div class="large-8 medium-8 columns">
-			  <div class="form-group">
-			    {{ subform.comment.label_tag }}
-			    {% render_field subform.comment class="form-control" placeholder="Optional Comment"%}
-			  </div>
-			</div>
-			<div class="large-4 medium-4 columns"></div>
-		      </div>
-		    </div>
-		  </div>
-		</div>
-		{% endfor %}
-	      </div>
+	</div>
+	<div class="row">
+	  <div class="form-group">
+	    <div class="large-6 medium-6 columns">
+              <label for="id_location">Location:</label>
+              {% render_field form.location class="form-control" %}
+            </div>
+            <div class="large-5 medium-5 columns">
+	      <label for="id_countrycode">Country:</label>
+	      {% render_field form.countrycode class="form-control" %}
+	      <!--flag js adds extra div -->
 	    </div>
 	  </div>
-	</li>
-	<li class="accordion-item" data-accordion-item>
-	  <a href="#" class="accordion-title">Phone</a>
-	  <div class="accordion-content" data-tab-content>
-	    <div id="phone">
-              <div class="gentable">
-		{{ phone_formset.management_form }}
-		<div class="hidden" id="phone_formset_prefix" value="{{ phone_formset.prefix }}"></div>
-
-		<table class="unstriped" style="margin:-10px;">
-		  {% for subform in phone_formset %}
-		  <tr class="phone-formset">
-		    <td>
-                      <label for="phone_type">Type:</label>
-                      {% render_field subform.phone_type class="form-control" %}
-		    </td>
-		    <td><label for="country_code">Country Code:</label>
-                      {% render_field subform.country_code class="form-control" %}
-		    </td>
-		    <td><div class="required">
-			{{ subform.phone.label_tag }}</div>
-                      {% render_field subform.phone class="form-control" %}
-		    </td>
-		    <td>
-                      {{ subform.comment.label_tag }}
-                      {% render_field subform.comment class="form-control" placeholder="Optional Comment"%}
-		    </td>
-		    <td></td>
-		  </tr>
-		  {% endfor %}
-		</table>
+	  <div class="row">
+	    <div class="form-group">
+              <div class="large-12 medium-12 columns">
+		<label for="id_comment">Comment:</label>
+		{% render_field form.comment class="form-control" %}
               </div>
 	    </div>
 	  </div>
-	</li>
-	<li class="accordion-item" data-accordion-item>
-	  <a href="#" class="accordion-title">Websites</a>
-	  <div class="accordion-content" data-tab-content>
-            <div id="websites">
-              <div class="gentable">
-		<table class="unstriped" style="margin:-10px">
-		  {{ web_formset.management_form }}
-		   <div class="hidden" id="web_formset_prefix" value="{{ web_formset.prefix }}"></div>
-		  {% for subform in web_formset %}
-		  <tr class="web-formset">
-		    <td><div class="required">{{ subform.url.label_tag }}</div>
-                      {% render_field subform.url class="form-control" placeholder="URL starting with http://"%}
-                    </td>
-		    <td>
-                      {{ subform.description.label_tag }}
-                      {% render_field subform.description class="form-control" placeholder="Optional description"%}
-		    </td>
-		    <td></td>
-		  </tr>
-		  {% endfor %}
-		</table>
-		<br/>
-              </div>
-            </div>
-	  </div>
-	</li>
-      </ul>
+	</div>
+	<div class="modal-footer">
+          <div class="row column text-right">
+	    <a href="#" class="hollow button" data-close type="cancel">Cancel</a>
+            <button type="submit" name="vrfSubmit" class="button primary"><i class="fas fa-plus"></i> Add Contact </button>
+          </div>
+	</div>
+      </div>
+      <button class="close-button" data-close aria-label="Close modal" type="button">
+	<span aria-hidden="true">&times;</span>
+      </button>
     </div>
-  </div>
-</div>
-<div class="row">
-  <div class="large-12 columns">
-    <input type="submit" id="submitbutton" value="Create Contact" class="primary button">
-    <a href="{% url 'vince:searchcontacts' %}" class="button secondary">Cancel</a>
-  </div>
+  </form>
 </div>
-</form>
+  
 {% endblock %}
diff --git a/vince/templates/vince/searchcontacts.html b/vince/templates/vince/searchcontacts.html
index ee9ee9b..1b6c4a2 100644
--- a/vince/templates/vince/searchcontacts.html
+++ b/vince/templates/vince/searchcontacts.html
@@ -13,8 +13,7 @@
       <h2>Contacts</h2>
     </div>
     <div class="large-6 columns text-right">
-      <a href="{% url 'vince:newcontact' %}"><button class="button small primary"><i class="fas fa-plus"></i> Create Contact</button></a>&nbsp;&nbsp;
-      <a href="{% url 'vince:newgroup' %}"><button class="button small default"><i class="fas fa-user"></i> Create Group</button></a>&nbsp;&nbsp;
+      <a href="{% url 'vince:newcontact' %}" id="createcontact"><button class="button small primary"><i class="fas fa-plus"></i> Create Contact</button></a>&nbsp;&nbsp;
     </div>
   </div>
 </div>
@@ -26,7 +25,7 @@ <h2>Contacts</h2>
     {% endfor %}
   </div>
 </div>
-
+<div id="modal" class="reveal" data-close-on-click="false" data-reveal></div>
 <div class="row">
   <div class="large-8 columns">
 
diff --git a/vince/templates/vince/share_vulnote.html b/vince/templates/vince/share_vulnote.html
index 012e193..cad5a63 100644
--- a/vince/templates/vince/share_vulnote.html
+++ b/vince/templates/vince/share_vulnote.html
@@ -1,13 +1,4 @@
-{% extends "vince/modal.html" %}{% load i18n %}
-
-{% load staticfiles %}
-{% block js %}
-{{ block.super }}
-<link rel="stylesheet" href="{% static 'vince/css/easymde.min.css' %}">
-<script src="{% static 'vince/js/easymde.min.js' %}"></script>
-<script type="text/javascript" src="{% static 'vince/js/vulnote.js' %}"></script>
-{% endblock %}
-{% block content %}
+{% load i18n %}
 <div class="fullmodal">
   <form method="POST" action="{% url 'vince:sharevulnote' vulnote.id %}">
   <div class="modal-content">
@@ -30,6 +21,5 @@ <h3 class="modal-title">Share Vulnerability Note</h3>
   </form>
 </div>
 
-{% endblock %}
 
     
diff --git a/vince/templates/vince/vincecomm_user.html b/vince/templates/vince/vincecomm_user.html
index 9dbe0b5..f16761d 100644
--- a/vince/templates/vince/vincecomm_user.html
+++ b/vince/templates/vince/vincecomm_user.html
@@ -58,7 +58,13 @@ <h3>{{ vc_user.vinceprofile.preferred_username }}</h3>
       <a id="resetusermfa" href="{% url 'vince:resetusermfa' vc_user.id %}"><button class="tiny button alert">Reset MFA</button></a>
       {% endif %}
       {% endif %}
-      <a href="{% url 'vince:newemailuser' 'user' vc_user.id %}"><button class="tiny button primary">Email User</button></a></p>
+      <a href="{% url 'vince:newemailuser' 'user' vc_user.id %}"><button class="tiny button primary">Email User</button></a>
+      {% if contact_record %}
+      <a href="{% url 'vince:contact' contact_record.contact.id %}"><button class="tiny button default">View Contact Information</button></a>
+      {% endif %}
+
+    </p>
+    
 
     {% if vc_user.is_active %}{% else %}
     <div class="callout alert">This user is inactive</div>
diff --git a/vince/templatetags/contact_tags.py b/vince/templatetags/contact_tags.py
index 2009d19..7c6193c 100644
--- a/vince/templatetags/contact_tags.py
+++ b/vince/templatetags/contact_tags.py
@@ -177,3 +177,32 @@ def vince_user_link(email):
 
     return User.objects.using('vincecomm').filter(username=email).first()
 
+@register.filter
+def inviteduser(contact, email):
+    try:
+        from vinny.models import VinceCommEmail
+    except ImportError:
+        if settings.DEBUG:
+            raise template.TemplateSyntaxError("Error in contact template tags. Can't load VinceCommInvitedUsers model")
+    return VinceCommEmail.objects.filter(contact__vendor_id=contact, email=email, invited=True).exists()
+
+@register.filter
+def contactactionlogo(action, field):
+    if action in [1, 4]:
+        return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"fas fa-plus-square\"></i></span></div>"
+    elif action in [2, 5]:
+        return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"far fa-trash-alt\"></i></span></div>"
+    elif action == 3:
+        return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"fas fa-edit\"></i></span></div>"
+    elif action == 6:
+        
+        return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"fas fa-tag\"></i></span></div>"
+    else:
+        if field == "NEW":
+            return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"fas fa-plus\"></i></span></div>"
+        elif field == "REMOVED":
+            return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"fas fa-minus\"></i></span></div>"
+        else:
+            return f"<div class=\"profile-pic text-center\" style=\"background-color:#b00;\"><span class=\"logo-initial\"><i class=\"fas fa-cogs\"></i></span></div>"
+        
+        
diff --git a/vince/urls.py b/vince/urls.py
index 80ba022..1b4a8f6 100644
--- a/vince/urls.py
+++ b/vince/urls.py
@@ -58,7 +58,7 @@
     re_path(r'^teams/settings/(?P<pk>[0-9]+)/$', views.VinceTeamSettingsView.as_view(), name='teamsettings'),
     path('user/admin/', views.VinceUserAdminView.as_view(), name='useradmin'),
     path('user/admin/contacts/reports/', views.VinceContactReportsView.as_view(), name='contactreports'),
-    re_path(r'^user/admin/contacts/reports/(?P<type>[1-4])/$', views.VinceContactReportsView.as_view(), name='contactreports'),
+    re_path(r'^user/admin/contacts/reports/(?P<type>[1-5])/$', views.VinceContactReportsView.as_view(), name='contactreports'),
     path('roles/', views.TriageRoleView.as_view(), name='roles'),
     path('tags/', views.VinceTagManagerView.as_view(), name='tags'),
     re_path(r'^tags/team/(?P<pk>[0-9]+)/$', views.VinceTagManagerView.as_view(), name='tags'),
@@ -91,6 +91,7 @@
     path('ajax_calls/search/', views.autocomplete_vendor),
     path('ajax_calls/calendar/events/', views.calendar_events),
     path('ajax_calls/cwe/', views.autocomplete_cwe),
+    path('ajax_calls/user/lookup/', views.vince_user_lookup, name='userlookup'),
     re_path(r'^ajax_calls/references/case/(?P<pk>[0-9]+)/$', views.autocomplete_case_references, name='syncrefs'),
     re_path(r'^ajax_calls/search/(?P<groups>nogroup)/', views.autocomplete_vendor),
     re_path(r'^ajax_calls/contact/(?P<name>.*)/$', views.autocomplete_contact),
@@ -108,6 +109,7 @@
     path('cases/approval/', views.VendorStatusListView.as_view(), name='reqapproval'),
     path('results/', views.AllResults.as_view(), name='results'),
     path('create/contact/', views.CreateContactView.as_view(), name='newcontact'),
+    re_path(r'^contact/add/email/(?P<pk>[0-9]+)/$', views.AddEmailToContact.as_view(), name='addemail'),
     path('contact/verify/init/', views.ContactVerifyInit.as_view(), name='initcontactverify'),
     re_path(r'^contact/verify/init/(?P<pk>[0-9]+)/$', views.ContactVerifyInit.as_view(), name='initcontactverify'),
     re_path(r'^contact/admin/lookup/(?P<pk>[0-9]+)/$', views.ContactAdminLookup.as_view(), name='msgadmin'),
@@ -119,6 +121,7 @@
     re_path(r'^contact/verify/request/restart/(?P<pk>[0-9]+)/$', views.RestartContactAssociation.as_view(), name='restart_contact'),
     path('generate/', views.generate_vend_id, name="generate"),
     path('create/group/', views.CreateGroupView.as_view(), name='newgroup'),
+    re_path(r'^contact/add/group/(?P<pk>[0-9]+)/$', views.AddContactToGroupView.as_view(), name='addtogroup'),
     path('pending/users/', views.ApproveUserView.as_view(), name='pendingusers'),
     path('pending/users/ignored/', views.IgnoredUserView.as_view(), name='ignoredusers'),
     re_path(r'^pending/user/(?P<pk>[0-9]+)/addcontact/$', views.AddUserToContactView.as_view(), name='addusercontact'),
@@ -178,6 +181,8 @@
     re_path('contact/vcuser/(?P<pk>[0-9]+)/initiatereset/$', views.InitiateMFAReset.as_view(), name='initiate_reset'),
     re_path('contact/vcuser/(?P<pk>[0-9]+)/rm/$', views.VinceCommRemoveUserView.as_view(), name='vcuser_rm'),
     re_path('contact/edit/(?P<pk>[0-9]+)/$', views.EditContact.as_view(), name='editcontact'),
+    re_path('contact/edit/email/modify/(?P<pk>[0-9]+)/$', views.ChangeEmailNotifications.as_view(), name='changeemail'),
+    re_path('contact/remove/email/(?P<pk>[0-9]+)/(?P<email>[0-9]+)/$', views.RemoveEmailFromContact.as_view(), name='rmemail'),
     re_path('contact/cases/(?P<pk>[0-9]+)/$', views.ContactCasesView.as_view(), name='contact_cases'),
     re_path('contact/activity/(?P<pk>[0-9]+)/$', views.ContactActivity.as_view(), name='contact_activity'),
     re_path('^search/$', views.SearchAll.as_view(), name='search'),
@@ -256,6 +261,7 @@
     re_path('^tickets/(?P<ticket_id>[0-9]+)/attachment_delete/(?P<attachment_id>[0-9]+)/$', views.DeleteAttachment.as_view(), name='attachment_del'),
     re_path('^create/(?P<case_id>[0-9]+)/$', views.CreateVulNote.as_view(), name='create'),
     re_path('^vulnote/(?P<pk>[0-9]+)/$', views.EditVulNote.as_view(), name='edit_vulnote'),
+    re_path('^vulnote/download/(?P<pk>[0-9]+)/$', views.DownloadVulNote.as_view(), name='download_vulnote'),
     re_path('^artifact/detail/(?P<pk>[0-9]+)/$', views.ArtifactDetailView.as_view(), name='artifact_detail'),
     re_path('^artifact/share/(?P<pk>[0-9]+)/$', views.ShareArtifactView.as_view(), name='artifact_share'),
     re_path('^artifact/(?P<post>post)/share/(?P<pk>[0-9]+)/$', views.ShareArtifactView.as_view(), name='post_artifact_share'),
diff --git a/vince/views.py b/vince/views.py
index 815ef36..a0e8f5d 100755
--- a/vince/views.py
+++ b/vince/views.py
@@ -93,6 +93,7 @@
 from bigvince.storage_backends import PrivateMediaStorage
 from vince.settings import VULNOTE_TEMPLATE
 from collections import OrderedDict
+from django.utils.http import is_safe_url
 
 logger = logging.getLogger(__name__)
 logger.setLevel(logging.DEBUG)
@@ -563,6 +564,18 @@ def autocomplete_tags(request):
     mimetype='application/json'
     return HttpResponse(data, mimetype)
 
+@login_required(login_url="vince:login")
+@user_passes_test(is_in_group_vincetrack, login_url="vince:login")
+def vince_user_lookup(request):
+    if request.POST.get('email'):
+        user = User.objects.using('vincecomm').filter(email__iexact=request.POST.get('email')).first()
+        if user:
+            data = json.dumps({'user': user.email, 'first': user.first_name, 'last': user.last_name})
+        else:
+            data = json.dumps({'message':'no user'})
+        mimetype = 'application/json'
+        return HttpResponse(data, mimetype)
+
 def group_name_exists(name):
     groups = ContactGroup.objects.filter(name=name).first()
     if groups:
@@ -616,20 +629,15 @@ def _add_groupadmin(emailcontact, contact):
     vinny_contact = VinceCommContact.objects.filter(vendor_id=contact.id).first()
     vinny_email_contact = VinceCommEmail.objects.filter(email = emailcontact.email, contact=vinny_contact).first()
     # check for other groupadmins:
-    current = VinceCommGroupAdmin.objects.filter(contact=vinny_contact, email=vinny_email_contact).first()
-    if current:
-        return
-    vcga = VinceCommGroupAdmin(contact= vinny_contact,
-                               email = vinny_email_contact)
-    vcga.save()
+    current = VinceCommGroupAdmin.objects.update_or_create(contact=vinny_contact, email=vinny_email_contact)
 
 def _remove_groupadmin(emailcontact, contact):
     vinny_contact = VinceCommContact.objects.filter(vendor_id=contact.id).first()
     vinny_email_contact = VinceCommEmail.objects.filter(email = emailcontact.email, contact=vinny_contact).first()
     # check for other groupadmins:
-    current = VinceCommGroupAdmin.objects.filter(contact=vinny_contact, email=vinny_email_contact).first()
-    if current:
-        current.delete()
+    current = VinceCommGroupAdmin.objects.filter(contact=vinny_contact, email=vinny_email_contact)
+    for x in current:
+        x.delete()
 
