--- loncom/auth/lonroles.pm	2022/01/01 19:28:28	1.269.2.39.2.1
+++ loncom/auth/lonroles.pm	2024/07/04 02:04:57	1.269.2.41
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.269.2.39.2.1 2022/01/01 19:28:28 raeburn Exp $
+# $Id: lonroles.pm,v 1.269.2.41 2024/07/04 02:04:57 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -177,7 +177,8 @@ ENDREDIR
 
 sub finish_loading_course {
     my ($r,$msg,$url) = @_;
-    my $link = '<div id="LC_course_loaded" style="display:none"><a href="'.$url.'">'.&mt('Continue').'</a></div>';
+    my $link = '<div id="LC_course_loaded" style="display:none"><a href="'.
+               &HTML::Entities::encode($url,'"<>&').'">'.&mt('Continue').'</a></div>';
     my $end_page = &Apache::loncommon::end_page();
     my $js_url = &js_escape($url);
     $r->print(<<END);
@@ -191,6 +192,7 @@ $msg
     var url = "$js_url";
     \$(location).attr('href',url);
 });
+// ]]>
 </script>
 $link
 $end_page
@@ -255,7 +257,7 @@ sub handler {
     my $r = shift;
 
     # Check for critical messages and redirect if present.
-    my ($redirect,$url) = &Apache::loncommon::critical_redirect(300,'roles');
+    my ($redirect,$url) = &Apache::loncommon::critical_redirect(300);
     if ($redirect) {
         &Apache::loncommon::content_type($r,'text/html');
         $r->header_out(Location => $url);
@@ -273,43 +275,8 @@ sub handler {
         $update = $then;
     }
 
-    my ($norolelist,$blocked_by_ip,$blocked_type,$clientip);
+    my ($blocked_by_ip,$blocked_type,$clientip);
     $clientip = &Apache::lonnet::get_requestor_ip($r);
-    if (($env{'request.course.id'}) && ($env{'request.deeplink.login'})) {
-        my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
-        my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
-        my $crstype = $env{'course.'.$env{'request.course.id'}.'.type'};
-        my $deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom);
-        if ($deeplink_symb) {
-            my ($menucoll,$deeplinkmenu,$menuref) = &Apache::loncommon::menucoll_in_effect();
-            if (ref($menuref) eq 'HASH') {
-                unless (($menuref->{'role'}) || ($env{'request.role.adv'})) {
-                    foreach my $envkey (keys(%env)) {
-                        next unless ($envkey =~ /^form\./);
-                        if ($envkey =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
-                            unless (($1 eq $cdom) && ($2 eq $cnum)) {
-                                delete($env{$envkey});
-                            }
-                        }
-                    }
-                    if ($env{'form.selectrole'}) {
-                        if ($env{'form.switchrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
-                            unless (($1 eq $cdom) && ($2 eq $cnum)) {
-                                delete($env{'form.selectrole'});
-                                delete($env{'form.switchrole'});
-                            }
-                        } elsif ($env{'form.newrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
-                            unless (($1 eq $cdom) && ($2 eq $cnum)) {
-                                delete($env{'form.selectrole'});
-                                delete($env{'form.newrole'});
-                            }
-                        }
-                    }
-                    $norolelist = 1;
-                }
-            }
-        }
-    }
 
     if ($env{'form.selectrole'}) {
         my ($role,$cdom,$cnum,$rest);
@@ -767,19 +734,8 @@ ENDCLOSE
                         my %prog_state = &Apache::lonhtmlcommon::Create_PrgWin($r,undef,$preamble);
                         &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Loading ...'));
                         $r->rflush();
-                        my ($msg,$blockcrit,$critmsg_check);
+                        my ($msg,$critmsg_check);
                         $critmsg_check = 1;
-                        $blockcrit = &Apache::loncommon::blocking_status('alert',$clientip,$cnum,$cdom,undef,1);
-                        if ($blockcrit) {
-                            my $checkrole = "cm./$cdom/$cnum";
-                            if ($csec ne '') {
-                                $checkrole .= "/$csec";
-                            }
-                            unless ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) &&
-                                    ($trolecode !~ m{^st\./$cdom/$cnum})) {
-                                $critmsg_check = 0;
-                            }
-                        }
                         my ($furl,$ferr)=
                             &Apache::lonuserstate::readmap($cdom.'/'.$cnum,$critmsg_check);
                         &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Finished!'));
@@ -978,9 +934,6 @@ ENDCLOSE
                                         $msg = '<p>'.&mt('Entering [_1] ...',
                                                          $env{'course.'.$cdom.'_'.$cnum.'.description'}).
                                                '</p>';
-                                        if ($env{'form.ttoken'}) {
-                                            $dest .= (($dest =~/\?/)? '&':'?').'ttoken='.$env{'form.ttoken'};
-                                        }
                                         &finish_loading_course($r,$msg,$dest);
                                         $r->rflush();
                                         return OK;
@@ -1036,7 +989,7 @@ ENDCLOSE
                                 } else {
                                     $access = &Apache::lonnet::allowed('bre',$unencfurl);
                                 }
-                                if ((!$access) || ($access eq 'B') || ($access eq 'D')) {
+                                if ((!$access) || ($access eq 'B')) {
                                     $furl = &Apache::lonpageflip::first_accessible_resource();
                                     if ($furl eq '') {
                                         $furl = '/adm/navmaps?showOnlyHomework=1';
@@ -1113,10 +1066,6 @@ ENDCLOSE
         $recent = &mt('Recent Courses');
         $standby = &mt('Course selected. Please stand by.');
     }
-    if (($norolelist) && ((split(/:/,$env{'user.error.msg'}))[2])) {
-        $crumbtext = 'Access Denied';
-        $pagetitle = 'Unauthorized';
-    }
     my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}];
 
