--- loncom/auth/lonroles.pm	2013/01/04 04:03:03	1.281
+++ loncom/auth/lonroles.pm	2021/06/12 23:14:56	1.350
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.281 2013/01/04 04:03:03 raeburn Exp $
+# $Id: lonroles.pm,v 1.350 2021/06/12 23:14:56 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -128,7 +128,7 @@ package Apache::lonroles;
 use strict;
 use Apache::lonnet;
 use Apache::lonuserstate();
-use Apache::Constants qw(:common);
+use Apache::Constants qw(:common REDIRECT);
 use Apache::File();
 use Apache::lonmenu;
 use Apache::loncommon;
@@ -139,10 +139,57 @@ use Apache::lonpageflip();
 use Apache::lonnavdisplay();
 use Apache::loncoursequeueadmin;
 use Apache::longroup;
+use Apache::lonrss;
+use Apache::lonplacementtest;
 use GDBM_File;
 use LONCAPA qw(:DEFAULT :match);
 use HTML::Entities;
 
+my $registered_cleanup;
+my $rosterupdates;
+
+sub start_loading_course {
+    my ($r,$title) = @_;
+    &Apache::loncommon::content_type($r,'text/html');
+    &Apache::loncommon::no_cache($r);
+    $r->send_http_header;
+    my $swinfo=&Apache::lonmenu::rawconfig();
+    # Breadcrumbs
+    my $brcrum = [{'href' => '',
+                   'text' => $title},];
+    my $start_page = &Apache::loncommon::start_page($title,undef,
+                                                    {'bread_crumbs' => $brcrum,});
+    $r->print(<<ENDREDIR);
+$start_page
+<script type="text/javascript">
+// <![CDATA[
+$swinfo
+// ]]>
+</script>
+ENDREDIR
+    return;
+}
+
+sub finish_loading_course {
+    my ($r,$msg,$url) = @_;
+#FIXME add continue link, and add jquery to enable menu links when page is loaded
+    my $link;
+    my $end_page = &Apache::loncommon::end_page();
+    my $js_url = &js_escape($url);
+    $r->print(<<END);
+$msg
+<script type="text/javascript">
+// <![CDATA[
+\$(document).ready(function() {
+    var url = "$js_url";
+    \$(location).attr('href',url);
+});
+</script>
+$link
+$end_page
+END
+    return;
+}
 
 sub redirect_user {
     my ($r,$title,$url,$msg) = @_;
@@ -151,20 +198,26 @@ sub redirect_user {
     &Apache::loncommon::no_cache($r);
     $r->send_http_header;
 
-    # Breadcrumbs
-    my $brcrum = [{'href' => $url,
-                   'text' => 'Switching Role'},];
-    my $start_page = &Apache::loncommon::start_page('Switching Role',undef,
-                                                    {'redirect' => [1,$url],
-                                                     'bread_crumbs' => $brcrum,});
-    my $end_page   = &Apache::loncommon::end_page();
+    my $start_page;
+    if ($env{'request.lti.login'}) {
+        $start_page = &Apache::loncommon::start_page(undef,undef,
+                                                     {'redirect' => [0,$url],}).$msg;
+    } else {
+        # Breadcrumbs
+        my $brcrum = [{'href' => $url,
+                       'text' => 'Switching Role'},];
+        $start_page = &Apache::loncommon::start_page('Switching Role',undef,
+                                                     {'redirect' => [1,$url],
+                                                      'bread_crumbs' => $brcrum,}).
+                      "\n<p>$msg</p>";
+    }
+    my $end_page = &Apache::loncommon::end_page();
 
 # Note to style police: 
 # This must only replace the spaces, nothing else, or it bombs elsewhere.
     $url=~s/ /\%20/g;
     $r->print(<<ENDREDIR);
 $start_page
-<p>$msg</p>
 $end_page
 ENDREDIR
     return;
@@ -172,35 +225,36 @@ ENDREDIR
 
