--- loncom/auth/lonroles.pm	2016/10/27 22:53:48	1.269.2.28
+++ loncom/auth/lonroles.pm	2021/01/04 12:53:37	1.269.2.37.2.2
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.269.2.28 2016/10/27 22:53:48 raeburn Exp $
+# $Id: lonroles.pm,v 1.269.2.37.2.2 2021/01/04 12:53:37 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -209,7 +209,7 @@ sub handler {
     my $r = shift;
 
     # Check for critical messages and redirect if present.
-    my ($redirect,$url) = &Apache::loncommon::critical_redirect(300);
+    my ($redirect,$url) = &Apache::loncommon::critical_redirect(300,'roles');
     if ($redirect) {
         &Apache::loncommon::content_type($r,'text/html');
         $r->header_out(Location => $url);
@@ -260,8 +260,9 @@ sub handler {
 
     my $envkey;
     my %dcroles = ();
-    my %dhroles = ();
-    my ($numdc,$numdh,$numadhoc) = &check_for_adhoc(\%dcroles,\%dhroles,$update,$then);
+    my %helpdeskroles = (); 
+    my ($numdc,$numhelpdesk,$numadhoc) =
+        &check_for_adhoc(\%dcroles,\%helpdeskroles,$update,$then);
     my $loncaparev = $r->dir_config('lonVersion');
 
 # ================================================================== Roles Init
@@ -273,9 +274,9 @@ sub handler {
         my $custom_adhoc;
         if ($env{'form.newrole'}) {
             $env{'form.'.$env{'form.newrole'}}=1;
-# Check if this is a Domain Helpdesk role trying to enter a course
+# Check if this is a Domain Helpdesk or Domain Helpdesk Assistant role trying to enter a course
             if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/\w+\./\1/$match_courseid$}) {
-                if ($dhroles{$1}) {
+                if ($helpdeskroles{$1}) {
                     $custom_adhoc = 1;
                 }
             }
@@ -310,26 +311,25 @@ sub handler {
                                  "request.role.adv"            => $env{'user.adv'},
 				 "request.role.domain"         => $env{'user.domain'}});
 # Check if Domain Helpdesk role trying to enter a course needs privs to be created
-        if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)$}) {
+        if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)(?:/(\w+)|$)}) {
             my $cdom = $1;
             my $rolename = $2;
             my $cnum = $3;
+            my $sec = $4;
             if ($custom_adhoc) {
-                my %adhocroles = &Apache::lonnet::userenvironment($env{'user.domain'},$env{'user.name'},
-                                                                  'adhocroles.'.$cdom);
-                if (keys(%adhocroles)) {
-                    my @adhoc = split(',',$adhocroles{'adhocroles.'.$cdom});
-                    if (grep(/^\Q$rolename\E$/,@adhoc)) {
+                my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($cdom.'_'.$cnum,1);
+                if (ref($possroles) eq 'ARRAY') {
+                    if (grep(/^\Q$rolename\E$/,@{$possroles})) {
                         if (&Apache::lonnet::check_adhoc_privs($cdom,$cnum,$update,$refresh,$now,
-                                                               "cr/$cdom/$cdom".'-domainconfig/'.$rolename)) {
+                                                               "cr/$cdom/$cdom".'-domainconfig/'.$rolename,undef,$sec)) {
                             &Apache::lonnet::appenv({"environment.internal.$cdom.$cnum.cr/$cdom/$cdom".'-domainconfig/'."$rolename.adhoc" => time});
                         }
                     }
                 }
             }
-        } elsif (($numdc > 0) || ($numdh > 0)) {
+        } elsif (($numdc > 0) || ($numhelpdesk > 0)) {
 # Check if user is a DC trying to enter a course or author space and needs privs to be created
-# Check if user is a DH trying to enter a course and needs privs to be created
+# Check if user is a DH or DA trying to enter a course and needs privs to be created
             foreach my $envkey (keys(%env)) {
                 if ($numdc) {
 # Is this an ad-hoc Coordinator role?
@@ -399,24 +399,16 @@ sub handler {
                         last;
                     }
                 }
-                if ($numdh) {
+                if ($numhelpdesk) {
 # Is this an ad hoc custom role in a course/community?
-                    if (my ($domain,$rolename,$coursenum) = ($envkey =~ m{^form\.cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)$})) {
-                        if ($dhroles{$domain}) {
-                            my @adhoc;
-                            if ($env{'environment.adhocroles.'.$domain}) {
-                                @adhoc = split(',',$env{'environment.adhocroles.'.$domain});
-                            } else {
-                                my %adhocroles = &Apache::lonnet::userenvironment($env{'user.domain'},$env{'user.name'},
-                                                                                  'adhocroles.'.$domain);
-                                if (keys(%adhocroles)) {
-                                    @adhoc = split(',',$adhocroles{'adhocroles.'.$domain});
-                                }
-                            }
-                            if ((@adhoc > 0) && ($rolename ne '')) {
-                                if (grep(/^\Q$rolename\E$/,@adhoc)) {
+                    if (my ($domain,$rolename,$coursenum,$sec) = ($envkey =~ m{^form\.cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)(?:/(\w+)|$)})) {
+                        if ($helpdeskroles{$domain}) {
+                            my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($domain.'_'.$coursenum,1);
+                            if (ref($possroles) eq 'ARRAY') {
+                                if (grep(/^\Q$rolename\E$/,@{$possroles})) {
                                     if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,$update,$refresh,$now,
-                                                                           "cr/$domain/$domain".'-domainconfig/'.$rolename)) {
+                                                                           "cr/$domain/$domain".'-domainconfig/'.$rolename,
+                                                                           undef,$sec)) {
                                         &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.cr/$domain/$domain".
                                                                  '-domainconfig/'."$rolename.adhoc" => time});
                                     }
@@ -503,6 +495,7 @@ sub handler {
 				 my $end_page=&Apache::loncommon::end_page();
 				 my $buttontext=&mt('Enter Course');
 				 my $message=&mt('Successfully registered key');
+                                 my $ip = &Apache::lonnet::get_requestor_ip();
 				 my $assignresult=
 				     &Apache::lonnet::assign_access_key(
 						     $env{'form.newkey'},
@@ -511,7 +504,7 @@ sub handler {
                                                      $env{'user.domain'},
 						     $env{'user.name'},
                                                      &mt('Assigned from [_1] at [_2] for [_3]'
-                                                        ,$ENV{'REMOTE_ADDR'}
+                                                        ,$ip
                                                         ,&Apache::lonlocal::locallocaltime()
                                                         ,$trolecode)
                                                      );
@@ -570,7 +563,7 @@ ENDENTERKEY
 					 $env{'user.name'},
 					 $env{'user.home'},
 					 "Role ".$trolecode);
-		    
+
 		    &Apache::lonnet::appenv(
 					   {'request.role'        => $trolecode,
 					    'request.role.domain' => $cdom,
@@ -579,6 +572,15 @@ ENDENTERKEY
                     my $tadv=0;
 