 def _remove_groupadmin_vc(email, contact):
     vtcontact = Contact.objects.filter(id=contact.vendor_id).first()
@@ -1460,9 +1468,13 @@ def get(self, request, *args, **kwargs):
                 case_results = VulnerabilityCase.objects.filter(id__in=casetags)
             casetitlesearch = VulnerabilityCase.objects.filter(title__icontains=search_nolive_query)
             case_results = case_results | casetitlesearch
-            email_results = EmailContact.objects.filter(Q(email__icontains=search_term) | Q(name__icontains=search_term)).values_list('contact', flat=True)
+
+            vince_user_results = VinceProfile.objects.using('vincecomm').filter(Q(user__first_name__icontains=search_term) | Q(user__last_name__icontains=search_term) | Q(preferred_username__icontains=search_term) | Q(user__email__icontains=search_term))
+            user_contacts = list(vince_user_results.values_list('user__email', flat=True))
+            email_contacts = EmailContact.objects.filter(contact__vendor_type="Contact", email__in=user_contacts).values_list('contact__id', flat=True)
+            email_results = EmailContact.objects.filter(Q(email__icontains=search_term) | Q(name__icontains=search_term)).exclude(contact__id__in=email_contacts).values_list('contact', flat=True)
             emails = Contact.objects.filter(id__in=email_results)
-            contact_results = Contact.objects.search(search_nolive_query)
+            contact_results = Contact.objects.search(search_nolive_query).exclude(id__in=email_contacts)
             group_results = ContactGroup.objects.filter(Q(name__icontains=search_term) | Q(srmail_peer_name__icontains=search_term))
             ctags = ContactTag.objects.filter(tag__in=search_tags).values_list('contact__id', flat=True)
             if ctags:
@@ -1477,7 +1489,7 @@ def get(self, request, *args, **kwargs):
                 vul_results = vul_results | vultags
             cve_results = CVEAllocation.objects.extra(where=["search_vector @@ (to_tsquery('english', %s))=true"],
                                                       params=[search_query])
-            vince_user_results = VinceProfile.objects.using('vincecomm').filter(Q(user__first_name__icontains=search_term) | Q(user__last_name__icontains=search_term) | Q(preferred_username__icontains=search_term) | Q(user__email__icontains=search_term))
+
             vulnote_results = VulNoteRevision.objects.extra(where=["search_vector @@ (to_tsquery('english', %s))=true"], params=[search_query]).values_list('vulnote__case__id', flat=True)
             if vulnote_results:
                 vnote_cases = VulnerabilityCase.objects.filter(id__in=vulnote_results)
@@ -1496,16 +1508,19 @@ def get(self, request, *args, **kwargs):
             activities = Ticket.objects.filter(id__in=activity_results)
             ticket_results = ticket_results | tkt_title | activities
         elif facet == "Contacts":
-            email_results = EmailContact.objects.filter(Q(email__icontains=search_term) | Q(name__icontains=search_term)).values_list('contact', flat=True)
+            vince_user_results = VinceProfile.objects.using('vincecomm').filter(Q(user__first_name__icontains=search_term) | Q(user__last_name__icontains=search_term) | Q(preferred_username__icontains=search_term) | Q(user__email__icontains=search_term))
+            user_contacts = list(vince_user_results.values_list('user__email', flat=True))
+            email_contacts = EmailContact.objects.filter(contact__vendor_type="Contact", email__in=user_contacts).values_list('contact__id', flat=True)
+            email_results = EmailContact.objects.filter(Q(email__icontains=search_term) | Q(name__icontains=search_term)).exclude(contact__id__in=email_contacts).values_list('contact', flat=True)
             emails = Contact.objects.filter(id__in=email_results)
             ctags = ContactTag.objects.filter(tag__in=search_tags).values_list('contact__id', flat=True)
-            contact_results = Contact.objects.search(search_nolive_query)
+            contact_results = Contact.objects.search(search_nolive_query).exclude(id__in=email_contacts)
             if ctags:
                 ctags = Contact.objects.filter(id__in=ctags)
                 contact_results = contact_results | emails | ctags
             else:
                 contact_results = contact_results | emails
-            vince_user_results = VinceProfile.objects.using('vincecomm').filter(Q(user__first_name__icontains=search_term) | Q(user__last_name__icontains=search_term) | Q(preferred_username__icontains=search_term) | Q(user__email__icontains=search_term))
+
             group_results = ContactGroup.objects.filter(Q(name__icontains=search_term) | Q(srmail_peer_name__icontains=search_term))
         elif facet == "Cases":
             case_results = VulnerabilityCase.objects.search(search_query)
@@ -2367,6 +2382,14 @@ def post(self, request, *args, **kwargs):
                                date=timezone.now())
                 fup.save()
 
+                if form.cleaned_data['reason']:
+                    fup = FollowUp(ticket=ticket,
+                                   user=self.request.user,
+                                   title=f"Transfer reason",
+                                   date=timezone.now(),
+                                   comment=form.cleaned_data['reason'])
+                    fup.save()
+
                 #is this a CR?
                 cr = CaseRequest.objects.filter(ticket_ptr_id=ticket.id).first()
                 if cr:
@@ -3784,7 +3807,115 @@ def post(self, request, *args, **kwargs):
 
         return JsonResponse({'location': reverse('vince:ticket', args=[ticket.id])}, status=200)
 
+def add_vendor(vul):
+    v = {'uid': str(vul.contact.uuid), 'vendor': vul.contact.vendor_name, 'overall_status': vul.get_status()}
+
+    if vul.contact_date:
+        v['contact_date'] = vul.contact_date.strftime('%Y-%m-%d')
+    else:
+        v['contact_date'] = None
+    
+    if vul.date_modified:
+        v['dateupdated']= vul.date_modified.strftime('%Y-%m-%d')
+    else:
+        v['dateupdated'] = None
+        
+    if vul.approved:
+        v['references'] = vul.references
+        v['statement'] = vul.statement
+        v['addendum'] = vul.addendum
+        if vul.statement_date:
+            v['statement_date'] = vul.statement_date.strftime('%Y-%m-%d')
+        else:
+            v['statement_date'] = None
+
+    v['status'] = []
+
+    for status in vul.vendorstatus_set.all():
+        s = {'vul': status.vul.vul, 'vul_increment':status.vul.case_increment, 'status': status.get_status_display()}
+        if status.approved:
+            s['references'] = status.references
+            s['statement'] = status.statement
+        v['status'].append(s)
+    
+    return v
+
+    
+class DownloadVulNote(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
+    login_url = "vince:login"
+
+    def test_func(self):
+        if is_in_group_vincetrack(self.request.user):
+            vulnote = get_object_or_404(VulNote, id=self.kwargs['pk'])
+            return has_case_read_access(self.request.user, vulnote.case)
+
+    def dispatch(self, request, *args, **kwargs):
+
+        vulnote = get_object_or_404(VulNote, id=self.kwargs['pk'])
+        case = vulnote.case
+        
+        vu_info = {}
+        vu_info['content'] = vulnote.current_revision.content
+        vu_info['title'] = vulnote.current_revision.title
+        vu_info['references'] = vulnote.current_revision.references
+        vu_info['vuid'] = vulnote.case.vuid
+        if vulnote.case.publicdate:
+            vu_info['publicdate'] = vulnote.case.publicdate.strftime('%Y-%m-%d')
+        else:
+            vu_info['publicdate'] = None
+        vu_info['vuls'] = []
+        vu_info['deleted_vuls'] = []
+        for vul in Vulnerability.casevuls(case):
+            v = {'cve': vul.cve, 'case_increment': vul.case_increment, 'description': vul.description, 'uid': vul.uid}
+            vu_info['vuls'].append(v)
+
+        for vul in case.vulnerability_set.filter(deleted=True):
+            vu_info['deleted_vuls'].append(vul.case_increment)
+            
+        vu_info['vendors'] = []
+        vu_info['deleted_vendors'] = []
+        vendors = []
+        
+        for vul in VulnerableVendor.casevendors(case).filter(vendorstatus__status=VendorStatus.AFFECTED_STATUS).distinct('vendor').order_by('vendor'):
+            v = add_vendor(vul)
+            if v['vendor'] not in vu_info['vendors']:
+                vu_info['vendors'].append(v)
+
+        for vul in VulnerableVendor.casevendors(case).filter(vendorstatus__status=VendorStatus.UNAFFECTED_STATUS).distinct('vendor').order_by('vendor'):
+            v =	add_vendor(vul)
+            if v['vendor'] not in vu_info['vendors']:
+                vu_info['vendors'].append(v)
+                
+        for vul in VulnerableVendor.casevendors(case).filter(Q(vendorstatus__status=VendorStatus.UNKNOWN_STATUS)|Q(vendorstatus__isnull=True)).distinct('vendor').order_by('vendor'):
+            v = add_vendor(vul)
+            if v['vendor'] not in vu_info['vendors']:
+                vu_info['vendors'].append(v)
+
+        for vul in case.vulnerablevendor_set.filter(deleted=True):
+            vu_info['deleted_vendors'].append(vul.contact.uuid)
+
+        vu_info['cveids'] = vulnote.case.get_cves()
+        if vulnote.date_last_published:
+            vu_info['dateupdated'] = vulnote.date_last_published.strftime('%Y-%m-%d')
+        else:
+            vu_info['dateupdated'] = None
+        vu_info['cert_id'] = vulnote.case.vu_vuid
+        vu_info['name'] = vulnote.current_revision.title
+        vu_info['idnumber'] = vulnote.case.vuid
+        
+        vu_json = json.dumps(vu_info, indent=4)
 
+        json_file = ContentFile(vu_json)
+        json_file.name = case.vu_vuid + ".json"
+        mime_type = 'application/json'
+        response = HttpResponse(json_file, content_type = mime_type)
+        response['Content-Disposition'] = 'attachment; filename=' + json_file.name
+        response["Content-type"] = "application/json"
+        response["Cache-Control"] = "must-revalidate"
+        response["Pragma"] = "must-revalidate"
+        return response
+    
+    
 class EditVulNote(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, FormView, FormMixin):
     form_class = EditVulNote
     template_name = "vince/edit_vulnote.html"
@@ -4969,6 +5100,7 @@ def form_invalid(self, form):
 
     def post(self, request, *args, **kwargs):
         logger.debug(f"{self.__class__.__name__} post: {self.request.POST}")
+        self.object = self.get_object()
         form_class = self.get_form_class()
         form = self.get_form(form_class)
         case = get_object_or_404(VulnerabilityCase, id=self.kwargs['pk'])
@@ -7071,7 +7203,7 @@ def	test_func(self):
     def dispatch(self, request, *args, **kwargs):
         vendor = get_object_or_404(VulnerableVendor, id=self.kwargs['vendor'])
         case = vendor.case
-        if vendor.case.published:
+        if vendor.case.published or vendor.case.publicdate:
             vendor.deleted = True
             vendor.save()
         else:
@@ -7799,10 +7931,15 @@ def post(self, request, *args, **kwargs):
                 else:
                     full_name = "Unknown"
 
+                if req.contact.active == False:
+                    req.contact.active = True
+                    req.contact.save()
+                    _add_activity(self.request.user, 3, req.contact, "changed status to ACTIVE through contact association process")
+                    
                 #then approve
                 ec, created = EmailContact.objects.update_or_create(contact=req.contact,
                                                       email=req.user,
-                                                      defaults = {'user_added': self.request.user, 'name': full_name})
+                                                      defaults = {'user_added': self.request.user, 'name': full_name, 'email_list':False})
                 #search vc_contact
                 vccontact = VinceCommContact.objects.filter(vendor_id = req.contact.id).first()
                 VinceCommEmail.objects.update_or_create(contact=vccontact,
@@ -7810,19 +7947,43 @@ def post(self, request, *args, **kwargs):
                                                         defaults={'email_list':False,
                                                                  'name':full_name})
                 _add_activity(self.request.user, 3, req.contact, f"added email {req.user} through contact association tool")
-                _add_group_permissions(req.user, self.request.user)
-                #add group admin
-                ga = GroupAdmin.objects.update_or_create(contact=req.contact,
-                                                         email=ec)
-                _add_groupadmin(ec, req.contact)
-
-                fup = FollowUp(
-                    ticket = req.ticket,
-                    user=self.request.user,
-                    title="Contact Association Approved and Complete",
-                    comment = f"{req.user} has been added to {req.contact.vendor_name} and made group administrator"
+                if vc_user:
+                    _add_group_permissions(req.user, self.request.user)
+
+                    #does this contact already have a groupadmin?
+                    ga = GroupAdmin.objects.filter(contact=req.contact).first()
+                    if ga == None:
+                        #add group admin
+                        ga = GroupAdmin.objects.update_or_create(contact=req.contact,
+                                                                 email=ec)
+                        _add_groupadmin_perms(ec)
+                        _add_groupadmin(ec, req.contact)
+
+                        fup = FollowUp(
+                            ticket = req.ticket,
+                            user=self.request.user,
+                            title="Contact Association Approved and Complete",
+                            comment = f"{req.user} has been added to {req.contact.vendor_name} and made group administrator"
+                        )
+                        fup.save()
+                    else:
+                        # this contact already has a group admin so let group admin promote user if needed
+                        fup = FollowUp(
+                            ticket = req.ticket,
+                            user=self.request.user,
+                            title="Contact Association Approved and Complete",
+                            comment = f"{req.user} has been added to {req.contact.vendor_name}"
+                        )
+                        fup.save()
+                else:
+                    # no user, but email added
+                    fup = FollowUp(
+			ticket = req.ticket,
+                        user=self.request.user,
+	                title="Contact Association Approved and Complete",
+			comment = f"{req.user} has been added to {req.contact.vendor_name}"
                     )
-                fup.save()
+                    fup.save()
 
                 req.complete=True
                 req.authorized_by = self.request.user
@@ -8004,7 +8165,7 @@ def post(self, request, *args, **kwargs):
                 ticket.status = Ticket.CLOSED_STATUS
                 ticket.save()
 
-            return redirect("vince:ticket", ticket.id)
+            return JsonResponse({'ticket': reverse("vince:ticket", args=[ticket.id])}, status=200)
 
         if self.request.POST.get('vendor'):
             contact = Contact.objects.filter(vendor_name = self.request.POST['vendor']).first()
@@ -8032,7 +8193,7 @@ def post(self, request, *args, **kwargs):
                     msg_link = None
                     msg_body = None
                     
-                return JsonResponse({'text':text, "action_link": action_link, "msg_link":msg_link, 'contact_link': reverse("vince:contact", args=[contact.id]), 'msg_body':msg_body}, status=200)
+                return JsonResponse({'text':text, "action_link": action_link, "msg_link":msg_link, 'contact_link': reverse("vince:contact", args=[contact.id]), 'email_link': reverse("vince:initcontactverify", args=[contact.id])+"?tkt="+str(ticket.id), 'msg_body':msg_body}, status=200)
             return JsonResponse({'error':"No such vendor"}, status=401)
 
     
@@ -8053,9 +8214,18 @@ def get_context_data(self, **kwargs):
             contact = get_object_or_404(Contact, id=self.kwargs.get('pk'))
             initial['contact'] = contact.vendor_name
             #get emails for this contact
-            emails = contact.get_official_emails()
+            emails = contact.get_emails()
             if emails:
-                initial['email'] = ",".join(emails)
+                #initial['email'] = ",".join(emails)
+                context['emails'] = emails
+            if self.request.GET.get('email'):
+                initial['user'] = self.request.GET.get('email')
+            if self.request.GET.get('bypass'):
+                context['emails'] = [self.request.GET.get('email')]
+                initial['internal'] = True
+                messages.warning(self.request,
+                                 _(f"You have requested internal verification for this user. Please provide justification in the email field."))
+                
         if self.request.GET.get('tkt'):
             initial['ticket'] = self.request.GET["tkt"]
             ticket = get_object_or_404(Ticket, id=self.request.GET['tkt'])
@@ -8092,31 +8262,53 @@ def post(self, request, *args, **kwargs):
             contact = form.cleaned_data['contact']
             #check to make sure this user isn't already a part of the contact
             if EmailContact.objects.filter(contact = contact,
-                                           email = self.request.POST['user']).exists():
+                                           email = self.request.POST['user'],
+                                           email_list=False).exists():
                 form._errors.setdefault("user", ErrorList([
 		    u"Email already exists for this contact"
 	        ]))
                 messages.error(
                     self.request,
 		    _(f'Email already exists for this contact'))
-                return render(request, self.template_name, {'form': form})
+                return render(request, self.template_name, {'form': form, 'emails': contact.get_emails()})
             
-            if VinceCommEmail.objects.filter(contact__vendor_id=contact.id, email=self.request.POST['user']).exists():
+            if VinceCommEmail.objects.filter(contact__vendor_id=contact.id, email=self.request.POST['user'],
+                                             email_list=False).exists():
                 form._errors.setdefault("user", ErrorList([
                     u"Email already exists for this contact in VINCEComm. Check Contact Updates and Approve"
                 ]))
                 messages.error(
                     self.request,
 		    _(f'Email already exists for this contact in VINCEComm.'))
-                return render(request, self.template_name, {'form': form})
+                return render(request, self.template_name, {'form': form, 'emails':contact.get_emails()})
+
+            #make sure all emails are legit
+            emails = self.request.POST.getlist('email')
+            logger.debug(emails)
+            for email in emails:
+                email = email.strip()
+                if EmailContact.objects.filter(contact=contact,
+                                               email__iexact=email).exists():
+                    continue
+                else:
+                    if (self.request.POST.get('internal')):
+                        continue
+                    form._errors.setdefault("email", ErrorList([
+                        f"Invalid email ({email}) for this contact."
+                    ]))
+                    messages.error(
+                        self.request,
+                        _(f'Invalid verification email for this contact. Verification emails must be added to contact before initiating process.'))
+                    return render(request, self.template_name, {'form': form, 'emails':contact.get_emails()})
+            
             return self.form_valid(form)
         else:
             logger.debug(form.errors)
             return self.form_invalid(form)
 
     def form_invalid(self, form):
-        if self.kwargs.get('pk'):
-            ca = get_object_or_404(ContactAssocation, id=self.kwargs.get('pk'))
+        if self.kwargs.get('ca'):
+            ca = get_object_or_404(ContactAssociation, id=self.kwargs.get('ca'))
         else:
             ca = None
             
@@ -8130,6 +8322,7 @@ def form_valid(self, form):
         assoc.complete=False
         assoc.restart=False
         assoc.initiated_by=self.request.user
+        assoc.email = ",".join(self.request.POST.getlist('email'))
         assoc.save()
 
         if form.cleaned_data['ticket']:
@@ -8150,12 +8343,12 @@ def form_valid(self, form):
 
 
         if form.cleaned_data['internal'] == False:
-            title = f"Sent email to {form.cleaned_data['email']} with subject {form.cleaned_data['subject']} to attempt to verify {form.cleaned_data['user']} works for {form.cleaned_data['contact'].vendor_name}."
+            title = f"Sent email to {assoc.email} with subject {form.cleaned_data['subject']} to attempt to verify {form.cleaned_data['user']} works for {form.cleaned_data['contact'].vendor_name}."
             body = form.cleaned_data['email_body']
             if len(title) > 299:
                 #title too long for followup, add important info to comment instead
                 title = f"Sent email to attempt to verify {form.cleaned_data['user']} works for {form.cleaned_data['contact'].vendor_name}."
-                body = f"Email sent to {form.cleaned_data['email']}\r\nSubject:{form.cleaned_data['subject']}\r\nBody:{body}"
+                body = f"Email sent to {assoc.email}\r\nSubject:{form.cleaned_data['subject']}\r\nBody:{body}"
                 
             fup = FollowUp(ticket=ticket,
                            title=title,
@@ -8165,9 +8358,10 @@ def form_valid(self, form):
             
             subject = f"[{ticket.queue.slug}-{ticket.id}] {form.cleaned_data['subject']}"
 