 sub error_page {
     my ($r,$error,$dest)=@_;
-    &Apache::loncommon::content_type($r,'text/html');
-    &Apache::loncommon::no_cache($r);
-    $r->send_http_header;
-    return OK if $r->header_only;
-    # Breadcrumbs
-    my $brcrum = [{'href' => $dest,
-                   'text' => 'Problems during Course Initialization'},];
-    $r->print(&Apache::loncommon::start_page('Problems during Course Initialization',
-                                             undef,
-                                             {'bread_crumbs' => $brcrum,})
-    );
-    $r->print(
-        '<script type="text/javascript">'.
-        '// <![CDATA['.
-        &Apache::lonmenu::rawconfig().
-        '// ]]>'.
-        '</script>'.
-	      '<p class="LC_error">'.&mt('The following problems occurred:').
-          '<br />'.
-	      $error.
-	      '</p><br /><a href="'.$dest.'">'.&mt('Continue').'</a>'
+    my %lt = &Apache::lonlocal::texthash(
+        pdc => 'Problems during Course Initialization',
+        tfp => 'The following problems occurred:',
+        con => 'Continue',
     );
-    $r->print(&Apache::loncommon::end_page());
+    my $end_page = &Apache::loncommon::end_page();
+    $dest = &HTML::Entities::encode($dest,'"<>&');
+    $r->print(<<END);
+<h3>$lt{'pdc'}</h3>
+<p class="LC_error">$lt{'tfp'}
+<br />
+$error
+</p><br /><a href="$dest">$lt{'con'}</a>
+$end_page
+END
+    return;
 }
 
 sub handler {
 
     my $r = shift;
 
+    # Check for critical messages and redirect if present.
+    my ($redirect,$url) = &Apache::loncommon::critical_redirect(300,'roles');
+    if ($redirect) {
+        &Apache::loncommon::content_type($r,'text/html');
+        $r->header_out(Location => $url);
+        return REDIRECT;
+    }
+
     my $now=time;
     my $then=$env{'user.login.time'};
     my $refresh=$env{'user.refresh.time'};
@@ -212,9 +266,11 @@ sub handler {
         $update = $then;
     }
 
+    $registered_cleanup=0;
+    @{$rosterupdates}=();
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'});
 
-# -------------------------------------------------- Check if setting hot list 
+# -------------------------------------------------- Check if setting hot list
     my $hotlist;
     if ($env{'form.action'} eq 'verify_and_change_rolespref') {
         $hotlist = &Apache::lonpreferences::verify_and_change_rolespref($r);
@@ -245,17 +301,32 @@ sub handler {
 
     my $envkey;
     my %dcroles = ();
-    my $numdc = &check_fordc(\%dcroles,$update,$then);
-    my $loncaparev = $Apache::lonnet::perlvar{'lonVersion'};
+    my %helpdeskroles = ();
+    my ($numdc,$numhelpdesk,$numadhoc) = 
+        &check_for_adhoc(\%dcroles,\%helpdeskroles,$update,$then);
+    my $loncaparev = $r->dir_config('lonVersion');
 
 # ================================================================== Roles Init
     if ($env{'form.selectrole'}) {
+        if (($env{'request.lti.login'}) && ($env{'request.lti.target'} eq '')) {
+            if ($env{'form.ltitarget'} eq 'iframe') {
+                &Apache::lonnet::appenv({'request.lti.target' => 'iframe'});
+                delete($env{'form.ltitarget'});
+            }
+        }
 