 		    if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
+                        if ($role =~ m{^\Qcr/$cdom/$cdom\E\-domainconfig/(\w+)$}) {
+                            my $rolename = $1;
+                            my %domdef = &Apache::lonnet::get_domain_defaults($cdom);
+                            if (ref($domdef{'adhocroles'}) eq 'HASH') {
+                                if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
+                                    &Apache::lonnet::appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'}});
+                                }
+                            }
+                        }
                         my $msg;
                         my ($furl,$ferr)=
                             &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
@@ -589,6 +591,25 @@ ENDENTERKEY
                                     {$env{'user.name'}.':'.$env{'user.domain'}.
                                      ':'.$csec.':'.$role => $now},$cdom,$cnum);
                             }
+                            if (($env{"environment.internal.$cdom.$cnum.$role.adhoc"}) &&
+                                (&Apache::lonnet::allowed('vxc',$cdom.'_'.$cnum))) {
+                                my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'};
+                                my @coowners = split(/,/,$env{'course.'.$env{'request.course.id'}.'.internal.co-owners'});
+                                my %auaccess;
+                                foreach my $user ($owner,@coowners) {
+                                    my ($cpname,$cpdom) = split(/:/,$user);
+                                    my %auroles = &Apache::lonnet::get_my_roles($cpname,$cpdom,'userroles',undef,['au','ca','aa'],[$cdom]);
+                                    foreach my $key (keys(%auroles)) {
+                                        my ($auname,$audom,$aurole) = split(/:/,$key);
+                                        if ($aurole eq 'au') {
+                                            $auaccess{$cpname} = 1;
+                                        } else {
+                                            $auaccess{$auname} = 1;
+                                        }
+                                    }
+                                }
+                                &Apache::lonnet::appenv({'request.course.adhocsrcaccess' => join(',',sort(keys(%auaccess))) });
+                            }
                             my ($feeds,$syllabus_time);
                             &Apache::lonrss::advertisefeeds($cnum,$cdom,undef,\$feeds);
                             &Apache::lonnet::appenv({'request.course.feeds' => $feeds});
@@ -668,6 +689,17 @@ ENDENTERKEY
                                                     }
                                                 }
                                             }
+                                            if (($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?|\&)usehttp=1}) ||
+                                                ($dest =~ m{^\Q/adm/wrapper/ext/\E(?!https:)})) {
+                                                if ($ENV{'SERVER_PORT'} == 443) {
+                                                    unless (&Apache::lonnet::uses_sts()) {
+                                                        my $hostname = $r->hostname();
+                                                        if ($hostname ne '') {
+                                                            $dest = 'http://'.$hostname.$dest;
+                                                        }
+                                                    }
+                                                }
+                                            }
                                             if ($dest =~ m{^/enc/}) {
                                                 if ($env{'request.role.adv'}) {
                                                     $dest = &Apache::lonenc::unencrypted($dest);
@@ -700,7 +732,7 @@ ENDENTERKEY
                                         unless (($dest =~ m{^/enc/}) || ($dest =~ /(\?|\&)symb=.+___\d+___.+/)) { 
                                             if (($destsymb ne '') && ($destsymb !~ m{^/enc/})) {
                                                 my $esc_symb = &escape($destsymb);
-                                                $dest .= '?symb='.$esc_symb;
+                                                $dest .= (($dest =~/\?/)? '&':'?').'symb='.$esc_symb;
                                             }
                                         }
                                         &redirect_user($r, &mt('Entering [_1]',
@@ -778,6 +810,12 @@ ENDENTERKEY
                                        $redirect_url);
                         return OK;
                     }
+                    if ($role eq 'da') {
+                        my $redirect_url = '/adm/menu/';
+                        &redirect_user($r,&mt('Loading Domain Helpdesk Assistant Menu'),
+                                       $redirect_url);
+                        return OK;
+                    }
                     if ($role eq 'sc') {
                         my $redirect_url = '/adm/grades?command=scantronupload';
                         &redirect_user($r,&mt('Loading Data Upload Page'),
@@ -993,14 +1031,18 @@ ENDHEADER
 