-            emails = form.cleaned_data['email'].split(',')
+            emails = self.request.POST.getlist('email')
             
             send_regular_email_notification(emails, subject, form.cleaned_data['email_body'])
+            
             messages.success(
                 self.request,
                 "Your email has been sent."
@@ -8244,9 +8438,14 @@ def get(self, request, *args, **kwargs):
 
         if search_query:
             if facet == "All":
-                email_results = EmailContact.objects.filter(Q(email__icontains=search_term) | Q(name__icontains=search_term)).values_list('contact', flat=True)
+                vince_results = VinceProfile.objects.using('vincecomm').filter(Q(user__first_name__icontains=search_term) | Q(user__last_name__icontains=search_term) | Q(preferred_username__icontains=search_term) | Q(user__email__icontains=search_term))
+                user_contacts = list(vince_results.values_list('user__email', flat=True))
+                logger.debug(user_contacts)
+                email_contacts = EmailContact.objects.filter(contact__vendor_type="Contact", email__in=user_contacts).values_list('contact__id', flat=True)
+                email_results = EmailContact.objects.filter(Q(email__icontains=search_term) | Q(name__icontains=search_term)).exclude(contact__id__in=email_contacts).values_list('contact', flat=True)
                 emails = Contact.objects.filter(id__in=email_results)
-                contact_results = Contact.objects.search(search_query)
+                logger.debug(email_contacts)
+                contact_results = Contact.objects.search(search_query).exclude(id__in=email_contacts)
                 ctags = ContactTag.objects.filter(tag__in=search_tags).values_list('contact__id', flat=True)
                 if ctags:
                     ctags = Contact.objects.filter(id__in=ctags)
@@ -8254,7 +8453,7 @@ def get(self, request, *args, **kwargs):
                 else:
                     contact_results = contact_results | emails
                 group_results = ContactGroup.objects.filter(Q(name__icontains=search_term) | Q(srmail_peer_name__icontains=search_term))
-                vince_results = VinceProfile.objects.using('vincecomm').filter(Q(user__first_name__icontains=search_term) | Q(user__last_name__icontains=search_term) | Q(preferred_username__icontains=search_term) | Q(user__email__icontains=search_term))
+
             elif facet == "Groups":
                 group_results = ContactGroup.objects.filter(Q(name__icontains=search_term) | Q(srmail_peer_name__icontains=search_term))
             elif facet == "Contacts":
@@ -8421,6 +8620,46 @@ def form_valid(self, form):
         _add_group_activity(self.request.user, 1, newgroup, text)
         return redirect("vince:group", newgroup.id)
 
+
+    
+class AddContactToGroupView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
+    login_url="vince:login"
+    template_name="vince/addcontacttogroup.html"
+
+    def test_func(self):
+        return is_in_group_vincetrack(self.request.user) and get_contact_write_perms(self.request.user)
+
+    def post(self, request, *args, **kwargs):
+        logger.debug(self.request.POST)
+        contact = get_object_or_404(Contact, id=self.kwargs.get('pk'))
+        group = get_object_or_404(ContactGroup, name=self.request.POST.get('group'))
+        if self.request.POST.get('rm'):
+            #remove contact from group
+            member = GroupMember.objects.filter(group=group, contact=contact).first()
+            if member:
+                member.delete()
+                text = "removed %s from '%s' group" % (contact.vendor_name, group.name)
+                _add_group_activity(self.request.user, 3, group, text)
+                _add_activity(self.request.user, 5, contact, text)
+                update_srmail_file()
+            else:
+                return JsonResponse({'error': 'Contact is not in Group'}, status=403)
+        else:
+        
+            newmember=GroupMember(group=group,
+                                  contact=contact,
+                                  user_added=self.request.user,
+                                  member_type=contact.vendor_type)
+            newmember.save()
+            text = "added %s to '%s' group" % (contact.vendor_name, group.name)
+            _add_activity(self.request.user, 4, contact, text)
+            _add_group_activity(self.request.user, 2, group, text)
+            update_srmail_file()
+            
+        return JsonResponse({'message': 'success'}, status=200)
+
+
+    
 class RemoveContactView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
     model = Contact
     login_url = "vince:login"
@@ -8484,7 +8723,7 @@ def post(self, request, *args, **kwargs):
 class ContactActivity(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.ListView):
     model = Activity
     login_url = "vince:login"
-    template_name = "vince/include/contactactivity.html"
+    template_name = "vince/include/alt_contact_activity.html"
 
     def test_func(self):
         return is_in_group_vincetrack(self.request.user) and get_contact_read_perms(self.request.user)
@@ -8497,11 +8736,6 @@ class CreateContactView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, For
     login_url = "vince:login"
     template_name = 'vince/newcontact.html'
     form_class = ContactForm
-    PostalFormSet = formset_factory(PostalForm, max_num=10, min_num=1, can_delete=True, extra=0)
-    PhoneFormSet = formset_factory(PhoneForm, max_num=10, min_num=1, can_delete=True, extra=0)
-    WebFormSet = formset_factory(WebsiteForm, max_num=10, min_num=1, can_delete=True, extra=0)
-    PgPFormSet = formset_factory(ContactPgPForm, max_num=10, min_num=1, can_delete=True, extra=0)
-    EmailFormSet = formset_factory(EmailContactForm, max_num=10, min_num=1, can_delete=True, extra=0)
 
     def	test_func(self):
         return is_in_group_vincetrack(self.request.user) and get_contact_write_perms(self.request.user)
@@ -8512,11 +8746,6 @@ def form_invalid(self, form):
 
         return render(self.request, 'vince/newcontact.html',
                       {'form': form,
-                       'postal_formset': self.PostalFormSet(prefix='postal'),
-                       'phone_formset': self.PhoneFormSet(prefix='phone'),
-                       'web_formset': self.WebFormSet(prefix='web'),
-                       'pgp_formset': self.PgPFormSet(prefix='pgp'),
-                       'email_formset': self.EmailFormSet(prefix='email'),
                        })
 
     def post(self, request, *args, **kwargs):
@@ -8531,242 +8760,74 @@ def post(self, request, *args, **kwargs):
 
     def form_valid(self, form):
         logger.debug("VALID FORM")
-        postalformset = self.PostalFormSet(self.request.POST, prefix='postal')
-        phoneformset = self.PhoneFormSet(self.request.POST, prefix='phone')
-        webformset = self.WebFormSet(self.request.POST, prefix='web')
-        pgpformset = self.PgPFormSet(self.request.POST, prefix='pgp')
-        emailformset = self.EmailFormSet(self.request.POST, prefix='email')
-
-        if 'active' in self.request.POST:
-            active = True
+        vendor_name = self.request.POST['vendor_name'].strip()
+        group = False
+        vendor_type = self.request.POST['vtype']
+        if (vendor_type == "Group"):
+            group = True
+            if group_name_exists(vendor_name):
+                error_str = "Group already exists with this name."
+                return JsonResponse({'error': error_str}, status=401)
         else:
-            active = False
+            old_contact = Contact.objects.filter(vendor_name__iexact=vendor_name).first()
 
-        vendor_name = self.request.POST['vendor_name'].strip()
+            if old_contact:
+                error_str = "Contact already exists with this vendor name."
+                return JsonResponse({'error': error_str,
+                                     'oldid': old_contact.id}, status=401)
 
-        old_contact = Contact.objects.filter(Q(vendor_name=vendor_name) | Q(srmail_peer=self.request.POST['srmail_peer'])).first()
+        srmail_peer = vendor_name.lower().replace(" ", "_").replace("'", "")
+        srmail_peer = srmail_peer.translate({ord(i):None for i in '"@+.,;'})
 
-        if old_contact:
-            error_str = "Contact already exists with this vendor name or srmail peer name. View "
-            return render(self.request, 'vince/newcontact.html',
-                      {'form': form,
-                       'postal_formset': self.PostalFormSet(prefix='postal'),
-                       'phone_formset': self.PhoneFormSet(prefix='phone'),
-                       'web_formset': self.WebFormSet(prefix='web'),
-                       'pgp_formset': self.PgPFormSet(prefix='pgp'),
-                       'error': error_str, 'oldid': old_contact.id,
-                       'email_formset': self.EmailFormSet(prefix='email'),
-                       'old_vendor':old_contact.vendor_name
-                       })
-        if active:
-            if not(emailformset.is_valid()):
-                error_str=f"Check required email fields: {emailformset.errors}."
-                forms = {'form': form, 'email_error': error_str,
-                         'postal_formset': self.PostalFormSet(prefix='postal'),
-                         'phone_formset': self.PhoneFormSet(prefix='phone'),
-                         'web_formset': self.WebFormSet(prefix='web'),
-                         'pgp_formset': self.PgPFormSet(prefix='pgp'),
-                         'email_formset': self.EmailFormSet(prefix='email')}
-                return render(self.request, 'vince/newcontact.html', forms)
+        if srmail_name_exists(srmail_peer):
+            srmail_peer = f"{srmail_peer}_1"
 
-        if self.request.POST['vendor_type'] == "Contact":
-            lotus_id = 0
-        elif self.request.POST['lotus_id']:
-            lotus_id = self.request.POST['lotus_id']
-        else:
-            lotus_id = 0
 
+        if group:
+            newgroup = ContactGroup(name=vendor_name,
+                                    description=f"New group added by {self.request.user.usersettings.preferred_username}",
+                                    srmail_peer_name=srmail_peer,
+                                    status="Inactive",
+                                    comment = self.request.POST['comment'],
+                                    user_added=self.request.user)
+            newgroup.save()
+            # add the duplicate group hack                                                                
+            dupgroup = GroupDuplicate(group=newgroup)
+            dupgroup.save()
+            update_srmail_file()
+            text = "created group %s" % newgroup.name
+            _add_group_activity(self.request.user, 1, newgroup, text)
+            return JsonResponse({'new': reverse("vince:group", args=[newgroup.id])}, status=200)
+
+        if vendor_type == "User":
+            vendor_type = "Contact"
+        
+        
         contact = Contact(vendor_name = vendor_name,
-                          vendor_type=self.request.POST['vendor_type'],
-                          srmail_peer = self.request.POST['srmail_peer'],
-                          srmail_salutation = self.request.POST['srmail_salutation'],
+                          vendor_type=vendor_type,
+                          srmail_peer = srmail_peer,
                           countrycode = self.request.POST['countrycode'],
-                          lotus_id = lotus_id,
+                          lotus_id = 0,
                           location = self.request.POST['location'],
-                          active = active,
+                          active = False,
                           comment = self.request.POST['comment'],
                           user_added=self.request.user)
 
         contact.save()
-        #get vinny contact
-        vinny_contact = VinceCommContact.objects.filter(vendor_id=contact.id).first()
 
         if contact:
-            _add_activity(self.request.user, 1, contact, "created new contact (" + contact.vendor_type + ")")
-
-        emails=[]
-        vinny_emails=[]
-        vinny_emails_add = []
-        if emailformset.is_valid():
-            for f in emailformset:
-                cd = f.cleaned_data
-                logger.debug(cd)
-
-                emails.append(EmailContact(contact=contact,
-                                           email = cd['email'],
-                                           email_type=cd['email_type'],
-                                           name=cd['name'],
-                                           user_added=self.request.user,
-                                           email_function="TO",
-                                           status = cd['status'],
-                                           email_list = cd['email_list']))
-                vinny_emails.append(VinceCommEmail(contact=vinny_contact,
-                                                   email = cd['email'],
-                                                   email_type=cd['email_type'],
-                                                   name=cd['name'],
-                                                   email_function="TO",
-                                                   status = cd['status'],
-                                                   email_list = cd['email_list']))
-
-                if cd['status'] and cd['email_list']==False:
-                    vinny_emails_add.append(cd['email'])
-
-            EmailContact.objects.bulk_create(emails)
-            VinceCommEmail.objects.bulk_create(vinny_emails)
-        else:
-            logger.debug(emailformset.errors)
-
-
-        # check permissions on users associated with this contact
-        for vemail in vinny_emails_add:
-            _add_group_permissions(vemail, self.request.user)
-
-
-        if postalformset.is_valid():
-            postal=[]
-            vinny_postal=[]
-            for count, f in enumerate(postalformset):
-                cd = f.cleaned_data
-                logger.debug(cd)
-                postal.append(PostalAddress(contact=contact,
-                                            country=cd['country'],
-                                            address_type=cd['address_type'],
-                                            street=cd['street'],
-                                            street2=cd['street2'],
-                                            city=cd['city'],
-                                            state=cd['state'],
-                                            zip_code=cd['zip_code'],
-                                            user_added=self.request.user))
-                vinny_postal.append(VinceCommPostal(contact__id=contact.id,
-                                                    country=cd['country'],
-                                                    address_type=cd['address_type'],
-                                                    street=cd['street'],
-                                                    street2=cd['street2'],
-                                                    city=cd['city'],
-                                                    state=cd['state'],
-                                                    zip_code=cd['zip_code']))
-            PostalAddress.objects.bulk_create(postal)
-            VinceCommPostal.objects.bulk_create(vinny_postal)
-        else:
-            logger.debug(postalformset.errors)
-
-
-        if phoneformset.is_valid():
-            phones=[]
-            vinny_phones=[]
-            for count, f in enumerate(phoneformset):
-                cd = f.cleaned_data
-                phones.append(PhoneContact(contact=contact,
-                                           country_code=cd['country_code'],
-                                           phone=cd['phone'],
-                                           phone_type=cd['phone_type'],
-                                           comment=cd['comment'],
-                                           user_added=self.request.user))
-                vinny_phones.append(VinceCommPhone(contact=vinny_contact,
-                                                   country_code=cd['country_code'],
-                                                   phone=cd['phone'],
-                                                   phone_type=cd['phone_type'],
-                                                   comment=cd['comment']))
-
+            _add_activity(self.request.user, 1, contact, f"created new contact ({contact.vendor_type})")
 
-            PhoneContact.objects.bulk_create(phones)
-            VinceCommPhone.objects.bulk_create(vinny_phones)
 
-        else:
-            logger.debug(phoneformset.errors)
-
-        if webformset.is_valid():
-            websites = []
-            vinny_websites = []
-            for count, f in enumerate(webformset):
-                cd = f.cleaned_data
-                websites.append(Website(contact=contact,
-                                        url=cd['url'],
-                                        description=cd['description'],
-                                        user_added=self.request.user))
-                vinny_websites.append(VinceCommWebsite(contact=vinny_contact,
-                                                       url=cd['url'],
-                                                       description=cd['description']))
-
-
-            Website.objects.bulk_create(websites)
-            VinceCommWebsite.objects.bulk_create(vinny_websites)
-
-        else:
-            logger.debug(webformset.errors)
-
-        pgpkeys = []
-        vinny_pgpkeys = []
-        for f in pgpformset:
-            if f.is_valid():
-                cd = f.cleaned_data
-                if cd['revoked'] == 'on':
-                    revoked=True
-                else:
-                    revoked=False
-                if cd['pgp_key_data']:
-                    cd = extract_pgp_info(cd)
-                    if cd == None:
-                        messages.error(self.request,
-                                       f"There was an error in parsing the PGP Key #{count}")
-                        continue
-                pgpkeys.append(ContactPgP(contact=contact,
-                                          pgp_key_id=cd['pgp_key_id'],
-                                          pgp_protocol=cd['pgp_protocol'],
-                                          startdate=cd['startdate'],
-                                          enddate=cd['enddate'],
-                                          pgp_key_data=cd['pgp_key_data'],
-                                          pgp_fingerprint=cd['pgp_fingerprint'],
-                                          revoked=revoked,
-                                          pgp_email=cd['pgp_email'],
-                                          user=self.request.user
-                                          ))
-                vinny_pgpkeys.append(VinceCommPgP(contact=vinny_contact,
-                                                  pgp_key_id=cd['pgp_key_id'],
-                                                  pgp_protocol=cd['pgp_protocol'],
-                                                  startdate=cd['startdate'],
-                                                  enddate=cd['enddate'],
-                                                  pgp_key_data=cd['pgp_key_data'],
-                                                  pgp_email=cd['pgp_email'],
-                                                  revoked=revoked))
-
-            else:
-                for x in pgpformset.errors:
-                    for k,v in x.items():
-                        if 'This field is required.' not in v:
-                            if "Either PGP Key or ID is required" in v and not(f.cleaned_data.get('pgp_key_data') or f.cleaned_data.get('pgp_key_id')):
-                                continue
-                            messages.error(self.request,
-                                           f"PGP Key Validation Error: {v}")
-                logger.debug(pgpformset.errors)
-
-        if pgpkeys:
-            ContactPgP.objects.bulk_create(pgpkeys)
-            VinceCommPgP.objects.bulk_create(vinny_pgpkeys)
-
-
-        return redirect("vince:contact", contact.id)
+        messages.warning(
+            self.request,
+            _(f"Contact will remain inactive until email is added.  Add new email(s) to activate contact."))
+            
+        return JsonResponse({'new':reverse("vince:contact", args=[contact.id])}, status=200)
 
     def get_context_data(self, **kwargs):
         context = super(CreateContactView, self).get_context_data(**kwargs)
-        forms = {'postal_formset': self.PostalFormSet(prefix='postal'),
-                 'phone_formset': self.PhoneFormSet(prefix='phone'),
-                 'web_formset': self.WebFormSet(prefix='web'),
-                 'pgp_formset': self.PgPFormSet(prefix='pgp'),
-                 'email_formset': self.EmailFormSet(prefix='email')}
-
         context['form'] = self.form_class()
-        context.update(forms)
         context['contactpage']=1
         return context
 