         my $locknum=&Apache::lonnet::get_locks();
         if ($locknum) { return 409; }
 
+        my $custom_adhoc;
         if ($env{'form.newrole'}) {
             $env{'form.'.$env{'form.newrole'}}=1;
+# Check if this is a Domain Helpdesk or Domain Helpdesk Assistant role trying to enter a course
+            if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/\w+\./\1/$match_courseid$}) {
+                if ($helpdeskroles{$1}) {
+                    $custom_adhoc = 1;
+                }
+            }
 	}
 	if ($env{'request.course.id'}) {
             # Check if user is CC trying to select a course role
@@ -277,84 +348,132 @@ sub handler {
 	    &Apache::lonnet::put('email_status',\%temp);
 	    &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});
 	}
-	&Apache::lonnet::appenv({"request.course.id"   => '',
-			 	 "request.course.fn"   => '',
-				 "request.course.uri"  => '',
-				 "request.course.sec"  => '',
-                                 "request.course.tied" => '',
-				 "request.role"        => 'cm',
-                                 "request.role.adv"    => $env{'user.adv'},
-				 "request.role.domain" => $env{'user.domain'}});
-# Check if user is a DC trying to enter a course or author space and needs privs to be created
-        if ($numdc > 0) {
-            foreach my $envkey (keys %env) {
-# Is this an ad-hoc Coordinator role?
-                if (my ($ccrole,$domain,$coursenum) =
-		    ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) {
-                    if ($dcroles{$domain}) {
-                        if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,
-                                                           $update,$refresh,$now,$ccrole)) {
-                            &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.$ccrole.adhoc" => time});
+	&Apache::lonnet::appenv({"request.course.id"           => '',
+			 	 "request.course.fn"           => '',
+				 "request.course.uri"          => '',
+				 "request.course.sec"          => '',
+                                 "request.course.tied"         => '',
+                                 "request.course.timechecked"  => '',
+				 "request.role"                => 'cm',
+                                 "request.role.adv"            => $env{'user.adv'},
+				 "request.role.domain"         => $env{'user.domain'}});
+# Check if Domain Helpdesk role trying to enter a course needs privs to be created
+        if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)(?:/(\w+)|$)}) {
+            my $cdom = $1;
+            my $rolename = $2;
+            my $cnum = $3;
+            my $sec = $4;
+            if ($custom_adhoc) {
+                my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($cdom.'_'.$cnum,1);
+                if (ref($possroles) eq 'ARRAY') {
+                    if (grep(/^\Q$rolename\E$/,@{$possroles})) { 
+                        if (&Apache::lonnet::check_adhoc_privs($cdom,$cnum,$update,$refresh,$now,
+                                                               "cr/$cdom/$cdom".'-domainconfig/'.$rolename,undef,$sec)) {
+                            &Apache::lonnet::appenv({"environment.internal.$cdom.$cnum.cr/$cdom/$cdom".'-domainconfig/'."$rolename.adhoc" => time});
                         }
                     }
-                    last;
                 }
-# Is this an ad-hoc CA-role?
-                if (my ($domain,$user) =
-		    ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
-                    if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) {
-                        delete($env{$envkey});
-                        $env{'form.au./'.$domain.'/'} = 1;
-                        my ($server_status,$home) = &check_author_homeserver($user,$domain);
-                        if ($server_status eq 'switchserver') {
-                            my $trolecode = 'au./'.$domain.'/';
-                            my $switchserver = '/adm/switchserver?otherserver='.$home.'&amp;role='.$trolecode;
-                            $r->internal_redirect($switchserver);
+            }
+        } elsif (($numdc > 0) || ($numhelpdesk > 0)) {
+# Check if user is a DC trying to enter a course or author space and needs privs to be created
+# Check if user is a DH or DA trying to enter a course and needs privs to be created
+            foreach my $envkey (keys(%env)) {
+# Is this an ad-hoc Coordinator role?
+                if ($numdc) {
+                    if (my ($ccrole,$domain,$coursenum) =
+		        ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) {
+                        if ($dcroles{$domain}) {
+                            if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,
+                                                                   $update,$refresh,$now,$ccrole)) {
+                                &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.$ccrole.adhoc" => time});
+                            }
                         }
                         last;
                     }
-                    if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) {
-                        if (((($castart) && ($castart < $now)) || !$castart) && 
-                            ((!$caend) || (($caend) && ($caend > $now)))) {
+# Is this an ad-hoc CA-role?