 # No active roles
     if ($countactive==0) {
-        &requestcourse_advice($r,$cattype,$inrole); 
+        my $elapsed = 0;
+        if ($now && $update) {
+            $elapsed = $now - $update;
+        }
+        &requestcourse_advice($r,$cattype,$inrole,$elapsed); 
 	$r->print('</form>');
         if ($countfuture) {
             $r->print(&mt('The following [quant,_1,role,roles] will become active in the future:',$countfuture));
             my $doheaders = &roletable_headers($r,\%roleclass,\%sortrole,
                                                $nochoose);
             &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,
-                            \%roletext);
+                            \%roletext,$update,$then);
             my $tremark='';
             my $tbg;
             if ($env{'request.role'} eq 'cm') {
@@ -1025,10 +1067,12 @@ ENDHEADER
     }
 # ----------------------------------------------------------------------- Table
 
-    if (($numdc > 0) || (($numdh > 0) && ($numadhoc > 0))) {
-        $r->print(&coursepick_jscript());
-        $r->print(&Apache::loncommon::coursebrowser_javascript().
-                  &Apache::loncommon::authorbrowser_javascript());
+    if (($numdc > 0) || (($numhelpdesk > 0) && ($numadhoc > 0))) {
+        $r->print(&coursepick_jscript().
+                  &Apache::loncommon::coursebrowser_javascript());
+    }
+    if ($numdc > 0) {
+        $r->print(&Apache::loncommon::authorbrowser_javascript());
     }
 