@@ -8784,27 +8845,15 @@ def get_context_data(self, **kwargs):
         group = ContactGroup.objects.filter(id=self.kwargs['pk']).first()
         context['members'] = GroupMember.objects.filter(group=group).exclude(contact__isnull=True).values_list('contact', flat=True)
         context['group_members'] = GroupMember.objects.filter(group=group).exclude(contact__isnull=True).order_by('contact')
-        context['group_half_first'] = ":"+str(int(len(context['group_members'])/2))
-        context['group_half_last'] = str(int(len(context['group_members'])/2))+":"
         # the groups in the group - give the list of groupduplicates
         groupdups = GroupMember.objects.filter(group=group).values_list('group_member', flat=True)
         duplicates = GroupDuplicate.objects.filter(group__in=groupdups).values_list('group', flat=True)
         context['groupmembers'] = ContactGroup.objects.filter(id__in=duplicates)
         context['group'] = group
-        contactkeys = ContactPgP.objects.filter(contact__in=context['members']).values_list('contact', flat=True)
-        nokeys = [i for i in context['members'] if not i in contactkeys]
-        context['contacts_without_keys'] = Contact.objects.filter(id__in=nokeys)
-        emails = EmailContact.objects.filter(contact__in=context['members']).values_list('contact', flat=True)
-        noemails = [i for i in context['members'] if not i in emails]
-        context['contacts_without_emails'] = Contact.objects.filter(id__in=noemails)
         context['contactpage']=1
         context['activity'] = GroupActivity.objects.filter(group=group).order_by('-action_ts')
         context['cases'] = VulnerableVendor.objects.filter(from_group=group).order_by('case').distinct('case')
-        #        expired_keys = ExpiredKeyResults.objects.order_by('-id')
-#        if expired_keys:
-#            expired_keys = expired_keys[0]
-#            context['expired_keys_contacts'] = Contact.objects.filter(vendor_name__in=expired_keys.contacts_expired, id__in=context['members'])
-
+        context['inactive_contacts'] = context['members'].filter(contact__active=False).count()
         return context
 
 class GroupEditView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, FormView, FormMixin):
@@ -8826,27 +8875,39 @@ def get_context_data(self, **kwargs):
         context['contactpage']=1
         context['members'] = GroupMember.objects.filter(group=group[0]).exclude(contact__isnull=True).values_list('contact', flat=True)
         context['group_members'] = GroupMember.objects.filter(group=group[0]).exclude(contact__isnull=True).order_by('contact')
-        context['group_half_first'] = ":"+str(int(len(context['group_members'])/2))
-        context['group_half_last'] = str(int(len(context['group_members'])/2))+":"
 
         # the groups in the group - give the list of groupduplicates
         groupdups = GroupMember.objects.filter(group=group[0]).values_list('group_member', flat=True)
         duplicates = GroupDuplicate.objects.filter(group__in=groupdups).values_list('group', flat=True)
         context['groupmembers'] = ContactGroup.objects.filter(id__in=duplicates)
         context['group'] = group.first()
-        contactkeys = ContactPgP.objects.filter(contact__in=context['members']).values_list('contact', flat=True)
-        nokeys = [i for i in context['members'] if not i in contactkeys]
-        context['contacts_without_keys'] = Contact.objects.filter(id__in=nokeys)
-        emails = EmailContact.objects.filter(contact__in=context['members']).values_list('contact', flat=True)
-        noemails = [i for i in context['members'] if not i in emails]
-        context['contacts_without_emails'] = Contact.objects.filter(id__in=noemails)
-#        expired_keys = ExpiredKeyResults.objects.order_by('-id')
-#        if expired_keys:
-#            expired_keys = expired_keys[0]
-#            context['expired_keys_contacts'] = Contact.objects.filter(vendor_name__in=expired_keys.contacts_expired, id__in=context['members'])
-#
+        context['inactive_contacts'] = context['members'].filter(contact__active=False).count()
         return context
 
+
+    def get(self, request, *args, **kwargs):
+        group = ContactGroup.objects.filter(id=self.kwargs['pk']).first()
+        if self.request.GET.get('activate'):
+            #does this group have members?
+            members = GroupMember.objects.filter(group=group).count()
+            if members:
+                group.status="Active"
+                group.save()
+                _add_group_activity(self.request.user, 4, group, f"activated {group.name} group")
+            else:
+                messages.error(
+                    self.request,
+                    _(f"You cannot activate a group without members."))
+
+            return redirect("vince:group", group.id)
+        elif self.request.GET.get('deactivate'):
+            group.status="Inactive"
+            group.save()
+            _add_group_activity(self.request.user, 4, group, f"deactivated {group.name} group")
+            return redirect("vince:group", group.id)
+        return super().get(request, *args, **kwargs)
+    
+
     def form_invalid(self, form):
         logger.debug(f"{self.__class__.__name__} errors: {form.errors}")
         logger.debug("INVALID FORM!!!")
@@ -8900,6 +8961,7 @@ def form_valid(self, form):
                            'members': members
                           })
 
+        initial_members = GroupMember.objects.filter(group=current_group).count()
         if current_group.name != self.request.POST['name']:
             if group_name_exists(self.request.POST['name']):
                 self.error = "Group name already exists"
@@ -8907,24 +8969,10 @@ def form_valid(self, form):
             _add_group_activity(self.request.user, 4, current_group, 'modified group name')
             current_group.name = self.request.POST['name']
             current_group.save()
-
-        if current_group.status != self.request.POST['status']:
-            activity_msg = "changed status from %s to %s" % (current_group.status, self.request.POST['status'])
-            _add_group_activity(self.request.user, 4, current_group, activity_msg)
-            current_group.status = self.request.POST['status']
-            current_group.save()
-
         if current_group.description != self.request.POST['description']:
             _add_group_activity(self.request.user, 4, current_group, 'modified group description')
             current_group.description = self.request.POST['description']
             current_group.save()
-        if current_group.srmail_peer_name != self.request.POST['srmail_peer_name']:
-            if srmail_name_exists(self.request.POST['srmail_peer_name']):
-                self.error = "SRMail Peer Name already exists"
-                return form.invalid(self.form)
-            _add_group_activity(self.request.user, 4, current_group, 'modified group srmail peer name')
-            current_group.srmail_peer_name = self.request.POST['srmail_peer_name']
-            current_group.save()
         if current_group.comment != self.request.POST['comment']:
             _add_group_activity(self.request.user, 4, current_group, 'modified comment')
             current_group.comment = self.request.POST['comment']
@@ -8953,7 +9001,7 @@ def form_valid(self, form):
                 newmember.save()
                 if newmember.id:
                     added = added + 1
-                    text = "Added %s to group %s" % (contact.vendor_name, current_group.name)
+                    text = "added %s to %s group" % (contact.vendor_name, current_group.name)
                     _add_activity(self.request.user, 4, contact, text)
                 else:
                     logger.debug("NOT ADDED")
@@ -8968,7 +9016,7 @@ def form_valid(self, form):
                                             member_type="Group")
                     newmember.save()
                     if newmember.id:
-                        text = "Added %s to group %s" % (groupdup.group.name, current_group.name)
+                        text = "added %s to %s group" % (groupdup.group.name, current_group.name)
                         _add_group_activity(self.request.user, 2, groupdup.group, text)
                         added=added+1
             text = "Added %s to group" % group
@@ -8984,7 +9032,7 @@ def form_valid(self, form):
                     grouptorm = GroupMember.objects.filter(group=current_group, contact=contact)
                     grouptorm.delete()
                     removed += 1
-                    text = "Removed %s from group %s" % (group, current_group.name)
+                    text = "removed %s from %s group" % (group, current_group.name)
                     _add_group_activity(self.request.user, 3, current_group, text)
                     _add_activity(self.request.user, 5, contact, text)
                 else:
@@ -8995,7 +9043,7 @@ def form_valid(self, form):
                         grouprm = GroupMember.objects.filter(group=current_group, group_member=groupdup).first()
                         if grouprm:
                             grouprm.delete()
-                            text = "Removed %s from group %s" % (group, current_group.name)
+                            text = "removed %s from %s group" % (group, current_group.name)
                             _add_group_activity(self.request.user, 3, current_group, text)
                             _add_group_activity(self.request.user, 3, grouptorm, text)
                             removed += 1
@@ -9005,6 +9053,12 @@ def form_valid(self, form):
             messages.warning(
                 self.request,
                 _(f"Updating SRMAIL file due to group membership changes."))
+            #get number of members:
+            members = GroupMember.objects.filter(group=current_group).count()
+            if (initial_members == 0) and members:
+                #activate group now that we have members
+                current_group.status="Active"
+                current_group.save()
 
         logger.debug("Removed %d members" % removed)
         current_group.version = current_group.version + 1
@@ -9424,6 +9478,234 @@ def get_queryset(self):
         return VulnerableVendor.objects.filter(contact=self.kwargs['pk']).order_by('-date_modified')
 
 
+class RemoveEmailFromContact(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
+    login_url = "vince:login"
+    template_name = "vince/confirm_rm_email.html"
+
+    def test_func(self):
+        return is_in_group_vincetrack(self.request.user) and get_contact_write_perms(self.request.user)
+
+    def get_context_data(self, **kwargs):
+        context = super(RemoveEmailFromContact, self).get_context_data(**kwargs)
+        context['contact'] = get_object_or_404(Contact, id=self.kwargs['pk'])
+        context['email'] = get_object_or_404(EmailContact, id=self.kwargs['email'])
+        context['vcuser'] = User.objects.using('vincecomm').filter(email=context['email'].email).first()
+        return context
+    
+    def post(self, request, *args, **kwargs):
+        contact = get_object_or_404(Contact, id=self.kwargs['pk'])
+        email = get_object_or_404(EmailContact, id=self.kwargs['email'])
+
+        _add_activity(self.request.user, 3, contact, f"removed email: {email.email}")
+	#close any bounces that may be associated with this email
+        bn = BounceEmailNotification.objects.filter(email=email.email, action_taken=False)
+        for b in bn:
+            b.action_taken=True
+            b.save()
+        #remove group permissions if this user has any
+        vinny_contact = VinceCommContact.objects.filter(vendor_id=self.kwargs['pk']).first()
+        _remove_group_permissions(email.email, vinny_contact, self.request.user)
+        #is this uer a groupadmin?
+        cga = GroupAdmin.objects.filter(contact=contact, email__email=email.email)
+        if cga:
+            _remove_groupadmin(email, contact)
+            _remove_groupadmin_perms(email)
+        
+        #remove address from VINCEComm
+        vcemail = VinceCommEmail.objects.filter(email=email.email, contact=vinny_contact).first()
+
+        vcemail.delete()
+        
+        email.delete()
+
+        #if we've removed all emails, this should contact should deactivate
+        all_emails = EmailContact.objects.filter(contact=contact).count()
+        if all_emails == 0:
+            contact.active=False
+            contact.save()
+            messages.warning(self.request,
+                             _(f"Deactivating contact due to removal of all email addresses."))
+
+        update_srmail_file()
+        return redirect("vince:contact", contact.id)
+
+class AddEmailToContact(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.FormView):
+    login_url = "vince:login"
+    template_name = "vince/add_email_contact.html"
+    form_class = EmailContactForm
+    
+    def test_func(self):
+        return is_in_group_vincetrack(self.request.user) and get_contact_write_perms(self.request.user)
+
+    def get_context_data(self, **kwargs):
+        context = super(AddEmailToContact, self).get_context_data(**kwargs)
+        context['contact'] = get_object_or_404(Contact, id=self.kwargs['pk'])
+        return context
+
+    def post(self, request, *args, **kwargs):
+        logger.debug(self.request.POST)
+        contact = get_object_or_404(Contact, id=self.kwargs['pk'])
+        vinny_contact = VinceCommContact.objects.filter(vendor_id=self.kwargs['pk']).first()
+        email_type = self.request.POST.get('email_type')
+        email = self.request.POST.get('email')
+        email = email.strip()
+        
+        #make sure email doesn't already exist in this contact?
+        
+        prev_email = EmailContact.objects.filter(contact=contact, email=email).first()
+        if prev_email:
+            return JsonResponse({'text':"This email has already been added to this contact."}, status=200)
+        #make sure this email is not in the verification process
+        prev_email = ContactAssociation.objects.filter(contact=contact, user=email, complete=False)
+        if prev_email:
+            return JsonResponse({'text':"This user is already in the process of being associated with this vendor."}, status=200)       
+
+
+        if contact.vendor_type == "Contact":
+            #notification only
+            email = EmailContact(email=email,
+                                 email_list = False,
+                                 name=self.request.POST.get('name'),
+                                 email_function="TO",
+                                 contact=contact)
+            email.save()
+
+            vc_email = VinceCommEmail(contact=vinny_contact,
+                                      email=email,
+                                      email_function="TO",
+                                      email_list=False,
+                                      name=self.request.POST.get('name'))
+            vc_email.save()
+
+            _add_activity(self.request.user, 3, contact, f"added email: {email}")
+
+            messages.success(
+                self.request,
+                _(f"Email address added to contact."))
+
+            contact.active=True
+            contact.save()
+
+            update_srmail_file()
+            
+            return JsonResponse({'refresh':1}, status=200)
+        
+        if email_type == "User":
+                
+            #does this contact have an admin?
+            admins = list(GroupAdmin.objects.filter(contact=contact).values_list('email__email', flat=True))
+            if self.request.POST.get('msg'):                
+                #we're on second post at this point
+                users = User.objects.using('vincecomm').filter(email__in=admins).values_list('id', flat=True)
+                if users:
+                    sender = User.objects.using('vincecomm').filter(email=self.request.user.email).first()
+                    msg = Message.new_message(sender, users, None, "VINCE Vendor User Request", self.request.POST['msg'])
+                    user_groups = self.request.user.groups.exclude(groupsettings__contact__isnull=True)
+                    if user_groups:
+                        msg.thread.from_group=user_groups[0].groupsettings.contact.vendor_name
+                    msg.thread.save()
+
+                    #create Ticket
+                    admins = ", " .join(admins)
+                    assoc = ContactAssociation(contact=contact,
+                                               user=email,
+                                               initiated_by=self.request.user,
+                                               approval_requested=True,
+                                               email=f"Sent message to admins: {admins}")
+                    assoc.save()
+                    ticket = Ticket(title=f"Contact Verification Process Initiated for {email}",
+                                    description=f"Adding user {email} to {contact.vendor_name}",
+                                    status = Ticket.CLOSED_STATUS,
+                                    queue = get_vendor_queue(self.request.user),
+                                    submitter_email = self.request.user.email,
+                                    assigned_to=self.request.user)
+                    ticket.save()
+                    assoc.ticket = ticket
+                    assoc.save()
+
+                    
+                    fup = FollowUp(title=f"Sent message to {contact.vendor_name} admins: {admins}",
+                                   comment=self.request.POST.get('msg'), ticket=ticket,
+                                   user=self.request.user)
+                    fup.save()
+                    tm = TicketThread(thread=msg.thread.id,
+                                      ticket=ticket.id)
+
+                    tm.save()
+                    fm = FollowupMessage(followup=fup,
+                                         msg=msg.id)
+                    fm.save()
+                    
+                    ticket.status = Ticket.CLOSED_STATUS
+                    ticket.save()
+
+                    _add_activity(self.request.user, 3, contact, f"started contact verification process for: {email}")
+
+                return JsonResponse({'ticket': reverse("vince:ticket", args=[ticket.id])}, status=200)
+
+            num_admins = len(admins)
+            admins = ", " .join(admins)
+            action_link = None
+
+            if num_admins:
+                if num_admins > 1:
+                    text = f"There are {num_admins} admins for this contact: {admins}."
+                else:
+                    text = f"There is {num_admins} admin for this contact: {admins}."
+                text = f"{text} Do you want to send a message to the admin(s) to add this user?"
+                #msg_link = reverse("vince:msgadmin")
+                tmpl = EmailTemplate.objects.filter(template_name='vendor_admin_user_request').first()
+                if tmpl:
+                    team_sig = get_team_sig(self.request.user)
+                    msg_body = tmpl.plain_text.replace('[EMAIL]', self.request.POST.get('email')).replace('[VENDOR]', contact.vendor_name).replace('[team_signature]', team_sig)
+                else:
+                    msg_body = "A 'vendor_admin_user_request' template has not been created. Please add a template or fill in the message to send the admin"
+                return JsonResponse({'text':text, "action_link": action_link, 'contact_link': reverse("vince:contact", args=[contact.id]), 'email_link': reverse("vince:initcontactverify", args=[contact.id])+f"?email={self.request.POST.get('email')}", 'msg_body':msg_body}, status=200)
+
+            else:
+                # no admins - so inititate process....
+                #does this contact have any email addresses?
+                emails = EmailContact.objects.filter(contact=contact, status=True).count()
+                if emails:
+                    messages.warning(
+                        self.request,
+                        _(f"This contact does not have a group admin. Initiate contact verification process to add user."))
+                
+                    return JsonResponse({'ticket': reverse("vince:initcontactverify", args=[contact.id])+"?email="+email}, status=200)
+                else:
+                    return JsonResponse({'text':"In order to add a user, you must add an email address to contact to verify this user works for this organization. Try adding a notification-only email address before attempting to verify a user.", 'bypass': reverse("vince:initcontactverify", args=[contact.id])+f"?email={self.request.POST.get('email')}&bypass=1"},  status=200)
+
+        else:
+            #notification only
+            email = EmailContact(email=email,
+                                 email_list = True,
+                                 name="Notification-Only",
+                                 email_function="TO",
+                                 contact=contact)
+            email.save()
+
+            vc_email = VinceCommEmail(contact=vinny_contact,
+                                      email=email,
+                                      email_function="TO",
+                                      email_list=True,
+                                      name="Notification Email")
+            vc_email.save()
+
+            _add_activity(self.request.user, 3, contact, f"added notification-only email: {email}")
+            
+            messages.success(
+                self.request,
+                _(f"Notification-only email address added to contact."))
+
+            contact.active=True
+            contact.save()
+
+            update_srmail_file()
+            
+            return JsonResponse({'refresh':1}, status=200)
+
+        
+    
 class ContactDetailView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.DetailView):
     model = Contact
     login_url = "vince:login"
@@ -9436,7 +9718,8 @@ def get_context_data(self, **kwargs):
         context = super(ContactDetailView, self).get_context_data(**kwargs)
         context['contactpage']=1
         logger.debug("IN CONTACT PAGE")
-        context['groups'] = GroupMember.objects.filter(contact=self.kwargs['pk'])
+        context['groups'] = [group.group.name for group in GroupMember.objects.filter(contact=self.kwargs['pk'])]
+        
         context['activity_list'] = Activity.objects.filter(contact=self.kwargs['pk']).order_by('-action_ts')
         context['cases'] = VulnerableVendor.objects.filter(contact=self.kwargs['pk'], case__lotus_notes=True).order_by('-date_modified')[:20]
         tkt_list = TicketContact.objects.filter(contact=self.kwargs['pk']).values_list('ticket', flat=True)
@@ -9444,19 +9727,23 @@ def get_context_data(self, **kwargs):
         context['assignable_users'] = EmailContact.objects.filter(contact=self.kwargs['pk'], email_list=False, status=True)
         context['contacttags'] = [tag.tag for tag in ContactTag.objects.filter(contact__id=self.kwargs['pk'])]
         context['othertags'] = [tag.tag for tag in TagManager.objects.filter(tag_type=2).exclude(tag__in=context['contacttags']).order_by('tag').distinct('tag')]
-        logger.debug(context['contacttags'])
-        logger.debug(context['othertags'])
+        emails = EmailContact.objects.filter(contact__id=self.kwargs['pk']).values_list('email', flat=True)
+        context['associations'] = ContactAssociation.objects.filter(contact__id=self.kwargs['pk'], complete=False).exclude(user__in=emails)
         context['vinceusers'] = User.objects.filter(is_active=True, groups__name='vince')
-        context['assignable'] = [user.email for user in context['assignable_users']]
+        context['all_groups'] = [group.name for group in ContactGroup.objects.all().exclude(name__in=context['groups'])]
         context['groupadmins'] = [admin.email.email for admin in GroupAdmin.objects.filter(contact=self.kwargs['pk'])]
         vc_contact = VinceCommContact.objects.using('vincecomm').filter(vendor_id=self.kwargs['pk']).first()
         if vc_contact:
+            logger.debug("VINCE COMM CONTACT")
             gc = GroupContact.objects.using('vincecomm').filter(contact=vc_contact).first()
             context['vc_contact'] = vc_contact
-            if gc:
+            if vc_contact.vendor_type != 'Contact' and gc:
                 context['participants'] = CaseMember.objects.filter(group=gc.group).order_by('-case__modified')[:20]
                 logger.debug(context['participants'])
-                context['vince_users'] = list(User.objects.using('vincecomm').filter(groups=gc.group).values_list('id','username','vinceprofile__preferred_username', named=True))
+                context['vince_users'] = list(User.objects.using('vincecomm').filter(groups=gc.group).values_list('username', flat=True))
+            elif vc_contact.vendor_type in ['Contact', 'User']:
+                #this is prob a contact
+                context['vince_users'] = list(User.objects.using('vincecomm').filter(email__in=list(emails)).values_list('username', flat=True))
             #Check on unapproved changes
             changes = ContactInfoChange.objects.filter(contact=vc_contact)
             allchanges = chain(context['activity_list'], changes)
@@ -9519,7 +9806,39 @@ def post(self, request, *args, **kwargs):
         return redirect("vince:contact", contact.id)
 