+                    if (my ($domain,$user) =
+		        ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
+                        if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) {
+                            delete($env{$envkey});
+                            $env{'form.au./'.$domain.'/'} = 1;
                             my ($server_status,$home) = &check_author_homeserver($user,$domain);
                             if ($server_status eq 'switchserver') {
-                                my $trolecode = 'ca./'.$domain.'/'.$user;
+                                my $trolecode = 'au./'.$domain.'/';
                                 my $switchserver = '/adm/switchserver?otherserver='.$home.'&amp;role='.$trolecode;
                                 $r->internal_redirect($switchserver);
+                                return OK;
                             }
                             last;
                         }
-                    }
-                    # Check if author blocked ca-access
-                    my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
-                    if ($blocked{'domcoord.author'} eq 'blocked') {
-                        delete($env{$envkey});
-                        $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+                        if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) {
+                            if (((($castart) && ($castart < $now)) || !$castart) && 
+                                ((!$caend) || (($caend) && ($caend > $now)))) {
+                                my ($server_status,$home) = &check_author_homeserver($user,$domain);
+                                if ($server_status eq 'switchserver') {
+                                    my $trolecode = 'ca./'.$domain.'/'.$user;
+                                    my $switchserver = '/adm/switchserver?otherserver='.$home.'&amp;role='.$trolecode;
+                                    $r->internal_redirect($switchserver);
+                                    return OK;
+                                }
+                                last;
+                            }
+                        }
+                        # Check if author blocked ca-access
+                        my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
+                        if ($blocked{'domcoord.author'} eq 'blocked') {
+                            delete($env{$envkey});
+                            $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+                            last;
+                        }
+                        if ($dcroles{$domain}) {
+                            my ($server_status,$home) = &check_author_homeserver($user,$domain);
+                            if (($server_status eq 'ok') || ($server_status eq 'switchserver')) {
+                                &Apache::lonnet::check_adhoc_privs($domain,$user,$update,
+                                                                   $refresh,$now,'ca');
+                                if ($server_status eq 'switchserver') {
+                                    my $trolecode = 'ca./'.$domain.'/'.$user; 
+                                    my $switchserver = '/adm/switchserver?'
+                                                      .'otherserver='.$home.'&amp;role='.$trolecode;
+                                    $r->internal_redirect($switchserver);
+                                    return OK;
+                                }
+                            } else {
+                                delete($env{$envkey});
+                            }
+                        } else {
+                            delete($env{$envkey});
+                        }
                         last;
                     }
-                    if ($dcroles{$domain}) {
-                        my ($server_status,$home) = &check_author_homeserver($user,$domain);
-                        if (($server_status eq 'ok') || ($server_status eq 'switchserver')) {
-                            &Apache::lonnet::check_adhoc_privs($domain,$user,$update,
-                                                               $refresh,$now,'ca');
-                            if ($server_status eq 'switchserver') {
-                                my $trolecode = 'ca./'.$domain.'/'.$user; 
-                                my $switchserver = '/adm/switchserver?'
-                                                  .'otherserver='.$home.'&amp;role='.$trolecode;
-                                $r->internal_redirect($switchserver);
+                }
+                if ($numhelpdesk) {
+# Is this an ad hoc custom role in a course/community?
+                    if (my ($domain,$rolename,$coursenum,$sec) = ($envkey =~ m{^form\.cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)(?:/(\w+)|$)})) {
+                        if ($helpdeskroles{$domain}) {
+                            my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($domain.'_'.$coursenum,1);
+                            if (ref($possroles) eq 'ARRAY') {
+                                if (grep(/^\Q$rolename\E$/,@{$possroles})) {
+                                    if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,$update,$refresh,$now,