     unless ((!&Apache::loncommon::show_course()) || ($nochoose) || ($countactive==1)) {
@@ -1061,9 +1105,8 @@ ENDHEADER
                 if ($role =~ m{^dc\./($match_domain)/$} 
 		    && $dcroles{$1}) {
 		    $output .= &adhoc_roles_row($1,'recent');
-                } elsif ($role =~ m{^dh\./($match_domain)/$}
-                         && ($env{'environment.adhocroles.'.$1} ne '')) {
-                    $output .= &adhoc_customroles_row($1,'recent');
+                } elsif ($role =~ m{^(dh|da)\./($match_domain)/$}) {
+                    $output .= &adhoc_customroles_row($1,$2,'recent',$update,$then);
                 }
 	    } elsif ($numdc > 0) {
                 unless ($role =~/^error\:/) {
@@ -1092,7 +1135,7 @@ ENDHEADER
             $doheaders ++;
 	}
     }
-    &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext);
+    &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext,$update,$then);
     if ($countactive > 1) {
         my $tremark='';
         my $tbg;
@@ -1169,6 +1212,7 @@ sub gather_roles {
     my $tryagain = $env{'form.tryagain'};
     my @ids = &Apache::lonnet::current_machine_ids();
     if (ref($roles_in_env) eq 'HASH') {
+        my %adhocdesc;
         foreach my $envkey (sort(keys(%{$roles_in_env}))) {
             my $button = 1;
             my $switchserver='';
@@ -1220,8 +1264,10 @@ sub gather_roles {
                 my $trole;
                 if ($role =~ /^cr\//) {
                     my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
-                    if ($tremark) { $tremark.='<br />'; }
-                    $tremark.=&mt('Custom role defined by [_1].',$rauthor.':'.$rdomain);
+                    unless ($rauthor eq $rdomain.'-domainconfig') {
+                        if ($tremark) { $tremark.='<br />'; }
+                        $tremark.=&mt('Custom role defined by [_1].',$rauthor.':'.$rdomain);
+                    }
                 }
                 $trole=Apache::lonnet::plaintext($role);
                 my $ttype;
@@ -1267,7 +1313,32 @@ sub gather_roles {
                 } elsif ($trest) {
                     my $tcourseid=$tdom.'_'.$trest;
                     $ttype = &Apache::loncommon::course_type($tcourseid);
-                    $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid);
+                    if ($role !~ /^cr/) {
+                        $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid);
+                    } elsif ($role =~ m{^\Qcr/$tdom/$tdom\E\-domainconfig/(\w+)$}) {
+                        my $rolename = $1;
+                        my $desc;
+                        if (ref($adhocdesc{$tdom}) eq 'HASH') {
+                            $desc = $adhocdesc{$tdom}{$rolename};
+                        } else {
+                            my %domdef = &Apache::lonnet::get_domain_defaults($tdom);
+                            if (ref($domdef{'adhocroles'}) eq 'HASH') {
+                                foreach my $rolename (sort(keys(%{$domdef{'adhocroles'}}))) {
+                                    if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
+                                        $adhocdesc{$tdom}{$rolename} = $domdef{'adhocroles'}{$rolename}{'desc'};
+                                        $desc = $adhocdesc{$tdom}{$rolename};
+                                    }
+                                }
+                            }
+                        }
+                        if ($desc ne '') {
+                            $trole = $desc;
+                        } else {
+                            $trole = &mt('Helpdesk[_1]','&nbsp;'.$rolename);
+                        }
+                    } else {
+                        $trole = (split(/\//,$role,4))[-1];
+                    }
                     if ($env{'course.'.$tcourseid.'.description'}) {
                         my $home=$env{'course.'.$tcourseid.'.home'};
                         $twhere=$env{'course.'.$tcourseid.'.description'};
@@ -1436,7 +1507,7 @@ sub roletypes {
 }
 
 sub print_rolerows {
-    my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext) = @_;
+    my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext,$update,$then) = @_;
     if ((ref($roleclass) eq 'HASH') && (ref($sortrole) eq 'HASH')) {
         my @types = &roletypes();
         foreach my $type (@types) {
@@ -1460,9 +1531,8 @@ sub print_rolerows {
                                     $output .= &adhoc_roles_row($1,'');
                                 }
                             }
-                        } elsif (($sortrole->{$which} =~ m{^user\.role\.dh\./($match_domain)/}) &&
-                                 ($env{'environment.adhocroles.'.$1} ne '')) {
-                            $output .= &adhoc_customroles_row($1,'');
+                        } elsif ($sortrole->{$which} =~ m{^user\.role\.(dh|da)\./($match_domain)/}) {
+                            $output .= &adhoc_customroles_row($1,$2,'',$update,$then);
                         }
                     }
                 }
@@ -1483,20 +1553,26 @@ sub print_rolerows {
 }
 