 
+class ChangeEmailNotifications(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
+    login_url = "vince:login"
+
+
+    def test_func(self):
+        return is_in_group_vincetrack(self.request.user) and get_contact_write_perms(self.request.user)
+
+    def get(self, request, *args, **kwargs):
+        email = get_object_or_404(EmailContact, id=self.kwargs['pk'])
+        
+        if email.email_function in ["TO", "CC"]:
+            email.email_function = "EMAIL"
+            email.save()
+            _add_activity(self.request.user, 3, email.contact, f"disabled email notifications for {email.email}")
+            #change it in VINCECOMM
+            vcemail = VinceCommEmail.objects.filter(email=email.email, contact__vendor_id=email.contact.id).first()
+            if vcemail:
+                vcemail.email_function = "EMAIL"
+                vcemail.save()
+        else:
+            email.email_function = "TO"
+            email.save()
+            _add_activity(self.request.user, 3, email.contact, f"enabled email notifications for {email.email}")
+            #change it in VINCECOMM
+            vcemail = VinceCommEmail.objects.filter(email=email.email, contact__vendor_id=email.contact.id).first()
+            if vcemail:
+                vcemail.email_function = "TO"
+                vcemail.save()
+
+        update_srmail_file()
+        return redirect("vince:contact", email.contact.id)
 
+    
 class EditContact(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, FormView, FormMixin):
     model = Contact
     login_url = "vince:login"
@@ -9529,11 +9848,46 @@ class EditContact(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, FormView,
     PhoneFormSet = inlineformset_factory(Contact, PhoneContact, form=PhoneForm, max_num=10, min_num=1, can_delete=True, extra=0)
     WebFormSet = inlineformset_factory(Contact, Website, form=WebsiteForm, max_num=10, min_num=1, can_delete=True, extra=0)
     PgPFormSet = inlineformset_factory(Contact, ContactPgP, form=ContactPgPForm, max_num=10, min_num=1, can_delete=True, extra=0)
-    EmailFormSet = inlineformset_factory(Contact, EmailContact, form=EmailContactForm, max_num=30, min_num=1, can_delete=True, extra=0)
+    #EmailFormSet = inlineformset_factory(Contact, EmailContact, form=EmailContactForm, max_num=30, min_num=1, can_delete=True, extra=0)
 
     def	test_func(self):
         return is_in_group_vincetrack(self.request.user) and get_contact_write_perms(self.request.user)
 
+
+    def get(self, request, *args, **kwargs):
+        contact = Contact.objects.filter(id=self.kwargs['pk']).first()
+        if self.request.GET.get('activate'):
+            #does this contact have emails?
+            emails = EmailContact.objects.filter(contact=contact).count()
+            if emails:
+                _add_activity(self.request.user, 3, contact, "changed status to ACTIVE")
+                contact.active=True
+                contact.save()
+            else:
+                messages.error(
+                    self.request,
+                    _(f"You cannot activate a contact without email addresses."))
+
+            update_srmail_file()
+            return redirect("vince:contact", contact.id)
+        elif self.request.GET.get('deactivate'):
+            contact.active=False
+            contact.save()
+            _add_activity(self.request.user, 3, contact, "deactivated contact")
+
+            emails = EmailContact.objects.filter(contact=contact).values_list('email', flat=True)
+            vince_users = User.objects.using('vincecomm').filter(email__in=list(emails), is_active=True)
+
+            if vince_users:
+                messages.warning(
+                    self.request,
+                    _(f"You are deactivating a contact with active users. Remove users from this contact if they should not access cases associated with this contact."))
+
+            update_srmail_file()
+            return redirect("vince:contact", contact.id)
+
+        return super().get(request, *args, **kwargs)
+    
     def form_invalid(self, form):
         logger.debug(f"{self.__class__.__name__} errors: {form.errors}")
         contact = Contact.objects.filter(id=self.kwargs['pk']).first()
@@ -9541,14 +9895,14 @@ def form_invalid(self, form):
         postal = PostalAddress.objects.filter(contact=self.kwargs['pk'])
         website = Website.objects.filter(contact=self.kwargs['pk'])
         pgp = ContactPgP.objects.filter(contact=self.kwargs['pk'])
-        email = EmailContact.objects.filter(contact=self.kwargs['pk']).order_by('-email_function')
+        #email = EmailContact.objects.filter(contact=self.kwargs['pk']).order_by('-email_function')
         forms = {'form': form,
                 'postal_formset': self.PostalFormSet(prefix='postal', queryset=postal, instance=contact),
                  'phone_formset': self.PhoneFormSet(prefix='phone', queryset=phones, instance=contact),
                  'web_formset': self.WebFormSet(prefix='web', queryset=website, instance=contact),
                  'pgp_formset': self.PgPFormSet(prefix='pgp', queryset=pgp, instance=contact),
-                 'contact': Contact.objects.filter(id=self.kwargs['pk']).first(),
-                 'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact)}
+                 'contact': Contact.objects.filter(id=self.kwargs['pk']).first()}
+        #'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact)}
         return render(self.request, 'vince/editcontact.html', forms)
 
     def post(self, request, *args, **kwargs):
@@ -9572,13 +9926,13 @@ def form_valid(self, form):
         postal = PostalAddress.objects.filter(contact=self.kwargs['pk'])
         website = Website.objects.filter(contact=self.kwargs['pk'])
         pgp = ContactPgP.objects.filter(contact=self.kwargs['pk'])
-        email = EmailContact.objects.filter(contact=self.kwargs['pk'])
+        #email = EmailContact.objects.filter(contact=self.kwargs['pk'])
 
         postalformset = self.PostalFormSet(self.request.POST, prefix='postal', queryset=postal, instance=contact)
         phoneformset = self.PhoneFormSet(self.request.POST, prefix='phone', queryset=phones, instance=contact)
         webformset = self.WebFormSet(self.request.POST, prefix='web', queryset=website, instance=contact)
         pgpformset = self.PgPFormSet(self.request.POST, prefix='pgp', queryset=pgp, instance=contact)
-        emailformset = self.EmailFormSet(self.request.POST, prefix='email', queryset=email, instance=contact)
+        #emailformset = self.EmailFormSet(self.request.POST, prefix='email', queryset=email, instance=contact)
 
         logger.debug(vinny_contact)
 
@@ -9592,31 +9946,16 @@ def form_valid(self, form):
                      'phone_formset': self.PhoneFormSet(prefix='phone', queryset=phones),
                      'web_formset': self.WebFormSet(prefix='web', queryset=website),
                      'pgp_formset': self.PgPFormSet(prefix='pgp', queryset=pgp),
-                     'contact': Contact.objects.filter(id=self.kwargs['pk']).first(),
-                     'email_formset': self.EmailFormSet(prefix='email', queryset=email)}
+                     'contact': Contact.objects.filter(id=self.kwargs['pk']).first()}
+            #'email_formset': self.EmailFormSet(prefix='email', queryset=email)}
             return render(self.request, 'vince/editcontact.html', forms)
 
-        if 'active' in self.request.POST:
-            active = True
-        else:
-            active = False
-
-        # moved this bc we need to determine user permissions
-        if contact.active != active:
-            if active:
-                _add_activity(self.request.user, 3, contact, "changed status to ACTIVE")
-            else:
-                _add_activity(self.request.user, 3, contact, "changed status to INACTIVE")
-            contact.active = active
-            contact.save()
-            some_changes=True
-
         groupadmins = []
         gas = GroupAdmin.objects.filter(contact=contact)
         if gas:
             for ga in gas:
                 groupadmins.append(ga.email.email)
-
+        """        
         if not(emailformset.is_valid()):
             logger.debug(emailformset.errors)
             if active:
@@ -9630,7 +9969,8 @@ def form_valid(self, form):
                          'contact': Contact.objects.filter(id=self.kwargs['pk']).first(),
                          'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact)}
                 return render(self.request, 'vince/editcontact.html', forms)
-
+        """
+        
         vinny_postal=[]
         for f in postalformset:
             if f.is_valid():
@@ -9767,7 +10107,7 @@ def form_valid(self, form):
                 VinceCommWebsite.objects.bulk_create(vinny_webs)
         except:
             return HttpResponseServerError()
-
+        """
         email_changes = False
         logger.debug("EMAIL FORMSET")
         vinny_emails = []
@@ -9843,7 +10183,7 @@ def form_valid(self, form):
         # check permissions on users associated with this contact
         for vemail in vinny_emails_add:
             _add_group_permissions(vemail, self.request.user)
-
+        """
 
         pgp_updates = False
         vinny_pgp=[]
@@ -9948,21 +10288,20 @@ def form_valid(self, form):
         else:
             active = False
 
-        if contact.vendor_type != self.request.POST['vendor_type']:
-            contact.vendor_type = self.request.POST['vendor_type']
+        if contact.vendor_type != self.request.POST['vtype']:
+            # set to true so srmail is recreated
+            pgp_updates = True
+            _add_activity(self.request.user, 3, contact, f"modified contact type from {contact.vendor_type} to {self.request.POST['vtype']}")
+            if self.request.POST['vtype'] == "User":
+                contact.vendor_type = "Contact"
+            else:
+                contact.vendor_type = self.request.POST['vtype']
             contact.save()
-            _add_activity(self.request.user, 3, contact, "modified contact type")
+
             some_changes=True
-        if self.request.POST['lotus_id']:
-            if int(self.request.POST['lotus_id']) != contact.lotus_id:
-                logger.debug(contact.lotus_id)
-                logger.debug(self.request.POST['lotus_id'])
-                _add_activity(self.request.user, 3, contact, "modified vendor id")
-                some_changes=True
-                contact.lotus_id = self.request.POST['lotus_id']
         vendor_name = self.request.POST['vendor_name'].strip()
         if contact.vendor_name != vendor_name:
-            oldvendorcontact = Contact.objects.filter(vendor_name=vendor_name).first()
+            oldvendorcontact = Contact.objects.filter(vendor_name__iexact=vendor_name).first()
             if oldvendorcontact:
                 error_str="Vendor Name already exists. Please choose a different Vendor Name"
                 return render(self.request, 'vince/editcontact.html',
@@ -9970,15 +10309,18 @@ def form_valid(self, form):
                                'postal_formset': self.PostalFormSet(prefix='postal'),
                                'phone_formset': self.PhoneFormSet(prefix='phone'),
                                'web_formset': self.WebFormSet(prefix='web'),
-                               'email_error':error_str,
                                'contact': contact,
                                'pgp_formset': self.PgPFormSet(prefix='pgp', queryset=pgp, instance=contact),
-                               'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact),
+                               """'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact),"""
                                'error': error_str
                               })
             _add_activity(self.request.user, 3, contact, f"modified contact name from {contact.vendor_name} to {vendor_name}")
             some_changes=True
             contact.vendor_name = vendor_name
+            srmail_peer = vendor_name.lower().replace(" ", "_").replace("'", "")
+            srmail_peer = srmail_peer.translate({ord(i):None for i in '"@+.,;'})
+            contact.srmail_peer = srmail_peer
+
         if contact.countrycode != self.request.POST['countrycode']:
             _add_activity(self.request.user, 3, contact, "modified country code")
             contact.countrycode = self.request.POST['countrycode']
@@ -9999,43 +10341,18 @@ def form_valid(self, form):
                     _add_activity(self.request.user, 3, contact, f"added comment: {self.request.POST['comment']}")
             contact.comment = self.request.POST['comment']
             some_changes=True
-        if contact.srmail_salutation != self.request.POST['srmail_salutation']:
-            _add_activity(self.request.user, 3, contact, "modified srmail salutation")
-            contact.srmail_salutation = self.request.POST['srmail_salutation']
-            some_changes = True
-        if contact.srmail_peer != self.request.POST['srmail_peer']:
-            if srmail_name_exists(self.request.POST['srmail_peer']):
-                error_str="SRMail Peer Name already exists. Please choose a different SRMail Peer Name"
-                return render(self.request, 'vince/editcontact.html',
-                              {'form': form,
-                               'postal_formset': self.PostalFormSet(prefix='postal'),
-                               'phone_formset': self.PhoneFormSet(prefix='phone'),
-                               'web_formset': self.WebFormSet(prefix='web'),
-                               'email_error':error_str,
-                               'contact': contact,
-                               'pgp_formset': self.PgPFormSet(prefix='pgp', queryset=pgp, instance=contact),
-                               'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact),
-                               'error': error_str
-                              })
-            _add_activity(self.request.user, 3, contact, f"modified peer address from {contact.srmail_peer} to {self.request.POST['srmail_peer']}")
-            contact.srmail_peer = self.request.POST['srmail_peer']
-            email_changes = True
 
-        if pgp_updates or email_changes:
+        if pgp_updates: #or email_changes
             #rebuild srmail file
             if pgp_updates:
                 messages.info(
                     self.request,
-                    _(f"SRMAIL file has been recreated due to updated PGP Key Information"))
-            else:
-                messages.info(
-                    self.request,
-                    _(f"SRMAIL file has been recreated due to updated Email Updates"))
+                    _(f"SRMAIL file has been recreated"))
             update_srmail_file()
 
         #bump version
         contact.version = contact.version + 1
-
+        """
         if active and groupadmins:
             for ga in groupadmins:
                 ec = EmailContact.objects.filter(contact=contact, email=ga).first()
@@ -10048,8 +10365,8 @@ def form_valid(self, form):
                     messages.warning(
                         self.request,
                         _(f"The email {ga} has been removed. Please reassign a new group admin."))
-
-        if some_changes or pgp_updates or email_changes:
+        """
+        if some_changes or pgp_updates: # or email_changes:
             contact.save()
             
         return redirect("vince:contact", self.kwargs['pk'])
@@ -10075,15 +10392,17 @@ def get_context_data(self, **kwargs):
         postal = PostalAddress.objects.filter(contact=self.kwargs['pk'])
         website = Website.objects.filter(contact=self.kwargs['pk'])
         pgp = ContactPgP.objects.filter(contact=self.kwargs['pk'])
-        email = EmailContact.objects.filter(contact=self.kwargs['pk']).order_by('-email_function')
+        #email = EmailContact.objects.filter(contact=self.kwargs['pk']).order_by('-email_function')
         contact = Contact.objects.filter(id=self.kwargs['pk']).first()
         forms = {'postal_formset': self.PostalFormSet(prefix='postal', queryset=postal, instance=contact),
                  'phone_formset': self.PhoneFormSet(prefix='phone', queryset=phones, instance=contact),
                  'web_formset': self.WebFormSet(prefix='web', queryset=website, instance=contact),
-                 'pgp_formset': self.PgPFormSet(prefix='pgp', queryset=pgp, instance=contact),
-                 'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact)}
+                 'pgp_formset': self.PgPFormSet(prefix='pgp', queryset=pgp, instance=contact)}
+        #'email_formset': self.EmailFormSet(prefix='email', queryset=email, instance=contact)}
         context['groups'] = GroupMember.objects.filter(contact=self.kwargs['pk'])
         context['form'] = self.form_class(initial=Contact.objects.filter(id=self.kwargs['pk']).values()[0])
+        context['form'].fields['vtype'].choices = [('User', 'User'), ('Vendor', 'Vendor'), ('Coordinator', 'Coordinator')]
+        context['form'].fields['vtype'].initial = contact.vendor_type
         context['contact'] = contact
 
         context.update(forms)
@@ -11199,7 +11518,8 @@ def form_valid(self, form):
             messages.error(self.request,
                            f"Error processing vulnerability information: {errors}")
         
-        if self.request.META.get('HTTP_REFERER'):
+        if self.request.META.get('HTTP_REFERER') and is_safe_url(self.request.META.get('HTTP_REFERER'),set(settings.ALLOWED_HOSTS),True):
+            
             return HttpResponseRedirect(self.request.META.get('HTTP_REFERER') + "#vuls")
         else:
             return redirect("vince:editvuls", vul.case.id)
@@ -11469,7 +11789,7 @@ def form_valid(self, form):
                 #connect any new reservations
                 cve_res = CVEReservation.objects.filter(cve_id=cve.cve_name).first()
                 if cve_res:
-                    logger.debug(f"FOUND RESERVATION for {x}")
+                    logger.debug(f"FOUND RESERVATION for {cve.cve_name}")
                     cve_res.cve_info = cve
                     cve_res.save()
             
@@ -11495,8 +11815,7 @@ def form_valid(self, form):
                     CVEAffectedProduct.objects.bulk_create(prods)
             except:
                 return HttpResponseServerError()
-
-        if self.request.META.get('HTTP_REFERER') and (self.request.path not in self.request.META.get('HTTP_REFERER')):
+        if self.request.META.get('HTTP_REFERER') and (self.request.path not in self.request.META.get('HTTP_REFERER')) and is_safe_url(self.request.META.get('HTTP_REFERER'),set(settings.ALLOWED_HOSTS),True):
             return HttpResponseRedirect(self.request.META.get('HTTP_REFERER') + "#vuls")
         else:
             return redirect("vince:vul", cve.vul.id)
@@ -11590,7 +11909,7 @@ def form_valid(self, form):
         if form.cleaned_data['vul']:
             return redirect("vince:case", form.cleaned_data['vul'].case.id)
 