+                                                                           "cr/$domain/$domain".'-domainconfig/'.$rolename,
+                                                                           undef,$sec)) {
+                                        &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.cr/$domain/$domain".
+                                                                 '-domainconfig/'."$rolename.adhoc" => time});
+                                    }
+                                } else {
+                                    delete($env{$envkey});
+                                }
+                            } else {
+                                delete($env{$envkey});
                             }
                         } else {
                             delete($env{$envkey});
                         }
-                    } else {
-                        delete($env{$envkey});
+                        last;
                     }
-                    last;
                 }
             }
         }
-
-        foreach $envkey (keys %env) {
+        foreach $envkey (keys(%env)) {
             next if ($envkey!~/^user\.role\./);
             my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
             &Apache::lonnet::role_status($envkey,$update,$refresh,$now,\$role,\$where,
@@ -370,30 +489,13 @@ sub handler {
                             my %curr_reqd_hash = &Apache::lonnet::userenvironment($cdom,$cnum,'internal.releaserequired');
                             if ($curr_reqd_hash{'internal.releaserequired'} ne '') {
                                 my ($switchserver,$switchwarning) =
-                                    &check_release_required($loncaparev,$cdom.'_'.$cnum,$trolecode,$curr_reqd_hash{'internal.releaserequired'});
+                                    &Apache::loncommon::check_release_required($loncaparev,$cdom.'_'.$cnum,$trolecode,
+                                                                               $curr_reqd_hash{'internal.releaserequired'});
                                 if ($switchwarning ne '' || $switchserver ne '') {
                                     &Apache::loncommon::content_type($r,'text/html');
                                     &Apache::loncommon::no_cache($r);
                                     $r->send_http_header;
-                                    my $end_page=&Apache::loncommon::end_page();
-                                    $r->print(&Apache::loncommon::start_page('Selected course unavailable on this server').
-                                              '<p class="LC_warning">');
-                                    if ($switchwarning) {
-                                        $r->print($switchwarning.'<br /><a href="/adm/roles">');
-                                        if (&Apache::loncommon::show_course()) {
-                                            $r->print(&mt('Display courses'));
-                                        } else {
-                                            $r->print(&mt('Display roles'));
-                                        }
-                                        $r->print('</a>');
-                                    } elsif ($switchserver) {
-				        $r->print(&mt('This course requires a newer version of LON-CAPA than is installed on this server.').
-                                                  '<br />'.
-                                                  '<a href="/adm/switchserver?'.$switchserver.'">'.
-                                                  &mt('Switch Server').
-                                                  '</a>');
-                                    }
-                                    $r->print('</p>'.&Apache::loncommon::end_page());
+                                    $r->print(&Apache::loncommon::check_release_result($switchwarning,$switchserver));
                                     return OK;
                                 }
                             }
@@ -439,6 +541,7 @@ sub handler {
 				 my $end_page=&Apache::loncommon::end_page();
 				 my $buttontext=&mt('Enter Course');
 				 my $message=&mt('Successfully registered key');
+                                 my $ip = &Apache::lonnet::get_requestor_ip();
 				 my $assignresult=
 				     &Apache::lonnet::assign_access_key(
 						     $env{'form.newkey'},
@@ -447,7 +550,7 @@ sub handler {
                                                      $env{'user.domain'},
 						     $env{'user.name'},
                                                      &mt('Assigned from [_1] at [_2] for [_3]'
-                                                        ,$ENV{'REMOTE_ADDR'}
+                                                        ,$ip
                                                         ,&Apache::lonlocal::locallocaltime()
                                                         ,$trolecode)
                                                      );
@@ -506,7 +609,7 @@ ENDENTERKEY
 					 $env{'user.name'},
 					 $env{'user.home'},
 					 "Role ".$trolecode);
-		    
+
 		    &Apache::lonnet::appenv(
 					   {'request.role'        => $trolecode,
 					    'request.role.domain' => $cdom,
@@ -515,31 +618,129 @@ ENDENTERKEY
                     my $tadv=0;
 
