--- loncom/auth/lonroles.pm	2008/01/26 21:12:32	1.182
+++ loncom/auth/lonroles.pm	2008/03/12 02:47:34	1.186
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.182 2008/01/26 21:12:32 www Exp $
+# $Id: lonroles.pm,v 1.186 2008/03/12 02:47:34 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -110,18 +110,23 @@ sub handler {
             $env{'form.'.$env{'form.newrole'}}=1;
 	}
 	if ($env{'request.course.id'}) {
+            # Check if user is CC trying to select a course role
+            if ($env{'form.switchrole'}) {
+                if (!defined($env{'user.role.'.$env{'form.switchrole'}})) {
+                    &adhoc_course_role($then);
+                }
+            }
 	    my %temp=('logout_'.$env{'request.course.id'} => time);
 	    &Apache::lonnet::put('email_status',\%temp);
 	    &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});
 	}
-	&Apache::lonnet::appenv("request.course.id"   => '',
-				"request.course.fn"   => '',
-				"request.course.uri"  => '',
-				"request.course.sec"  => '',
-				"request.role"        => 'cm',
-                                "request.role.adv"    => $env{'user.adv'},
-				"request.role.domain" => $env{'user.domain'});
-
+	&Apache::lonnet::appenv({"request.course.id"   => '',
+			 	 "request.course.fn"   => '',
+				 "request.course.uri"  => '',
+				 "request.course.sec"  => '',
+				 "request.role"        => 'cm',
+                                 "request.role.adv"    => $env{'user.adv'},
+				 "request.role.domain" => $env{'user.domain'}});
 # Check if user is a DC trying to enter a course or author space and needs privs to be created
         if ($numdc > 0) {
             foreach my $envkey (keys %env) {
@@ -134,10 +139,12 @@ sub handler {
                     last;
                 }
 # Is this a recent ad-hoc CA-role?
-                if (my ($domain,$coursenum) =
-		    ($envkey =~ m-^form\.ca\./($match_domain)/($match_courseid)$-)) {
-                    if ($dcroles{$domain}) {
-                        &check_privs($domain,$coursenum,$then,$now,'ca');
+                if (my ($domain,$user) =
+		    ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
+                    if (($dcroles{$domain}) && (&is_author_homeserver($user,$domain))) {
+                        &check_privs($domain,$user,$then,$now,'ca');
+                    } else {
+                        delete($env{$envkey});
                     }
                     last;
                 }
@@ -147,7 +154,7 @@ sub handler {
                     if ($dcroles{$domain}) {
                         my $user=$env{'form.adhoccauname.'.$domain};
                         if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} };
-                        if (($user) && ($user=~/$match_username/)) { 
+                        if (($user) && ($user=~/$match_username/) && (&is_author_homeserver($user,$domain))) { 
                            &check_privs($domain,$user,$then,$now,'ca');
                            $env{'form.ca./'.$domain.'/'.$user}=1;
 		       }
@@ -267,10 +274,10 @@ ENDENTERKEY
 					 "Role ".$trolecode);
 		    
 		    &Apache::lonnet::appenv(
-					   'request.role'        => $trolecode,
-					   'request.role.domain' => $cdom,
-					   'request.course.sec'  => $csec,
-                                           'request.course.groups' => $cgrps);
+					   {'request.role'        => $trolecode,
+					    'request.role.domain' => $cdom,
+					    'request.course.sec'  => $csec,
+                                            'request.course.groups' => $cgrps});
                     my $tadv=0;
 
 		    if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
@@ -281,7 +288,7 @@ ENDENTERKEY
 			    ($env{'form.orgurl'}!~/^\/adm\/flip/)) {
 			    my $dest=$env{'form.orgurl'};
 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
-			    &Apache::lonnet::appenv('request.role.adv'=>$tadv);
+			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
                             if (($ferr) && ($tadv)) {
 				&error_page($r,$ferr,$dest);
 			    } else {
@@ -291,7 +298,7 @@ ENDENTERKEY
 			} else {
 			    if (!$env{'request.course.id'}) {
 				&Apache::lonnet::appenv(
-				      "request.course.id"  => $cdom.'_'.$cnum);
+				      {"request.course.id"  => $cdom.'_'.$cnum});
 				$furl='/adm/roles?tryagain=1';
 				$msg=
 				    '<h1><span class="LC_error">'.
@@ -300,7 +307,7 @@ ENDENTERKEY
 				    '</span></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr;
 			    }
 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
-			    &Apache::lonnet::appenv('request.role.adv'=>$tadv);
+			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
 
 			    if (($ferr) && ($tadv)) {
 				&error_page($r,$ferr,$furl);
@@ -317,6 +324,14 @@ ENDENTERKEY
 				    $furl = "/adm/helper/course.initialization.helper";
 				    # Send the user to the course they selected
 				} elsif ($env{'request.course.id'}) {
+                                    if ($env{'form.destinationurl'}) {
+                                        my $dest = $env{'form.destinationurl'};
+                                        &redirect_user($r,&mt('Entering [_1]',
+                                                      $env{'course.'.$courseid.'.description'}),
+                                               $dest,$msg,
+                                               $env{'environment.remotenavmap'});
+                                        return OK;
+                                    }
 				    if (&Apache::lonnet::allowed('whn',
 								 $env{'request.course.id'})
 					|| &Apache::lonnet::allowed('whn',
@@ -387,7 +402,7 @@ ENDENTERKEY
     my $start_page=&Apache::loncommon::start_page('User Roles');
     my $standby=&mt('Role selected. Please stand by.');
     $standby=~s/\n/\\n/g;
-    my $noscript='<span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will ba unavailable.').'</span><br />';
+    my $noscript='<span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will be unavailable.').'</span><br />';
 