     my %roles_in_env;
@@ -1129,12 +1078,10 @@ ENDCLOSE
         $cattype = $domdefs{'catauth'};
     }
     my ($funcs,$crumbsright);
-    unless (($norolelist) && ((split(/:/,$env{'user.error.msg'}))[2])) {
-        $funcs = &get_roles_functions($showcount,$cattype);
-        if ($env{'browser.mobile'}) {
-            $crumbsright = $funcs;
-            undef($funcs);
-        }
+    $funcs = &get_roles_functions($showcount,$cattype);
+    if ($env{'browser.mobile'}) {
+        $crumbsright = $funcs;
+        undef($funcs);
     }
     my $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum,
                                                                     bread_crumbs_component=>$crumbsright});
@@ -1241,16 +1188,8 @@ ENDHEADER
     }
     if ($nochoose) {
 	$r->print("<h2>".&mt('Sorry ...')."</h2>\n<span class='LC_error'>".
-		  &mt('This action is currently not authorized.').'</span>');
-        if ($error && $norolelist) {
-            $r->print('<br /><br /><h4><span class="LC_error">'.
-                      &mt('As your session was launched from a web page external to LON-CAPA some course content may be unavailable, including the resource you were trying to access.').
-                     '</span></h4>'.
-                     '<h4><span class="LC_error">'.
-                     &mt('You may need to login to LON-CAPA directly, or re-launch from a different external system.').
-                     '</span></h4>');
-        }
-	$r->print(&Apache::loncommon::end_page());
+		  &mt('This action is currently not authorized.').'</span>'.
+		  &Apache::loncommon::end_page());
 	return OK;
     } else {
         if ($updateresult || $reqauthor || $hotlist) {
@@ -1320,26 +1259,6 @@ ENDHEADER
         }
     }
 
-    if ($norolelist) {
-        if ($env{'request.role'}) {
-            my ($roletext,$role_text_end) = &display_curr_role($env{'request.role'});
-            if ($roletext) {
-                $r->print(&Apache::loncommon::start_data_table('LC_textsize_mobile').
-                          &Apache::loncommon::start_data_table_row().
-                          $roletext.
-                          &Apache::loncommon::end_data_table_row());
-                if ($role_text_end) {
-                    $r->print(&Apache::loncommon::continue_data_table_row().
-                              $role_text_end.
-                              &Apache::loncommon::end_data_table_row());
-                }
-                $r->print(&Apache::loncommon::end_data_table());
-            }
-        }
-        $r->print(&Apache::loncommon::end_page());
-        return OK;
-    }
-
 # No active roles
     if ($countactive==0) {
         my $elapsed = 0;
@@ -1638,9 +1557,9 @@ sub gather_roles {
                                 foreach my $rolename (sort(keys(%{$domdef{'adhocroles'}}))) {
                                     if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
                                         $adhocdesc{$tdom}{$rolename} = $domdef{'adhocroles'}{$rolename}{'desc'};
-                                        $desc = $adhocdesc{$tdom}{$rolename};
                                     }
                                 }
+                                $desc = $adhocdesc{$tdom}{$rolename}; 
                             }
                         }
                         if ($desc ne '') {
@@ -2344,38 +2263,6 @@ sub display_cc_role {
         }
     }
     return ($roletext,$roletext_end);
-}
-
-sub display_curr_role {
-    my ($currentrole) = @_;
-    my ($roletext,$roletext_end);
-    my $advanced = $env{'user.adv'};
-    my $tryagain = $env{'form.tryagain'};
-    my ($role,$rest) = split(m{\./},$currentrole,2);
-    unless (!defined($role) || $role eq '') {
-        if ($rest =~ m{^($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
-            my $cdom = $1;
-            my $cnum = $2;
-            my $csec = $3;
-            my $cid = $cdom.'_'.$cnum;
-            my $ttype = $env{'course.'.$cid.'.type'};
-            my $skipcal = 1;
-            my $tbg='LC_roles_is';
-            my $twhere = $env{'course.'.$cid.'.description'}.
-                        ' <span class="LC_fontsize_small">'.
-                        &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$cnum,$cdom).
-                        '</span>';
-            my $trole = &Apache::lonnet::plaintext($role,$ttype,$cid);
-            if ($csec) {
-                $twhere.= '&nbsp; '.&mt('Section').':&nbsp;'.$csec;
-            }
-            if ($role ne 'st') {
-                $twhere.= '&nbsp; '.&mt('Domain').':&nbsp;'.$cdom;
-            }
-            ($roletext,$roletext_end) = &build_roletext($currentrole,$cdom,$cnum,'is',$tryagain,$advanced,'',$tbg,$trole,$twhere,'','','',1,'','','',$skipcal);
-        }
-    }
-    return ($roletext,$roletext_end);
 }
 
 sub adhoc_roles_row {