 		    if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
-                        my $msg;
-			my ($furl,$ferr)=
-			    &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
-                        unless (($ferr) || ($env{'form.switchrole'}) ||
-                                ($env{"environment.internal.$cdom.$cnum.$role.adhoc"})) {
-                            &Apache::lonnet::put('nohist_crslastlogin',
-                                {$env{'user.name'}.':'.$env{'user.domain'}.
-                                ':'.$csec.':'.$role => $now},$cdom,$cnum);
+                        if ($role =~ m{^\Qcr/$cdom/$cdom\E\-domainconfig/(\w+)$}) {
+                            my $rolename = $1;
+                            my %domdef = &Apache::lonnet::get_domain_defaults($cdom);
+                            if (ref($domdef{'adhocroles'}) eq 'HASH') {
+                                if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
+                                    &Apache::lonnet::appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'}});
+                                }
+                            }
+                        }
+                        my $crstype = &Apache::loncommon::course_type($cdom.'_'.$cnum);
+                        $crstype = lc($crstype);
+                        my $preamble = '<div id="LC_update_'.$cdom.'_'.$cnum.'" class="LC_info">'.
+                                       '<br />'.
+                                       &mt("Please be patient while your $crstype loads").
+                                       '<br /></div>'.
+                                       '<div style="padding:0;clear:both;margin:0;border:0"></div>';
+                        my $closure = <<ENDCLOSE;
+<script type="text/javascript">
+// <![CDATA[
+\$("#LC_update_${cdom}_${cnum}").hide('slow');
+// ]]>
+</script>
+ENDCLOSE
+                        my $title = &mt("Loading $crstype");
+                        &start_loading_course($r,$title);
+                        my %prog_state = &Apache::lonhtmlcommon::Create_PrgWin($r,undef,$preamble);
+                        &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Loading ...'));
+                        $r->rflush();
+                        my ($msg,$blockcrit,$critmsg_check);
+                        $critmsg_check = 1;
+                        $blockcrit = &Apache::loncommon::blocking_status('alert',$cnum,$cdom,undef,1);
+                        if ($blockcrit) {
+                            my $checkrole = "cm./$cdom/$cnum";
+                            if ($csec ne '') {
+                                $checkrole .= "/$csec";
+                            }
+                            unless ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) &&
+                                    ($trolecode !~ m{^st\./$cdom/$cnum})) {
+                                $critmsg_check = 0;
+                            }
+                        }
+                        my ($furl,$ferr)=
+                            &Apache::lonuserstate::readmap($cdom.'/'.$cnum,$critmsg_check);
+                        &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Finished!'));
+                        &Apache::lonhtmlcommon::Close_PrgWin($r,\%prog_state);
+                        $r->print($closure);
+                        $r->rflush();
+                        if ($ferr) {
+                            $furl = '/adm/roles?tryagain=1';
+                        } else {
+                            &Apache::lonnet::appenv({'request.course.timechecked'=>$now});
+                            unless (($env{'form.switchrole'}) || 
+                                    ($env{"environment.internal.$cdom.$cnum.$role.adhoc"})) {
+                                &Apache::lonnet::put('nohist_crslastlogin',
+                                    {$env{'user.name'}.':'.$env{'user.domain'}.
+                                     ':'.$csec.':'.$role => $now},$cdom,$cnum);
+                            }
+                            if (($env{"environment.internal.$cdom.$cnum.$role.adhoc"}) &&
+                                (&Apache::lonnet::allowed('vxc',$cdom.'_'.$cnum))) {
+                                my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'};
+                                my @coowners = split(/,/,$env{'course.'.$env{'request.course.id'}.'.internal.co-owners'});
+                                my %auaccess;
+                                foreach my $user ($owner,@coowners) {
+                                    my ($cpname,$cpdom) = split(/:/,$user);
+                                    my %auroles = &Apache::lonnet::get_my_roles($cpname,$cpdom,'userroles',undef,['au','ca','aa'],[$cdom]);
+                                    foreach my $key (keys(%auroles)) {
+                                        my ($auname,$audom,$aurole) = split(/:/,$key);
+                                        if ($aurole eq 'au') {
+                                            $auaccess{$cpname} = 1;
+                                        } else {
+                                            $auaccess{$auname} = 1;
+                                        }
+                                    }
+                                }
+                                &Apache::lonnet::appenv({'request.course.adhocsrcaccess' => join(',',sort(keys(%auaccess))) });
+                            }
+                            my ($feeds,$syllabus_time);
+                            &Apache::lonrss::advertisefeeds($cnum,$cdom,undef,\$feeds);
+                            &Apache::lonnet::appenv({'request.course.feeds' => $feeds});
+                            &Apache::lonnet::get_numsuppfiles($cnum,$cdom,1);
+                            unless ($env{'course.'.$cdom.'_'.$cnum.'.updatedsyllabus'}) {
+                                unless (($env{'course.'.$cdom.'_'.$cnum.'.externalsyllabus'}) ||
+                                        ($env{'course.'.$cdom.'_'.$cnum.'.uploadedsyllabus'})) {