 sub findcourse_advice {
-    my ($r,$cattype) = @_;
+    my ($r,$cattype,$elapsed) = @_;
     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
     my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
     if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) {
-        $r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
+        $r->print('<p>'.&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
 <ul>
  <li>'.&mt('The course has yet to be created.').'</li>
  <li>'.&mt('Automatic enrollment of registered students has not been enabled for the course.').'</li>
  <li>'.&mt('You are in a section of course for which automatic enrollment in the corresponding LON-CAPA course is not active.').'</li>
  <li>'.&mt('The start date for automated enrollment has yet to be reached.').'</li>
  <li>'.&mt('You registered for the course recently and there is a time lag between the time you register, and the time this information becomes available for the update of LON-CAPA course rosters.').'</li>
- </ul>');
+ <li>'.&mt('Automated enrollment added you to the course in the time since you last logged-in.').' '.&mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'</li>
+ </ul></p>');
     } else {
-        $r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'<br />');
+        $r->print('<p>'.&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'</p>');
+        if ($elapsed > 600) {
+            $r->print('<p>'.&mt('You may also have been assigned to a course in the time since you last logged-in, or checked for changes.').
+                      '<br />'.
+                      &mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'</p>');
+        }
     }
     if (($cattype eq 'std') || ($cattype eq 'domonly')) {
         $r->print('<h3>'.&mt('Self-Enrollment').'</h3>'.
@@ -1508,7 +1584,7 @@ sub findcourse_advice {
 }
 
 sub requestcourse_advice {
-    my ($r,$cattype,$inrole) = @_;
+    my ($r,$cattype,$inrole,$elapsed) = @_;
     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
     my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
     my (%can_request,%request_doms,$output);
@@ -1569,7 +1645,7 @@ sub requestcourse_advice {
         } else {
             $r->print('<h3>'.&mt('Currently no active roles, courses or communities').'</h3>');
         }
-        &findcourse_advice($r,$cattype);
+        &findcourse_advice($r,$cattype,$elapsed);
     }
     return;
 }
@@ -1630,10 +1706,13 @@ sub privileges_info {
 }
 
 sub build_roletext {
-    my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning) = @_;
-    my ($roletext,$roletext_end);
-    my $is_dc=($trolecode =~ m/^dc\./);
-    my $rowspan=($is_dc) ? ''
+    my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere,
+        $tpstart,$tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning) = @_;
+    my ($roletext,$roletext_end,$poss_adhoc);
+    if ($trolecode =~ m/^d(c|h|a)\./) {
+        $poss_adhoc = 1;
+    }
+    my $rowspan=($poss_adhoc) ? ''
                          : ' rowspan="2" ';
 
     unless ($nochoose) {
@@ -1694,7 +1773,7 @@ sub build_roletext {
               .'<td>'.$twhere.'</td>'
               .'<td>'.$tpstart.'</td>'
               .'<td>'.$tpend.'</td>';
-    if (!$is_dc) {
+    unless ($poss_adhoc) {
         $roletext_end = '<td colspan="4">'.
                         $tremark.'&nbsp;'.
                         '</td>';
@@ -1720,21 +1799,20 @@ sub check_author_homeserver {
 }
 
 sub check_for_adhoc {
-    my ($dcroles,$dhroles,$update,$then) = @_;
+    my ($dcroles,$helpdeskroles,$update,$then) = @_;
     my $numdc = 0;
-    my $numdh = 0;
+    my $numhelpdesk = 0;
     my $numadhoc = 0;
     my $num_custom_adhoc = 0;
-    if ($env{'user.adv'}) {
+    if (($env{'user.adv'}) || ($env{'user.rar'})) {
         foreach my $envkey (sort(keys(%env))) {
-            if ($envkey=~/^user\.role\.(dc|dh)\.\/($match_domain)\/$/) {
+            if ($envkey=~/^user\.role\.(dc|dh|da)\.\/($match_domain)\/$/) {
                 my $role = $1;
                 my $roledom = $2;
                 my $liverole = 1;
                 my ($tstart,$tend)=split(/\./,$env{$envkey});
                 my $limit = $update;
-                if ((($role eq 'dc') && ($env{'request.role'} eq 'dc./'.$roledom.'/')) ||
-                    (($role eq 'dh') && ($env{'request.role'} eq 'dh./'.$roledom.'/'))) {
+                if ($env{'request.role'} eq "$role./$roledom/") {
                     $limit = $then;
                 }
                 if ($tstart && $tstart>$limit) { $liverole = 0; }
@@ -1744,17 +1822,20 @@ sub check_for_adhoc {
                         $dcroles->{$roledom} = $envkey;
                         $numdc++;
                     } else {
-                        $dhroles->{$roledom} = $envkey;
-                        if ($env{'environment.adhocroles.'.$roledom} ne '') {
-                            $numadhoc ++;
+                        $helpdeskroles->{$roledom} = $envkey;
+                        my %domdefaults = &Apache::lonnet::get_domain_defaults($roledom);
+                        if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
+                            if (keys(%{$domdefaults{'adhocroles'}})) {
+                                $numadhoc ++;
+                            }
                         }
-                        $numdh++;
+                        $numhelpdesk++;
                     }
                 }
             }
         }
     }
-    return ($numdc,$numdh,$numadhoc);
+    return ($numdc,$numhelpdesk,$numadhoc);
 }
 