-        if self.request.META.get('HTTP_REFERER'):
+        if self.request.META.get('HTTP_REFERER') and is_safe_url(self.request.META.get('HTTP_REFERER'),set(settings.ALLOWED_HOSTS),True):
             return HttpResponseRedirect(self.request.META.get('HTTP_REFERER') + "#vuls")
         else:
             return redirect("vince:vul", cve.vul.id)
@@ -11796,7 +12115,7 @@ def form_valid(self, form):
         if form.cleaned_data['cve_allocator'] == 'True':
             return redirect("vince:newcve",vul.id)
         """
-        if self.request.META.get('HTTP_REFERER'):
+        if self.request.META.get('HTTP_REFERER') and is_safe_url(self.request.META.get('HTTP_REFERER'),set(settings.ALLOWED_HOSTS),True):
             return HttpResponseRedirect(self.request.META.get('HTTP_REFERER')+"#vuls")
 
         return redirect("vince:editvuls", case.id)
@@ -11959,7 +12278,7 @@ def post(self, request, *args, **kwargs):
                             action_type=1)
         action.save()
         try:
-            if case.vulnote.date_published:
+            if case.vulnote.date_published or case.publicdate:
                 vul.deleted = True
                 vul.ask_vendor_status = False
                 vul.save()
@@ -11969,7 +12288,7 @@ def post(self, request, *args, **kwargs):
             #vul note prob doesn't exist
             vul.delete()
 
-        if self.request.META.get('HTTP_REFERER'):
+        if self.request.META.get('HTTP_REFERER') and is_safe_url(self.request.META.get('HTTP_REFERER'),set(settings.ALLOWED_HOSTS),True):
             return HttpResponseRedirect(self.request.META.get('HTTP_REFERER') + "#vuls")
         return redirect("vince:editvuls", case.id)
 
@@ -12873,6 +13192,7 @@ def get_context_data(self, **kwargs):
         if context['vc_user']:
             context['activity'] = VendorAction.objects.using('vincecomm').filter(user=context['vc_user']).order_by('-created')[:30]
             context['contact'] = EmailContact.objects.filter(email=context['vc_user'].username)
+            context['contact_record'] = EmailContact.objects.filter(email=context['vc_user'].username, contact__vendor_type="Contact").first()
             threads = Thread.ordered(Thread.all(context['vc_user']))
             paginator = Paginator(threads, 10)
             page = 1
@@ -13353,6 +13673,11 @@ def get_context_data(self, **kwargs):
                 context['results'] = Contact.objects.filter(active=False)
             elif t==4:
                 context['results'] = User.objects.using('vincecomm').filter(vinceprofile__multifactor=False, is_active=True)
+            elif t== 5:
+                # contacts with EMAIL type emails also associated with a user
+                all_users = list(User.objects.using('vincecomm').filter(is_active=True).values_list('email', flat=True))
+                emails = EmailContact.objects.filter(email__in=all_users, email_function__in=['EMAIL', 'REPLYTO']).values_list('contact__id', flat=True)
+                context['results'] = Contact.objects.filter(active=True, id__in=emails)
         return context
 
 
@@ -14640,8 +14965,9 @@ def get_context_data(self, **kwargs):
             x["cve_link"] = reverse("vince:detailedcve", args=[acc.id, x["cve_id"]])
             if v_cve:
                 if v_cve.cve_info:
-                    x["vul"] = reverse("vince:vul", args=[v_cve.cve_info.vul.id])
-                    x["case"] = v_cve.cve_info.vul.case.vu_vuid
+                    if v_cve.cve_info.vul:
+                        x["vul"] = reverse("vince:vul", args=[v_cve.cve_info.vul.id])
+                        x["case"] = v_cve.cve_info.vul.case.vu_vuid
                 if v_cve.user_reserved:
                     x["user"] = v_cve.user_reserved.usersettings.preferred_username
             else:
diff --git a/vincepub/models.py b/vincepub/models.py
index 64e3c51..37ae37f 100644
--- a/vincepub/models.py
+++ b/vincepub/models.py
@@ -36,7 +36,7 @@
 from django.contrib.postgres.indexes import GinIndex
 from django.contrib.postgres.search import SearchVectorField
 from bigvince.storage_backends import VRFReportsStorage
-
+from django.conf import settings
 
 class OldJSONField(fields.JSONField):
     def db_type(self, connection):
diff --git a/vinceworker/views.py b/vinceworker/views.py
index c41cc1f..7c12a6e 100644
--- a/vinceworker/views.py
+++ b/vinceworker/views.py
@@ -40,7 +40,7 @@
 from django.template.loader import get_template
 from django.forms.models import model_to_dict
 from vince.forms import TicketForm, CreateCaseRequestForm
-from vince.lib import update_vendor_status, update_vendor_view_status, create_ticket, create_case_post_action, create_action, process_s3_download, add_case_artifact, update_case_request, create_ticket_from_email_s3, update_vendor_status_statement, create_bounce_ticket, send_vt_daily_digest, generate_vt_reminders
+from vince.lib import update_vendor_status, update_vendor_view_status, create_ticket, create_case_post_action, create_action, process_s3_download, add_case_artifact, update_case_request, create_ticket_from_email_s3, update_vendor_status_statement, create_bounce_ticket, send_vt_daily_digest, generate_vt_reminders, reset_user_mfa
 from vinny.lib import send_post_email, send_usermention_notification
 from django.contrib.auth.models import User
 from vinny.models import PostRevision
@@ -224,6 +224,8 @@ def ingest_vulreport(request):
                 add_case_artifact(attributes, message)
             elif attributes['MessageType'] == 'CRUpdate':
                 update_case_request(attributes, message)
+            elif attributes['MessageType'] == 'ResetMFA':
+                reset_user_mfa(attributes, message)
             elif attributes['MessageType'] == 'PostNotify':
                 post = body_data['MessageAttributes'].get('Post').get('Value')
                 instance = get_object_or_404(PostRevision, id=int(post))
@@ -439,6 +441,26 @@ def write_srmail(request):
 
     with open(tmp.name, 'w') as f:
         f.write("#Generated by VINCE: " + dateformat.format(datetime.datetime.now(), 'F j, Y, P T') + "\n\n")
+
+        #create or update an all-vendor group:
+        all_vendor_contact_group = ContactGroup.objects.filter(name="_all_vendors").first()
+        if all_vendor_contact_group:
+
+            #remove any current, inactive contacts
+            inactive_members = GroupMember.objects.filter(group=all_vendor_contact_group, contact__active=False)
+            for x in inactive_members:
+                x.delete()
+
+            #remove any non-vendors
+            not_vendors = GroupMember.objects.filter(group=all_vendor_contact_group).exclude(contact__vendor_type='Vendor')
+            for x in not_vendors:
+                x.delete()
+                
+            all_vendor_contacts = Contact.objects.filter(active=True, vendor_type='Vendor')
+            for c in all_vendor_contacts:
+                mem = GroupMember.objects.update_or_create(contact=c, group=all_vendor_contact_group)
+
+        #write all the groups
         groups = ContactGroup.objects.order_by("srmail_peer_name")
         for group in groups:
             if group.status != "Active":
@@ -457,29 +479,16 @@ def write_srmail(request):
                         srmail_members.append(member.group_member.group.srmail_peer_name)
             f.write("+"+srmail_peer_name+"\t"+' '.join(srmail_members[0:])+"\n")
 
-        #create an all-vendor group:
-        all_vendor = list(Contact.objects.filter(active=True, vendor_type='Vendor').exclude(emailcontact__isnull=True).distinct().values_list('srmail_peer', flat=True))
-        f.write("+_all_vendors\t"+' '.join(all_vendor[0:])+"\n")
-        #update the VINCE contact group "all-vendor"
-        all_vendor_contact_group = ContactGroup.objects.filter(name="_all_vendors").first()
-        if all_vendor_contact_group:
-
-            #remove any current, inactive contacts
-            inactive_members = GroupMember.objects.filter(group=all_vendor_contact_group, contact__active=False)
-            for x in inactive_members:
-                x.delete()
-            
-            all_vendor_contacts = Contact.objects.filter(active=True, vendor_type='Vendor')
-            for c in all_vendor_contacts:
-                mem = GroupMember.objects.update_or_create(contact=c, group=all_vendor_contact_group)
-
-        
-        
-                
         #create an all-contact group:
         all_contact = list(Contact.objects.filter(active=True, vendor_type='Contact').exclude(emailcontact__isnull=True).distinct().values_list('srmail_peer', flat=True))
         f.write("+_all_contacts\t"+' '.join(all_contact[0:])+"\n")
         f.write("\n")
+
+        #create an all-coord group:
+        all_coordinators = list(Contact.objects.filter(active=True, vendor_type='Coordinator').exclude(emailcontact__isnull=True).distinct().values_list('srmail_peer', flat=True))
+        f.write("+_all_coordinators\t"+' '.join(all_coordinators[0:])+"\n")
+        f.write("\n")
+        
         contacts = Contact.objects.order_by("srmail_peer")
         for contact in contacts:
             try:
diff --git a/vinny/admin.py b/vinny/admin.py
index 882097c..62b349b 100644
--- a/vinny/admin.py
+++ b/vinny/admin.py
@@ -29,7 +29,7 @@
 from django.contrib import admin
 from django.contrib.auth.admin import GroupAdmin as BaseGroupAdmin
 from django.contrib.auth.models import Group
-from vinny.models import GroupContact, VinceProfile, VinceCommContact, Case, Thread, VinceCommInvitedUsers, VinceCommEmail, VinceCommGroupAdmin, VCVulnerabilityNote, CaseMemberStatus, CaseStatement, VinceAttachment, VinceTrackAttachment, CaseVulnerability, CaseTracking, CoordinatorSettings, VTCaseRequest, CaseMember
+from vinny.models import GroupContact, VinceProfile, VinceCommContact, Case, Thread, VinceCommInvitedUsers, VinceCommEmail, VinceCommGroupAdmin, VCVulnerabilityNote, CaseMemberStatus, CaseStatement, VinceAttachment, VinceTrackAttachment, CaseVulnerability, CaseTracking, CoordinatorSettings, VTCaseRequest, CaseMember, CaseViewed
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
 from django.contrib.auth.models import User
 from django.contrib.auth.forms import UserCreationForm, UserChangeForm
@@ -218,6 +218,12 @@ def get_email_vendor(self, instance):
     get_email_vendor.short_description = "Email Contact Name"
 
 
+class CaseViewedAdmin(admin.ModelAdmin):
+    list_display = ('get_vuid', 'user')
+
+    def get_vuid(self, instance):
+        return instance.case.vuid
+    
 class CaseAdmin(admin.ModelAdmin):
     list_display = ('vuid', 'title', 'created', 'status', 'published', 'get_team_owner')
     list_filter = ('status',)
@@ -253,6 +259,7 @@ class CaseMemberAdmin(admin.ModelAdmin):
 vinnyadmin.register(VinceAttachment)
 vinnyadmin.register(VinceTrackAttachment)
 vinnyadmin.register(CaseTracking)
+vinnyadmin.register(CaseViewed, CaseViewedAdmin)
 #vinnyadmin.register(CaseMember, CaseMemberAdmin)
 #vinnyadmin.register(VTCaseRequest)
 #vinnyadmin.register(CaseVulnerability)
diff --git a/vinny/lib.py b/vinny/lib.py
index 21ade0f..b046c75 100644
--- a/vinny/lib.py
+++ b/vinny/lib.py
@@ -467,6 +467,30 @@ def create_post_notification(post, user, tracking):
 
 
 def get_user_preferences(post, user, role, tracking=None):
+
+    #is this the first post in the case?
+    first_post = Post.objects.filter(case=post.case).order_by('created').first()
+    if post == first_post:
+        # this is the first post in the case, so we need to mute participants that have
+        # email notifications disabled
+        user_groups = user.groups.exclude(groupcontact__isnull=True)
+        cm = CaseMember.objects.filter(case=post.case, group__in=user_groups).exclude(group__groupcontact__isnull=True).first()
+        if cm:
+            email = VinceCommEmail.objects.filter(email=user.email, contact=cm.group.groupcontact.contact).first()
+            if email:
+                if email.email_function == "EMAIL":
+                    #mute the case
+                    settings = user.vinceprofile.settings
+                    if user.vinceprofile.settings.get('muted_cases'):
+                        muted_cases = user.vinceprofile.settings['muted_cases']
+                        muted_cases.append(post.case.id)
+                        settings.update({'muted_cases': muted_cases})
+                    else:
+                        settings.update({'muted_cases': [post.case.id]})
+                    user.vinceprofile.settings = settings
+                    user.vinceprofile.save()
+                    
+    #does this user have email notifications enabled
     if role != 1:
 	# this is pinned, everyone gets it                                   
         if user.vinceprofile.settings.get('muted_cases'):
@@ -519,7 +543,7 @@ def send_post_email(post, emails):
         role = 1
     else:
         role = _user_role_for_case(post.author, post.case)
-        
+
     sent_emails = []
     for u in participants:
         if u.participant:
diff --git a/vinny/migrations/0002_auto_20220719_1530.py b/vinny/migrations/0002_auto_20220719_1530.py
new file mode 100644
index 0000000..5d7082c
--- /dev/null
+++ b/vinny/migrations/0002_auto_20220719_1530.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.2.26 on 2022-07-19 15:30
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('vinny', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='vincecommcontact',
+            name='vendor_type',
+            field=models.CharField(choices=[('Contact', 'Contact'), ('Vendor', 'Vendor'), ('User', 'User'), ('Coordinator', 'Coordinator')], default='Vendor', max_length=50),
+        ),
+    ]
diff --git a/vinny/models.py b/vinny/models.py
index 02ba434..db38bf7 100644
--- a/vinny/models.py
+++ b/vinny/models.py
@@ -157,9 +157,9 @@ def _get_logo(self):
     logo = property(_get_logo)
 
     def _get_vendor_status(self):
-        groups = self.user.groups.exclude(groupcontact__contact__isnull=True)
+        groups = self.user.groups.filter(groupcontact__contact__active=True).exclude(groupcontact__contact__isnull=True)
         if len(groups) >= 1:
-            vendor_groups = groups.exclude(groupcontact__contact__vendor_type="Contact")
+            vendor_groups = groups.exclude(groupcontact__contact__vendor_type__in=["Contact", "User"])
             if len(vendor_groups) >= 1:
                 return True
         return False
@@ -167,7 +167,7 @@ def _get_vendor_status(self):
     is_vendor = property(_get_vendor_status)
 
     def _get_admin_status(self):
-        admin = VinceCommGroupAdmin.objects.filter(email__email=self.user.email)
+        admin = VinceCommGroupAdmin.objects.filter(email__email=self.user.email, contact__active=True, contact__vendor_type__in=["Coordinator", "Vendor"])
         if admin:
             return True
         return False
@@ -263,6 +263,8 @@ class VinceCommContact(models.Model):
     VENDOR_TYPE = (
     ('Contact', 'Contact'),
     ('Vendor', 'Vendor'),
+    ('User', 'User'),
+    ('Coordinator', 'Coordinator'),
     )
 
     LOCATION_CHOICES=(
@@ -445,7 +447,7 @@ def _get_ts(self):
     action_ts = property(_get_ts)
     
     def __str__(self):
-        out = '%s: %s ' % (self.model, self.field)
+        out = '%s: %s: %s ' % (self.action, self.model, self.field)
         if not self.new_value:
 #            out += ugettext('removed')
             out += '%s' % self.old_value
diff --git a/vinny/static/vinny/js/gadmin.js b/vinny/static/vinny/js/gadmin.js
index 9372e79..5818396 100644
--- a/vinny/static/vinny/js/gadmin.js
+++ b/vinny/static/vinny/js/gadmin.js
@@ -167,6 +167,18 @@ $(document).ready(function() {
     });
 
 
+    $(document).on("click", ".modemail", function(event) {
+        var url = $(this).attr("href");
+        event.preventDefault();
+        $.ajax({
+            url: url,
+            success: function(data) {
+                modal.html(data).foundation('open');
+            },
+        });
+    });
+    
+
     $(document).on("submit", "#genservice", function(event) {
 	event.preventDefault();
 	var url = $(this).attr("action");
diff --git a/vinny/static/vinny/js/vinny.js b/vinny/static/vinny/js/vinny.js
index 81751fc..29cd63b 100644
--- a/vinny/static/vinny/js/vinny.js
+++ b/vinny/static/vinny/js/vinny.js
@@ -280,7 +280,7 @@ $(document).ready(function() {
 