+                                    my %syllabus=&Apache::lonnet::dump('syllabus',$cdom,$cnum);
+                                    $syllabus_time = $syllabus{'uploaded.lastmodified'};
+                                    if ($syllabus_time) {
+                                        &Apache::lonnet::appenv({'request.course.syllabustime' => $syllabus_time});
+                                    }
+                                }
+                            }
                         }
 			if (($env{'form.orgurl'}) && 
-			    ($env{'form.orgurl'}!~/^\/adm\/flip/)) {
+			    ($env{'form.orgurl'}!~/^\/adm\/flip/) &&
+			    ($env{'form.orgurl'} ne '/adm/roles')) {
 			    my $dest=$env{'form.orgurl'};
                             if ($env{'form.symb'}) {
                                 if ($dest =~ /\?/) {
                                     $dest .= '&';
                                 } else {
-                                    $dest .= '?'
+                                    $dest .= '?';
                                 }
                                 $dest .= 'symb='.$env{'form.symb'};
                             }
 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
 			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
+                            if ($ferr) {
+                                if ($env{'form.orgurl'}) {
+                                    $furl .= '&orgurl='.&HTML::Entities::encode($env{'form.orgurl'},'<>&"');
+                                }
+                                if ($env{'form.symb'}) {
+                                    $furl .= '&symb='.&HTML::Entities::encode($env{'form.symb'},'<>&"');
+                                }
+                            }
                             if (($ferr) && ($tadv)) {
-				&error_page($r,$ferr,$dest);
+				&error_page($r,$ferr,$furl);
 			    } else {
+                                if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
+                                    if (($env{'form.orgurl'} ne '') && ($env{'form.symb'} ne '')) {
+                                        unless (&Apache::lonnet::symbverify($env{'form.symb'},$env{'form.orgurl'})) {
+                                            $dest=$env{'form.orgurl'};
+                                        }
+                                    } 
+                                }
                                 if ($dest =~ m{^/adm/coursedocs\?folderpath}) {
                                     if ($env{'request.course.id'} eq $cdom.'_'.$cnum) { 
                                         my $chome = &Apache::lonnet::homeserver($cnum,$cdom);
@@ -547,39 +748,74 @@ ENDENTERKEY
                                                                                        $cdom.'_'.$cnum);
                                     }
                                 }
-				$r->internal_redirect($dest);
+                                if ($ferr) {
+                                    if (!$env{'request.course.id'}) {
+                                        &Apache::lonnet::appenv(
+                                           {"request.course.id"  => $cdom.'_'.$cnum});
+                                        $r->print('<p class="LC_error">'.
+                                                  &mt('Could not initialize [_1] at this time.',
+                                                      $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                                  '</p>'.
+                                                  '<p><a href="'.$furl.'">'.
+                                                  &mt('Please try again.').'</a></p>'.
+                                                  &Apache::loncommon::end_page());
+                                    }
+                                } else {
+                                    if (($env{'request.lti.login'}) &&
+                                        ($env{'request.lti.rosterid'} || $env{'request.lti.passbackid'})) {
+                                        &process_lti($r,$cdom,$cnum);
+                                    }
+                                    $msg = '<p>'.&mt('Entering [_1] ...',
+                                                     $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                           '</p>';
+                                    &finish_loading_course($r,$msg,$dest);
+                                }
 			    }
+                            $r->rflush();
 			    return OK;
 			} else {
 			    if (!$env{'request.course.id'}) {
 				&Apache::lonnet::appenv(
 				      {"request.course.id"  => $cdom.'_'.$cnum});
-				$furl='/adm/roles?tryagain=1';
-                $msg='<p><span class="LC_error">'
-                    .&mt('Could not initialize [_1] at this time.',
-                         $env{'course.'.$cdom.'_'.$cnum.'.description'})
-                    .'</span></p>'
-                    .'<p>'.&mt('Please try again.').'</p>'
-                    .'<p>'.$ferr.'</p>';
 			    }
 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
 			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
-
-			    if (($ferr) && ($tadv)) {
-				&error_page($r,$ferr,$furl);
+			    if ($ferr) {
+                                if ($tadv) {
+				    &error_page($r,$ferr,$furl);
+                                } else {
+                                    $r->print('<p class="LC_error">'.
+                                              &mt('Could not initialize [_1] at this time.',
+                                                  $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                              '</p>'.
+                                              '<p><a href="'.$furl.'">'.&mt('Please try again.').'</a></p>'.
+                                              &Apache::loncommon::end_page());
+                                }
 			    } else {
+                                if (($env{'request.lti.login'}) &&