     $r->print(<<ENDHEADER);
 $start_page
@@ -905,6 +920,20 @@ sub build_roletext {
     return $roletext;
 }
 
+sub is_author_homeserver {
+    my ($uname,$udom)=@_;
+    my $home = &Apache::lonnet::homeserver($uname,$udom);
+    my @ids=&Apache::lonnet::current_machine_ids();
+    foreach my $id (@ids) { 
+       if ($id eq $home) { 
+          if (-e "/home/".$uname."/public_html") {
+             return 1;
+          }
+       }
+    }
+    return 0;
+}
+
 sub check_privs {
     my ($cdom,$cnum,$then,$now,$checkrole) = @_;
     my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum; 
@@ -940,6 +969,69 @@ sub check_fordc {
     return $numdc;
 }
 
+sub adhoc_course_role {
+    my ($then) = @_; 
+    my ($cdom,$cnum);
+    my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+    my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+    if (&check_forcc($cdom,$cnum,$then)) {
+        my $setprivs;
+        if (!defined($env{'user.role.'.$env{'form.selectrole'}})) {
+            $setprivs = 1;
+        } else {
+            my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.selectrole'}});
+            if (($start && ($start>$then || $start == -1)) ||
+                ($end && $end<$then)) {
+                $setprivs = 1;
+            }
+        } 
+        if ($setprivs) {
+            if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)([\w/]*)\./\Q$cdom\E/\Q$cnum\E(/?\w*)$-) {
+                my $role = $1;
+                my $custom_role = $2;
+                my $usec = $3;
+                if ($role eq 'cr') {
+                    if ($custom_role =~ m-^$match_domain/$match_courseid/\w+$-) {
+                        $role .= $custom_role;
+                    } else {
+                        return;
+                    }
+                }
+                my (%userroles,%newrole,%newgroups);
+                my $area = '/'.$cdom.'/'.$cnum;
+                my $spec = $role.'.'.$area;
+                if ($usec ne '') {
+                    $spec .= '/'.$usec;
+                    $area .= '/'.$usec;
+                }
+                &Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,$area);
+                &Apache::lonnet::set_userprivs(\%userroles,\%newrole,%newgroups);
+                my $adhocstart = $then-1;
+                $userroles{'user.role.'.$spec} = $adhocstart.'.';
+                &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
+            }
+        }
+    }
+    return;
+}
+
+sub check_forcc {
+    my ($cdom,$cnum,$then) = @_;
+    my $is_cc;
+    if ($cdom ne '' && $cnum ne '') {
+        if (&Apache::lonnet::is_course($cdom,$cnum)) {
+            my $envkey = 'user.role.cc./'.$cdom.'/'.$cnum;
+            if (defined($env{$envkey})) {
+                $is_cc = 1;
+                my ($tstart,$tend)=split(/\./,$env{$envkey});
+                if ($tstart && $tstart>$then) { $is_cc = 0; }
+                if ($tend   && $tend  <$then) { $is_cc = 0; }
+            }
+        }
+    }
+    return $is_cc;
+}
+
 sub courselink {
     my ($dcdom,$rowtype,$selecttype) = @_;
     my $courseform=&Apache::loncommon::selectcourse_link
@@ -954,6 +1046,10 @@ sub courselink {
 }
 
 sub coursepick_jscript {
+    my %lt = &Apache::lonlocal::texthash(
+                  plsu => "Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.",
+                  youc => 'You can only use this screen to select courses in the current domain.',
+             );
     my $verify_script = <<"END";
 <script type="text/javascript">
 function verifyCoursePick(caller) {
@@ -969,11 +1065,11 @@ function verifyCoursePick(caller) {
             }
         }
         else {
-            alert("Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.");
+            alert("$lt{'plsu'}");
         }
     }
     else {
-        alert("You can only use this screen to select courses in the current domain")
+        alert("$lt{'youc'}")
     }
 }
 function getIndex(caller) {
@@ -1062,18 +1158,19 @@ sub set_privileges {
     my %ccrole = ();
     &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
     my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole);
-    &Apache::lonnet::appenv(%userroles);
+    &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
+
     &Apache::lonnet::log($env{'user.domain'},
                          $env{'user.name'},
                          $env{'user.home'},
                         "Role ".$role);
     &Apache::lonnet::appenv(
-                          'request.role'        => $spec,
+                          {'request.role'        => $spec,
                           'request.role.domain' => $dcdom,
-                          'request.course.sec'  => '');
+                          'request.course.sec'  => ''});
     my $tadv=0;
     if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
-    &Apache::lonnet::appenv('request.role.adv'    => $tadv);
+    &Apache::lonnet::appenv({'request.role.adv'    => $tadv});
 }
 
 sub courseloadpage {