 
     $(document).on('click', '.reply-to-post', function() {
-	var post = $(this).parent().prev().prev().find('.post_author');
+	var post = $(this).parent().parent().parent().find('.post_author');
 	var lines = post.text().trim(); /*.split('\n');*/
 	var post_id = $(this).attr("post_id");
 	/*$("#post_reply").slideToggle( "slow", function() {});*/
diff --git a/vinny/static/vinny/js/vinny_dashboard.js b/vinny/static/vinny/js/vinny_dashboard.js
index 7b0cd64..d0245e1 100644
--- a/vinny/static/vinny/js/vinny_dashboard.js
+++ b/vinny/static/vinny/js/vinny_dashboard.js
@@ -42,7 +42,7 @@ function searchThreads(e, newpage) {
     }
 
     var url = $("#filter_threads").attr("href");
-    var owner = $("input[id^='id_owner_']:checked").val();
+    var owner = $("input[id^='id_owner_']:checked");
     $.ajax({
         url : url,
         type: "POST",
diff --git a/vinny/templates/vinny/admin.html b/vinny/templates/vinny/admin.html
index 26eea69..61620f3 100644
--- a/vinny/templates/vinny/admin.html
+++ b/vinny/templates/vinny/admin.html
@@ -54,13 +54,58 @@ <h2>User Management {% if vendor_name %}for {{ vendor_name }}{% endif %}</h2>
 <div class="row">
   <div class="large-12 medium-12 small-12 columns">
     <small>
-    <p>* Eligible users are emails that are associated with your account but have not yet created a VINCE account.</p>
+    <p>* Eligible users are emails that are associated with your organization but have not yet created a VINCE account.</p>
     <p>** Invited users are emails that were sent a VINCE invitation by a group admin.</p>
     <p><i class="fas fa-crown" title="Group Admin"></i> Group administrators are assigned by the VINCE coordinators or another group administator. <br/>Group administrators have access to <b>all</b> cases that the organization is involved in. Please <a href="{% url 'vinny:sendmsg' 4 %}">contact the VINCE coordination team</a> for questions about group administrators.</p>
     </small>
   </div>
 </div>
-
+<div class="app-top-panel">
+  <div class="row">
+    <div class="large-12 columns">
+      <h2>Notification Emails</h2>
+    </div>
+  </div>
+</div>
+<div class="row">
+  <div class="large-12 columns">
+    <p>Notification emails are contact email addresses associated with your organization that are not owned by one particular person or user.  They are typically mailing list or team email addresses and/or listed as your contact information on public facing websites. Contact information marked as public will be visible to other VINCE users in case discussions. You can add/remove/edit notification emails on the <a href="{% url 'vinny:contact' object.id %}"> Contact Information page</a>. Notification emails are used strictly for receiving notifications concerning new cases or VINCE.</p>
+  </div>
+</div>
+<div class="row">
+  <div class="large-8 small-12 medium-8 columns">
+    <table class="hover usermgmt">
+      <thead>
+	<tr>
+	  <th>Email</th>
+	  <th>Email Notifications</th>
+	  <th>Public</th>
+	</tr>
+      </thead>
+      <tbody>
+	{% for email in notification_emails %}
+	<tr>
+	  <td>
+	    {{ email.email }}
+	  </td>
+	  <td>
+	    {% if email.email_function in "TO,CC" %}
+	    Enabled <a href="{% url 'vinny:changeemail' object.id 'email' email.id %}" class="modemail"><i class="fas fa-edit" title="Disable"></i></a>{% else %}Disabled <a href="{% url 'vinny:changeemail' object.id 'email' email.id %}" class="modemail"><i class="fas fa-edit" title="Enable"></i></a>{% endif %}</td>
+	  <td>
+	    {% if email.public %} YES {% else %} NO {% endif %}
+	  </td>
+	</tr>
+	{% empty %}
+	<tr>
+	  <td colspan="3"><a href="{% url 'vinny:contact' object.id %}">Add a Notification Email</a></td>
+	</tr>
+	{% endfor %}
+      </tbody>
+    </table>
+  </div>
+  <div class="large-4 columns small-12 medium-4">
+  </div>
+</div>
 <div class="app-top-panel">
   <div class="row">
     <div class="large-12 columns">
diff --git a/vinny/templates/vinny/admin_users.html b/vinny/templates/vinny/admin_users.html
index 12bc6eb..6478bd6 100644
--- a/vinny/templates/vinny/admin_users.html
+++ b/vinny/templates/vinny/admin_users.html
@@ -8,6 +8,7 @@
 	<th> Access </th>
 	<th> Date Joined </th>
 	<th> Last Login </th>
+	<th> Notifications</th>
 	<th> Actions </th>
       </tr>
     </thead>
@@ -18,6 +19,7 @@
 	<td>{% if u|groupadmin:object.id %} admin - all cases {% elif groupcontact.default_access %} user - all cases {% else %} {% if admin %}<a href="{% url 'vinny:caseaccess' object.id u.id %}" class="caseaccess">user - select</a>{% else %} user {% endif %} {% with my_cases=caseaccess|case_access:u.id %}<span class="needtip" title="This user has access to the following cases:<br/> {% for c in my_cases %}{{ CASE_ID }}{{ c }}<br/> {% endfor %}"> ({{ my_cases|length }} cases)</span> {% endwith %}{% endif %}</td>
 	<td>{{ u.date_joined|date:"Y-m-d" }}</td>
 	<td>{{ u.last_login|date:"Y-m-d, G:i" }}</td>
+	<td>{% if u|notify_emails:object.id %}Enabled <a href="{% url 'vinny:changeemail' object.id 'user' u.id %}" class="modemail"><i class="fas fa-edit" title="Disable"></i></a>{% else %}Disabled <a href="{% url 'vinny:changeemail' object.id 'user' u.id %}" class="modemail"><i class="fas fa-edit" title="Enable"></i></a>{% endif %}</td>
 	{% if admin %}
 	<td> {% if user == u %}<i class="fas fa-trash-alt" title="You can't remove yourself" aria-hidden="true"></i>{% else %}<a href="{% url 'vinny:rmuser' object.id 'user' u.id %}" class="rmuser"><i class="fas fa-trash-alt" aria-hidden="true" title="Remove user from group"></i></a>
 	  {% if u|groupadmin:object.id %}
@@ -38,6 +40,7 @@
         <td><i>Eligible*</i></td>
         <td></td>
         <td></td>
+	<td>{% if u|notify_emails:object.id %}Enabled <a href="{% url 'vinny:changeemail' object.id 'email' u.id %}" class="modemail"><i class="fas fa-edit" title="Disable"></i></a>{% else %}Disabled <a href="{% url 'vinny:changeemail' object.id 'user' u.id %}" class="modemail"><i class="fas fa-edit" title="Enable"></i></a>{% endif %}</td>
         {% if user.username != u.email %}
         <td> <a href="{% url 'vinny:rmuser' object.id 'contact' u.id %}" class="rmuser"><i class="fas fa-trash-alt" aria-hidden="true"></i></a>
 	</td>
@@ -52,6 +55,7 @@
         <td><i>Invited**</i></td>
         <td></td>
         <td></td>
+	<td>{% if u|notify_emails:object.id %}Enabled <a class="modemail" href="{% url 'vinny:changeemail' object.id 'email' u.id %}"><i class="fas fa-edit" title="Disable"></i></a>{% else %}Disabled <a class="modemail" href="{% url 'vinny:changeemail' object.id 'email' u.id %}"><i class="fas fa-edit" title="Enable"></i></a>{% endif %}</td>
         {% if user.username != u.email %}
         <td> <a href="{% url 'vinny:rmuser' object.id 'contact' u.id %}" class="rmuser"><i class="fas fa-trash-alt" aria-hidden="true"></i></a></td>
         {% else %}
diff --git a/vinny/templates/vinny/confirm_email_change.html b/vinny/templates/vinny/confirm_email_change.html
new file mode 100644
index 0000000..956e26f
--- /dev/null
+++ b/vinny/templates/vinny/confirm_email_change.html
@@ -0,0 +1,28 @@
+{% load i18n %}
+{%  block content %}
+<div class="fullmodal">
+  <div class="modal-content">
+    <div class="modal-header">
+      <h5 class="modal-title">Modify Email</h5>
+    </div>
+    <div class="modal-body">
+      <p>{% if enable %}
+	Are you sure you want to enable email notifications?  By enabling, this email will receive all new case notifications and other important VINCE information.
+	{% elif disable %}
+	Are you sure you want to disable email notifications? By disabling email notifications, this user will not be notified of new cases and VINCE will automatically mute case notifications. You can unmute specific case notifications in each individual case discussion.
+	{% endif %}
+	
+    </div>
+    <div class="modal-footer text-right">
+      <form action="{{ post_url }}" method="POST">
+        {% csrf_token %}
+        <a href="#" class="hollow button" data-close type="cancel">Cancel</a>
+        <button class="alert button">Confirm</button>
+      </form>
+    </div>
+  </div>
+  <button class="close-button" data-close aria-label="Close modal" type="button">
+    <span aria-hidden="true">&times;</span>
+  </button>
+
+{% endblock %}
diff --git a/vinny/templates/vinny/dashboard.html b/vinny/templates/vinny/dashboard.html
index 90d4699..2dec89d 100644
--- a/vinny/templates/vinny/dashboard.html
+++ b/vinny/templates/vinny/dashboard.html
@@ -19,19 +19,12 @@ <h2>Dashboard</h2>
   </div>
 </div>
 
-<div class="row">
-  <div class="large-12 columns">
-    {% for message in messages %}
-    <div class="callout {{ message.tags }}">{{ message }}</div>
-    {% endfor %}
-  </div>
-</div>
-
-
+<form id="searchform" enctype="multipart/form-data" method="post" action="{% url 'vinny:dashboardfilter' %}">
+  {% csrf_token %}
 <div class="row">
   <div class="large-5 medium-5 small-8 columns">
     <div class="input-group">
-      <input class="input-group-field form-control" type="text" placeholder="Filter active cases" id="filter_threads" href="{% url 'vinny:dashboardfilter' %}">
+      <input class="input-group-field form-control" type="text" name="keyword" placeholder="Filter active cases" id="filter_threads">
       <div class="input-group-button">
 	<button type="submit" class="button"><i class="fas fa-search"></i></button>
       </div>
@@ -40,7 +33,6 @@ <h2>Dashboard</h2>
   <div class="large-3 columns medium-4 small-4">
     {% if user.vinceprofile.is_track %}
     <div class="dropdown-pane" id="role-dropdown" data-dropdown data-hover="true" data-hover-pane="true">
-      <form>
 	<div class="row column">
 	  <div class="form-check border-bottom mb-2 pb-2">
 	    <input id="filter_by_dropdown_select_all_0" type="checkbox" class="form-check-input">
@@ -48,7 +40,6 @@ <h2>Dashboard</h2>
 	  </div>
 	  {% render_field form.owner class="form_check_input" %}
 	</div>
-      </form>
     </div>
     <div class="filter-by-dropdown">
       <button type="button" class="filter-by-dropdown__toggle-button" data-toggle="role-dropdown">
@@ -60,17 +51,25 @@ <h2>Dashboard</h2>
   </div>
   <div class="large-4 medium-3 columns"><input type="hidden" name="page" id="id_page" value="1"></div>
 </div>
+</form>
 
 {% if cases %}
 {% if num_new_cases %}
 <div class="row">
   <div class="large-10 columns">
-    <div class="callout success">Welcome to VINCE! You have <b>{{ num_new_cases }}</b> new {% if num_new_cases > 1 %}cases{% else %}case{% endif %} to view.</div>
+    <div class="callout success">Welcome to VINCE! You have <b>{{ num_new_cases }}</b> new {% if num_new_cases > 1 %}cases{% else %}case{% endif %}{% if new_posts %} and {{ new_posts }} unread {% if new_posts > 1 %}posts{% else %}post{% endif %} in {{ unseen_cases|length }} {% if unseen_cases|length > 1 %}cases{% else %}case{% endif %}{% endif %}.
+    </div>
+  </div>
+  <div class="large-2 columns"></div>
+</div>
+{% elif new_posts %}
+<div class="row">
+  <div class="large-10 columns">
+    <div class="callout success">Welcome back to VINCE! You have {{ new_posts }} new {% if new_posts > 1 %}posts{% else %}post{% endif %} in {{ unseen_cases|length }} {% if unseen_cases|length > 1 %}cases{% else %}case{% endif %}.</div>
   </div>
   <div class="large-2 columns"></div>
 </div>
 {% endif %}
-
 <div class="row">
   <div class="large-12 columns">
     <div id="casecontainer">
diff --git a/vinny/templates/vinny/editcontact.html b/vinny/templates/vinny/editcontact.html
index 1fd8d32..05b5441 100644
--- a/vinny/templates/vinny/editcontact.html
+++ b/vinny/templates/vinny/editcontact.html
@@ -40,6 +40,12 @@ <h2>Edit My Contact Info</h2>
 </div>
 
 
+<div class="row">
+  <div class="large-12 columns">
+    <p><small><i>Contact information marked as public will be visible to other VINCE users in case discussions.</i></small></p>
+  </div>
+</div>
+
 
 <form method="post" enctype="multipart/form-data" action="{% url 'vinny:addlogo' contact.id %}" id="addlogo">
   {% csrf_token %}
diff --git a/vinny/templates/vinny/include/cases.html b/vinny/templates/vinny/include/cases.html
index d3a910d..1468f82 100644
--- a/vinny/templates/vinny/include/cases.html
+++ b/vinny/templates/vinny/include/cases.html
@@ -7,30 +7,31 @@
 <div class="resultCount"> {{ paginator.count }} Results </div>
 {% endif %}
 
-{% if dashboard %}
+{% if dashboard and cases %}
 <div class="case-category">  
-  {% if cases|open|length %}
   <h3> Your active cases</h3>
   <ul class="case-list">
-    {% for case in cases|open %}
-    {% include 'vinny/include/dash_case.html' with case=case %}
+    {% for case in cases %}
+    {% if case.note.datefirstpublished %}{% else %}
+    {% include 'vinny/include/dash_case.html' with case=case unseen_cases=unseen_cases %} {% endif %}
     {% endfor %}
   </ul>
-  {% endif %}
 </div>
 <div class="case-category">
-  {% if cases|published|length %}
+  {% if num_published %}
   <h3> Your active published cases</h3>
   <ul class="case-list">
-    {% for case in cases|published %}
-    {% include 'vinny/include/dash_case.html' with case=case %}
+    {% for case in cases %}
+    {% if case.note.datefirstpublished %}
+    {% include 'vinny/include/dash_case.html' with case=case unseen_cases=unseen_cases %}
+    {% endif %}
     {% endfor %}
   </ul>
   {% endif %}
 </div>
 {% else %}
 {% for case in cases %}
-{% include 'vinny/include/dash_case.html' with case=case %}
+{% include 'vinny/include/dash_case.html' with case=case unseen_cases=unseen_cases %}
 {% empty %}
 <h4>No cases matched your filter criteria</h4>
 {% endfor %}
diff --git a/vinny/templates/vinny/include/dash_case.html b/vinny/templates/vinny/include/dash_case.html
index dd43ce6..690c653 100644
--- a/vinny/templates/vinny/include/dash_case.html
+++ b/vinny/templates/vinny/include/dash_case.html
@@ -1,4 +1,5 @@
-<li class="case-list-item">
+<li class="case-list-item {% if case.id in unseen_cases %}unseen{% endif %}">
+
   <div class="row case-row">
   </div>
   <div class="row case-row">
@@ -41,7 +42,7 @@
 	<div class="large-6 medium-6 columns"></div>
 	<div class="large-6 medium-6 columns">
 	  
-	  <div class="case-comments"><i class="fas fa-comments"></i> {{ case.post_set.count }} posts</div>
+	  <div class="case-comments"><i class="fas fa-comments"></i> {{ case.post_set.count }} posts{% if case.id in unseen_cases %}<span class="goodtext">&nbsp;&nbsp;New!</span>{% endif %}</div>
 	</div>
       </div>
       <div class="row">
@@ -58,7 +59,7 @@
 	<div class="large-6 medium-6 columns">
 	  <div class="last-reply">
             <div class="case-last-poster">{{ last_post.author.vinceprofile.vince_username }}</div>
-            <div class="case-last-reply">{{ last_post.modified|timesince }} ago</div>
+            <div class="case-last-reply">{{ last_post.modified|timesince }} ago.</div>
 	    {% endwith %}	    
 	  </div>
 	</div>
diff --git a/vinny/templates/vinny/post.html b/vinny/templates/vinny/post.html
index ccb0f70..bce419e 100644
--- a/vinny/templates/vinny/post.html
+++ b/vinny/templates/vinny/post.html
@@ -44,10 +44,20 @@
 	<br/><a href="#pinthispost" title="Pin this post" class="pin-post" item="{{post.id}}"><i class="fas fa-thumbtack remove-icon" aria-hidden="true"></i> Pin this post </a>{% endif %}
 	{% endif %}
       </div>
+      {% if post.author != user %}
+      <div class="text-right reply-button">
+	<button post_id="{{ post.id }}" class="reply-to-post button tiny primary {% if post.pinned or replypinned %}pinned{% endif %}">Reply</button>
+      </div>
+      {% endif %}      
     </div>
     {% else %}
     <div class="tester medium-1 large-1 columns hide-for-small-only">
-       {% if last_viewed %}{% if post.author == user %}{% else %}{% if post.created > last_viewed %}<span class="unseenpost">New!</span>{% endif %}{% endif %}{% endif %}
+      {% if last_viewed %}{% if post.author == user %}{% else %}{% if post.created > last_viewed %}<span class="unseenpost">New!</span>{% endif %}{% endif %}{% endif %}
+      {% if post.author != user %}
+      <div class="text-right reply-button">
+	<button post_id="{{ post.id }}" class="reply-to-post button tiny primary {% if post.pinned or replypinned %}pinned{% endif %}">Reply</button>
+      </div>
+      {% endif %}      
     </div>
     {% endif %}
   </div>
@@ -61,11 +71,6 @@
       </div>
     </div>
   </div>
-  {% if post.author != user %}
-  <div class="row column text-right reply-button">
-    <button post_id="{{ post.id }}" class="reply-to-post button tiny primary {% if post.pinned or replypinned %}pinned{% endif %}">Reply</button>
-  </div>
-  {% endif %}
   {% if post.num_replies > 0 %}
   <div class="row column text-right">
     <div class="post_reply_count loadreply"> <i class="far fa-comment-dots"></i> {{ post.num_replies }} replies <i class="fas fa-caret-down"></i></div>
diff --git a/vinny/templates/vinny/searchresults.html b/vinny/templates/vinny/searchresults.html
index a5ff6a7..fe82ef8 100644
--- a/vinny/templates/vinny/searchresults.html
+++ b/vinny/templates/vinny/searchresults.html
@@ -18,10 +18,7 @@ <h4>
         <a href="{% url 'vinny:case' ticket.id %}">
 	  {{ ticket.get_title }} </a> {% autoescape off %}{{ ticket.get_status_html }}{% endautoescape %}
       </h4>
-      <h6> Last updated {{ ticket.modified|naturaltime }}</h6>
-      {% if note.dateupdated != note.datefirstpublished %}
-      <span class="updated-date">Updated {{ note.dateupdated|date:"F d, Y" }}</span>
-      {% endif %}
+      <h6> Last updated {% if ticket.last_post_date %}{{ ticket.last_post_date|naturaltime }}{% else %}{{ ticket.modified|naturaltime }}{% endif %}</h6>
     </div>
     {% endfor %}
     
diff --git a/vinny/templatetags/user_tags.py b/vinny/templatetags/user_tags.py
index d28fe86..e8f9e02 100644
--- a/vinny/templatetags/user_tags.py
+++ b/vinny/templatetags/user_tags.py
@@ -53,3 +53,21 @@ def groupadmin(user, contact):
 def case_access(cases, user):
     cases = cases.filter(user=user).values_list('casemember__case__vuid', flat=True)
     return list(cases)
+
+
+@register.filter
+def notify_emails(user, contact):
+    try:
+        from vinny.models import VinceCommEmail
+    except ImportError:
+        if settings.DEBUG:
+            raise template.TemplateSyntaxError("Error in template tags: Can't load VinceCommEmail.")
+    email = VinceCommEmail.objects.filter(email=user.email, contact=contact).first()
+    if email:
+        if email.email_function in ["TO", "CC"]:
+            return True
+        else:
+            return False
+    return False
+    
+    
diff --git a/vinny/urls.py b/vinny/urls.py
index fd92735..08434b6 100644
--- a/vinny/urls.py
+++ b/vinny/urls.py
@@ -70,6 +70,7 @@
     re_path('^groupadmin/service/create/(?P<vendor_id>\d+)/$', views.CreateServiceAccountView.as_view(), name='createservice'),
     re_path('groupadmin/(?P<vendor_id>\d+)/adduser/', views.AdminAddUserView.as_view(), name='adduser'),
     re_path('^groupadmin/(?P<vendor_id>\d+)/rmuser/(?P<type>(contact|user))/(?P<uid>\d+)/$', views.AdminRemoveUser.as_view(), name='rmuser'),
+    re_path('^groupadmin/(?P<vendor_id>\d+)/email/modify/(?P<type>(email|user))/(?P<uid>\d+)/$', views.ModifyEmailNotifications.as_view(), name='changeemail'),
     path('inbox/', views.InboxView.as_view(), name='inbox'),
     re_path('^inbox/(?P<deleted>(sent))/$', views.InboxView.as_view(), name='inbox'),
     path('inbox/filter/', views.SearchThreadsView.as_view(), name='filterthreads'),
diff --git a/vinny/views.py b/vinny/views.py
index 1a8b372..edea7be 100644
--- a/vinny/views.py
+++ b/vinny/views.py
@@ -38,6 +38,7 @@
 from django.core.exceptions import ValidationError, PermissionDenied
 from django.utils.translation import ugettext as _
 from django.utils import timezone
+from django.db.models import Case as DBCase
 import pytz
 import difflib
 import json
@@ -79,7 +80,7 @@
 import html
 import re
 from itertools import chain
-from django.db.models import Q
+from django.db.models import Q, OuterRef, Subquery, Max
 from botocore.exceptions import ClientError
 from botocore.client import Config
 