 sub adhoc_course_role {
@@ -1795,9 +1876,15 @@ sub adhoc_course_role {
                 my %cgroups =
                     &Apache::lonnet::get_active_groups($env{'user.domain'},
                                             $env{'user.name'},$cdom,$cnum);
+                my $ccrole;
+                if ($crstype eq 'Community') {
+                    $ccrole = 'co';
+                } else {
+                    $ccrole = 'cc';
+                }
                 foreach my $group (keys(%cgroups)) {
                     $group_privs{$group} =
-                        $env{'user.priv.cc./'.$cdom.'/'.$cnum.'./'.$cdom.'/'.$cnum.'/'.$group};
+                        $env{'user.priv.'.$ccrole.'./'.$cdom.'/'.$cnum.'./'.$cdom.'/'.$cnum.'/'.$group};
                 }
                 $newgroups{'/'.$cdom.'/'.$cnum} = \%group_privs;
                 my $area = '/'.$cdom.'/'.$cnum;
@@ -1947,9 +2034,9 @@ sub adhoc_roles_row {
     my ($dcdom,$rowtype) = @_;
     my $output = &Apache::loncommon::continue_data_table_row()
                  .' <td colspan="5" class="LC_textsize_mobile">'
-                 .&mt('[_1]Ad hoc[_2] roles in domain [_3] --'
+                 .&mt('[_1]Ad hoc[_2] roles in domain [_3]'
                      ,'<span class="LC_cusr_emph">','</span>',$dcdom)
-                 .' ';
+                 .' -- ';
     my $role = 'cc';
     my $selectcclink = &courselink($dcdom,$rowtype,$role);
     my $ccrole = &Apache::lonnet::plaintext('co',undef,undef,1);
@@ -1962,20 +2049,25 @@ sub adhoc_roles_row {
 }
 
 sub adhoc_customroles_row {
-    my ($dhdom,$rowtype) = @_;
-    my $output = &Apache::loncommon::continue_data_table_row()
-                 .' <td colspan="5" class="LC_textsize_mobile">'
-                 .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3] --',
-                      '<span class="LC_cusr_emph">','</span>',$dhdom);
-    my @customroles = split(/,/,$env{'environment.adhocroles.'.$dhdom});
-    my $count = 0;
-    foreach my $role (@customroles) {
-        next if (($role eq '') || ($role =~ /\W/));
-        $output .= ' '.$role.': '.&courselink($dhdom,$rowtype,$role).' |';
-        $count ++;
-    }
-    if ($count) {
-        return $output;
+    my ($role,$dhdom,$rowtype,$update,$then) = @_;
+    my $liverole = 1;
+    my ($tstart,$tend)=split(/\./,$env{"user.role.$role./$dhdom/"});
+    my $limit = $update;
+    if (($role eq 'dh') && ($env{'request.role'} eq 'dh./'.$dhdom.'/')) {
+        $limit = $then;
+    }
+    if ($tstart && $tstart>$limit) { $liverole = 0; }
+    if ($tend   && $tend  <$limit) { $liverole = 0; }
+    return unless ($liverole);
+    my %domdefaults = &Apache::lonnet::get_domain_defaults($dhdom);
+    if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
+        if (scalar(keys(%{$domdefaults{'adhocroles'}})) > 0) {
+            return &Apache::loncommon::continue_data_table_row()
+                  .' <td colspan="5" class="LC_textsize_mobile">'
+                  .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3]',
+                       '<span class="LC_cusr_emph">','</span>',$dhdom)
+                  .' -- '.&courselink($dhdom,$rowtype,$role);
+        }
     }
     return;
 }