@@ -184,7 +185,7 @@ def _my_cases(user):
     return Case.objects.filter(id__in=my_cases)
 
 def _my_active_cases(user):
-    return _my_cases(user).filter(status=Case.ACTIVE_STATUS).order_by('-modified')
+    return _my_cases(user).filter(status=Case.ACTIVE_STATUS)
 
 
 def _my_reports(user):
@@ -239,8 +240,8 @@ def _my_group_id_for_case(user, case):
 
 
 def _my_contact_group(user):
-    admin_groups = VinceCommGroupAdmin.objects.filter(email__email=user.email).values_list('contact__id', flat=True)
-    groups = user.groups.filter(groupcontact__contact__vendor_type="Vendor", groupcontact__contact__in=admin_groups).exclude(groupcontact__isnull=True)
+    admin_groups = VinceCommGroupAdmin.objects.filter(email__email=user.email, contact__active=True).values_list('contact__id', flat=True)
+    groups = user.groups.filter(groupcontact__contact__vendor_type__in=["Vendor", "Coordinator"], groupcontact__contact__in=admin_groups).exclude(groupcontact__isnull=True)
     my_groups = []
     for ug in groups:
         my_groups.append(ug.groupcontact.contact)
@@ -612,7 +613,7 @@ def dispatch(self, request, *args, **kwargs):
     def get_context_data(self, **kwargs):
         context = super(DashboardView, self).get_context_data(**kwargs)
         context['unread_msg_count'] = _unread_msg_count(self.request.user)
-        context['dashboard']="yes"
+        context['dashboard'] = 'yes'
         if settings.DEBUG:
             context['devmode'] = True
 
@@ -632,25 +633,52 @@ def get_context_data(self, **kwargs):
             form = CaseRoleForm()
             form.fields['owner'].choices = [
                 (u.id, u.vinceprofile.vince_username) for u in assignable_users]
+
             context['form'] = form
-            context['cases'] = _my_active_cases(self.request.user)
+            my_cases = _my_active_cases(self.request.user)
+            cases = my_cases.annotate(last_post_date=Max('post__created')).exclude(last_post_date__isnull=True).order_by('-last_post_date')
+            cases_no_posts = my_cases.exclude(id__in=cases).order_by('-modified')
+            context['cases'] = chain(cases, cases_no_posts)
             context['pending'] =  VTCaseRequest.objects.filter(user=self.request.user, status=0).order_by('-date_submitted')
             return context
 
         last_login = self.request.session.get("LAST_LOGIN")
         my_cases = _get_my_cases(self.request.user)
-        cases = my_cases.order_by('-modified')
+        my_cases = my_cases.filter(status=Case.ACTIVE_STATUS)
+        #get posts in those cases
+        unseen_cases = []
+        context['new_posts'] = 0
+        # build tuple: case, last modified (first post, if no post, details)
+        cases = my_cases.annotate(last_post_date=Max('post__created')).exclude(last_post_date__isnull=True).order_by('-last_post_date')
+        context['num_published'] = my_cases.filter(note__datefirstpublished__isnull=False).count()
+        cases_no_posts = my_cases.exclude(id__in=cases).order_by('-modified')
+        context['cases'] = list(chain(cases, cases_no_posts))
+        context['num_new_cases'] = 0
+        
+        for case in my_cases:
+            logger.debug(case)
+            last_post = Post.objects.filter(case=case).order_by('-modified')
+            last_viewed = CaseViewed.objects.filter(user=self.request.user, case=case).first()
+            if last_post and last_viewed:
+                #is there a new post since last viewed?
+                posts = last_post.filter(created__gt=last_viewed.date_viewed)
+                if posts:
+                    unseen_cases.append(case.id)
+                    context['new_posts'] += posts.count()
+            elif last_viewed == None and last_login != "New":
+                #this user hasn't viewed this case yet
+                context['num_new_cases'] += 1
+                context['new_posts'] += last_post.count()
+                unseen_cases.append(case.id)
+                
+        context['unseen_cases'] = unseen_cases
         if last_login == "New":
-            context['num_new_cases'] = len(cases)
+            context['num_new_cases'] = len(my_cases)
             context['new_user'] = True
         elif last_login:
             context['last_login'] = parse(last_login)
-            viewed_cases = CaseViewed.objects.filter(user=self.request.user).values_list('case__id', flat=True)
-            context['num_new_cases'] = my_cases.filter(created__gte=context['last_login']).exclude(id__in=viewed_cases).count()
             
-        context['total_cases'] = len(cases)
         context['pending'] =  VTCaseRequest.objects.filter(user=self.request.user, status=0).order_by('-date_submitted')
-        context['cases'] = cases.filter(status=Case.ACTIVE_STATUS)
         return context
 
 
@@ -1092,7 +1120,7 @@ class AdminView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.Tem
     login_url = "vinny:login"
 
     def test_func(self):
-        ga_groups = VinceCommGroupAdmin.objects.filter(email__email=self.request.user.email)
+        ga_groups = VinceCommGroupAdmin.objects.filter(email__email=self.request.user.email, contact__vendor_type__in=["Coordinator", "Vendor"], contact__active=True)
         if len(ga_groups) > 0:
             if self.kwargs.get('vendor_id'):
                 admin = VinceCommGroupAdmin.objects.filter(contact__id=self.kwargs.get('vendor_id'), email__email=self.request.user.email).first()
@@ -1105,7 +1133,7 @@ def dispatch(self, request, *args, **kwargs):
             return super().dispatch(request, *args, **kwargs)
         
         if is_in_group_vincegroupadmin(self.request.user):
-            ga_groups = VinceCommGroupAdmin.objects.filter(email__email=self.request.user.email)
+            ga_groups = VinceCommGroupAdmin.objects.filter(email__email=self.request.user.email, contact__vendor_type__in=["Coordinator", "Vendor"], contact__active=True)
             if len(ga_groups) > 1:
                 return redirect("vinny:multiple_admins")
         return super().dispatch(request, *args, **kwargs)
@@ -1122,6 +1150,7 @@ def get_context_data(self, **kwargs):
                 context['users'] = _users_in_group(admin.contact)
                 context['object'] = admin.contact
                 context['vendor_name'] = admin.contact.vendor_name
+                context['notification_emails'] = VinceCommEmail.objects.filter(contact=context['object'], email_list=True)
                 if context['users']:
                     emaillist = context['users'].values_list('username', flat=True)
                     context['invited_users'] = VinceCommEmail.objects.filter(invited=True, contact=context['object']).exclude(email__in=emaillist)
@@ -1135,23 +1164,27 @@ def get_context_data(self, **kwargs):
                 context['groupcontact'] = GroupContact.objects.filter(contact__id=self.kwargs.get('vendor_id')).first()
                 cases = _cases_for_group(Group.objects.filter(groupcontact=context['groupcontact']).first())
                 context['caseaccess'] = CaseMemberUserAccess.objects.filter(casemember__case__in=cases)
-                context['users'] = _users_in_group(context['groupcontact'].contact)
-                context['object'] = context['groupcontact'].contact
-                context['vendor_name'] = context['object'].vendor_name
-                if context['users']:
-                    emaillist = context['users'].values_list('username', flat=True)
-                    context['invited_users'] = VinceCommEmail.objects.filter(invited=True, contact=context['object']).exclude(email__in=emaillist)
-                    context['eligible_users'] = VinceCommEmail.objects.filter(invited=False, contact=context['object'],email_list=False, status=True).exclude(email__in=emaillist)
-                    #get service account        
-                    context['service'] = User.objects.filter(groups__in=[context['groupcontact'].group], vinceprofile__service=True).first()
+                if context['groupcontact']:
+                    context['users'] = _users_in_group(context['groupcontact'].contact)
+                    context['object'] = context['groupcontact'].contact
+                    
+                    context['vendor_name'] = context['object'].vendor_name
+                    context['notification_emails'] = VinceCommEmail.objects.filter(contact=context['object'], email_list=True)
+                    if context['users']:
+                        emaillist = context['users'].values_list('username', flat=True)
+                        context['invited_users'] = VinceCommEmail.objects.filter(invited=True, contact=context['object']).exclude(email__in=emaillist)
+                        context['eligible_users'] = VinceCommEmail.objects.filter(invited=False, contact=context['object'],email_list=False, status=True).exclude(email__in=emaillist)
+                        #get service account        
+                        context['service'] = User.objects.filter(groups__in=[context['groupcontact'].group], vinceprofile__service=True).first()
             
         elif is_in_group_vincegroupadmin(self.request.user):
-            ga_group = VinceCommGroupAdmin.objects.filter(email__email=self.request.user.username).first()
+            ga_group = VinceCommGroupAdmin.objects.filter(email__email=self.request.user.username, contact__vendor_type__in=["Coordinator", "Vendor"], contact__active=True).first()
             if ga_group:
                 context['admin'] = True
                 context['users'] = _users_in_group(ga_group.contact)
                 context['object'] = ga_group.contact
                 context['vendor_name'] = ga_group.contact.vendor_name
+                context['notification_emails'] = VinceCommEmail.objects.filter(contact=context['object'], email_list=True)
                 if context['users']:
                     emaillist = context['users'].values_list('username', flat=True)
                     context['invited_users'] = VinceCommEmail.objects.filter(invited=True, contact=context['object']).exclude(email__in=emaillist)
@@ -1292,7 +1325,9 @@ def post(self, request, *args, **kwargs):
         # check if email already exists
         old_email = VinceCommEmail.objects.filter(email__iexact=users, contact=my_group).first()
         if old_email:
-            if old_email.invited:
+            if old_email.email_list:
+                return JsonResponse({'response':'This email has already been added as notification-only email and cannot be used for user access.'}, status=200)
+            elif old_email.invited:
                 if old_user:
                     send_templated_mail("vincecomm_add_existing_user", context, [users])
                     return JsonResponse({'response': 'success'}, status=200)
@@ -1301,9 +1336,9 @@ def post(self, request, *args, **kwargs):
             else:
                 # send email
                 if old_user:
-                    # send a different email
-                    send_templated_mail("vincecomm_add_existing_user", context, [users])
+                    return JsonResponse({'response': 'User already exists.'}, status=200)
                 else:
+                    # actually send the invitation email to a user
                     send_templated_mail("vincecomm_add_user", context, [users])
                 old_email.invited=True
                 create_action("f{self.request.user.vinceprofile.vince_username} invited new user {users}", self.request.user)
@@ -1330,6 +1365,56 @@ def post(self, request, *args, **kwargs):
         return JsonResponse({'response': 'success'}, status=200)
 
 
+class ModifyEmailNotifications(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
+    login_url = "vinny:login"
+    template_name = "vinny/confirm_email_change.html"
+
+    def test_func(self):
+        if (is_in_group_vincegroupadmin(self.request.user) and PendingTestMixin.test_func(self)):
+            vendor_id = self.kwargs.get('vendor_id')
+            admin = VinceCommGroupAdmin.objects.filter(contact__id=vendor_id, email__email=self.request.user.email).first()
+            if admin:
+                return True
+        return False
+
+    def post(self, request, *args, **kwargs):
+        logger.debug(request.POST)
+        email = get_object_or_404(VinceCommEmail, id=self.kwargs.get('uid'))
+        if email.email_function in ["TO", "CC"]:
+            email.email_function = "EMAIL"
+            email.save()
+            change = contact_update.create_contact_change(email.contact, email.email, "email notifications", "Enabled", "Disabled", self.request.user)
+        else:
+            email.email_function = "TO"
+            email.save()
+            change = contact_update.create_contact_change(email.contact, email.email, "email notifications", "Disabled", "Enabled", self.request.user)
+
+        contact_update.send_ticket([change], email.contact, self.request.user)
+        messages.success(
+            self.request,
+            "Got it!  Your preferences have been saved!"
+        )
+        return redirect("vinny:admin", email.contact.id)
+
+    def get_context_data(self, **kwargs):
+        context = super(ModifyEmailNotifications, self).get_context_data(**kwargs)
+        context['unread_msg_count'] = _unread_msg_count(self.request.user)
+        context['adminpage']=1
+        context['type'] = self.kwargs.get('type')
+        if self.kwargs.get('type') == "user":
+            context['user'] = get_object_or_404(User, id=self.kwargs.get('uid'))
+            context['email'] = VinceCommEmail.objects.filter(email=context['user'].email, contact=self.kwargs.get('vendor_id')).first()
+        elif self.kwargs.get('type') == 'email':
+            context['email'] = get_object_or_404(VinceCommEmail, id=self.kwargs.get('uid'))
+
+        if context['email'].email_function in ["TO", "CC"]:
+            context['disable'] = 1
+        else:
+            context['enable'] = 1
+            
+        context['post_url'] = reverse("vinny:changeemail", args=[self.kwargs.get('vendor_id'), 'email', context['email'].id])
+        return context    
+
 class MultipleStatusView(LoginRequiredMixin, TokenMixin, UserPassesTestMixin, generic.TemplateView):
     template_name = "vinny/multi_status.html"
     login_url = "vinny:login"
@@ -1389,7 +1474,7 @@ def test_func(self):
     def get_context_data(self, **kwargs):
         context = super(MultipleGroupAdminView, self).get_context_data(**kwargs)
         context['unread_msg_count'] = _unread_msg_count(self.request.user)
-        context['groups'] = VinceCommGroupAdmin.objects.filter(email__email=self.request.user)
+        context['groups'] = VinceCommGroupAdmin.objects.filter(email__email=self.request.user, contact__vendor_type__in=["Coordinator", "Vendor"], contact__active=True)
         
         context['adminview']=1
         return context
@@ -1603,14 +1688,15 @@ def post(self, request, *args, **kwargs):
             coordinators = CaseCoordinator.objects.filter(assigned__id__in=owner_list).values_list('case', flat=True)
             res = res.filter(id__in=coordinators)
         
-        if self.request.POST['keyword'] != '':
-            wordSearch = process_query(self.request.POST['keyword'])
-            res = res.extra(where=["search_vector @@ (to_tsquery('english', %s))=true"],params=[wordSearch])
-            #search posts
-            post_result = PostRevision.objects.filter(post__case__in=my_cases).extra(where=["search_vector @@ (to_tsquery('english', %s))=true"], params=[wordSearch]).values_list('post__case', flat=True)
-            if post_result:
-                extra_cases = Case.objects.filter(id__in=post_result).exclude(id__in=res)
-                res = list(chain(res, extra_cases))
+        if self.request.POST.get('keyword'):
+            if self.request.POST['keyword'] != "":
+                wordSearch = process_query(self.request.POST['keyword'])
+                res = res.extra(where=["search_vector @@ (to_tsquery('english', %s))=true"],params=[wordSearch])
+                #search posts
+                post_result = PostRevision.objects.filter(post__case__in=my_cases).extra(where=["search_vector @@ (to_tsquery('english', %s))=true"], params=[wordSearch]).values_list('post__case', flat=True)
+                if post_result:
+                    extra_cases = Case.objects.filter(id__in=post_result).exclude(id__in=res)
+                    res = list(chain(res, extra_cases))
 
         paginator = Paginator(res, 10)
         return render(request, self.template_name, {'cases': paginator.page(page), 'total': len(res)})
@@ -3044,14 +3130,21 @@ def get_queryset(self):
         if cognito_admin_user(self.request):
             return Case.objects.all().order_by('-modified')
         my_cases = _get_my_cases(self.request.user)
-        return my_cases.order_by('-modified')
-
+        my_cases = my_cases.annotate(last_post_date=Max('post__created')).order_by('-last_post_date')
+        # sort by posts/no posts                                            
+        cp = my_cases.exclude(last_post_date__isnull=True)
+        cnop= my_cases.exclude(last_post_date__isnull=False)
+        res = list(chain(cp, cnop))
+        return res
+                                 
+    
     def post(self, request, *args, **kwargs):
         logger.debug(f"{self.__class__.__name__} post: {self.request.POST}")
         if cognito_admin_user(self.request):
-            res = Case.objects.all().order_by('-modified')
+            res = Case.objects.all().annotate(last_post_date=Max('post__created')).order_by('-last_post_date')
         else:
-            res = self.get_queryset()
+            res = _get_my_cases(self.request.user)
+            res = res.annotate(last_post_date=Max('post__created')).order_by('-last_post_date')
 
         my_cases = res
         page = self.request.POST.get('page', 1)
@@ -3080,6 +3173,16 @@ def post(self, request, *args, **kwargs):
                 if post_result:
                     extra_cases = Case.objects.filter(id__in=post_result).exclude(id__in=res)
                     res = list(chain(res, extra_cases))
+            else:
+                # sort by posts/no posts
+                cp = res.exclude(last_post_date__isnull=True)
+                cnop=res.exclude(last_post_date__isnull=False)
+                res = list(chain(cp, cnop))
+        else:
+            # sort by posts/no posts
+            cp = res.exclude(last_post_date__isnull=True)
+            cnop=res.exclude(last_post_date__isnull=False)            
+            res = list(chain(cp, cnop))
 
         paginator = Paginator(res, 10)