+                                    ($env{'request.lti.rosterid'} || $env{'request.lti.passbackid'})) {
+                                    &process_lti($r,$cdom,$cnum);
+                                }
 				# Check to see if the user is a CC entering a course 
 				# for the first time
-				my (undef, undef, $role, $courseid) = split(/\./, $envkey);
-				if (substr($courseid, 0, 1) eq '/') {
-				    $courseid = substr($courseid, 1);
-				}
-				$courseid =~ s/\//_/;
 				if ((($role eq 'cc') || ($role eq 'co')) 
-                                    && ($env{'course.' . $courseid .'.course.helper.not.run'})) { 
+                                    && ($env{'course.'.$cdom.'_'.$cnum.'.course.helper.not.run'})) { 
 				    $furl = "/adm/helper/course.initialization.helper";
 				    # Send the user to the course they selected
 				} elsif ($env{'request.course.id'}) {
+                                    if ((&Apache::loncommon::course_type() eq 'Placement') && 
+                                        (!$env{'request.role.adv'})) {
+                                        my ($score,$incomplete) = 
+                                            &Apache::lonplacementtest::check_completion(undef,undef,1);
+                                        if (($incomplete) && ($incomplete < 100)) {
+                                            $msg = '<p>'.&mt('Entering [_1] ...',
+                                                             $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                                   '</p>';
+                                            &finish_loading_course($r,$msg,'/adm/placement');
+                                            $r->rflush();
+                                            return OK;
+                                        }
+                                    }
                                     my ($dest,$destsymb,$checkenc);
                                     $dest = $env{'form.destinationurl'};
                                     $destsymb = $env{'form.destsymb'};
@@ -592,6 +828,18 @@ ENDENTERKEY
                                                     }
                                                 }
                                             }
+                                            if (($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?|\&)usehttp=1}) ||
+                                                ($dest =~ m{^\Q/adm/wrapper/ext/\E(?!https:)})) {
+                                                if ($ENV{'SERVER_PORT'} == 443) {
+                                                    my $hostname = $r->hostname();
+                                                    unless ((&Apache::lonnet::uses_sts()) ||
+                                                            (&Apache::lonnet::waf_allssl($hostname))) {
+                                                        if ($hostname ne '') {
+                                                            $dest = 'http://'.$hostname.$dest;
+                                                        }
+                                                    }
+                                                }
+                                            }
                                             if ($dest =~ m{^/enc/}) {
                                                 if ($env{'request.role.adv'}) {
                                                     $dest = &Apache::lonenc::unencrypted($dest);
@@ -624,12 +872,16 @@ ENDENTERKEY
                                         unless (($dest =~ m{^/enc/}) || ($dest =~ /(\?|\&)symb=.+___\d+___.+/)) {
                                             if (($destsymb ne '') && ($destsymb !~ m{^/enc/})) {
                                                 my $esc_symb = &escape($destsymb);
-                                                $dest .= '?symb='.$esc_symb;
+                                                $dest .= (($dest =~/\?/)? '&':'?').'symb='.$esc_symb;
                                             }
                                         }
-                                        &redirect_user($r, &mt('Entering [_1]',
-                                                       $env{'course.'.$courseid.'.description'}),
-                                                       $dest, $msg);
+                                        unless ($env{'request.lti.login'}) {
+                                            $msg = '<p>'.&mt('Entering [_1] ...',
+                                                             $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                                   '</p>';
+                                        }
+                                        &finish_loading_course($r,$msg,$dest);
+                                        $r->rflush();
                                         return OK;
                                     }
 				    if (&Apache::lonnet::allowed('whn',
@@ -638,27 +890,47 @@ ENDENTERKEY
 								    $env{'request.course.id'}.'/'
 								    .$env{'request.course.sec'})
 					) {
-					my $startpage = &courseloadpage($courseid);
+					my $startpage = &courseloadpage($env{'request.course.id'});
 					unless ($startpage eq 'firstres') {         
-					    $msg = &mt('Entering [_1] ...',
-						       $env{'course.'.$courseid.'.description'});
-					    &redirect_user($r, &mt('New in course'),
-                                       '/adm/whatsnew?refpage=start', $msg);
+					    $msg = '<p>'.&mt('Entering [_1] ...',
+						             $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                                   '</p>';
+                                            &finish_loading_course($r,$msg,'/adm/whatsnew?refpage=start');
+                                            $r->rflush();
 					    return OK;
 					}
 				    }
 				}
-# Are we allowed to look at the first resource?
-				if ($furl !~ m|^/adm/|) {
-# Guess not ...
-				    $furl=&Apache::lonpageflip::first_accessible_resource();
-				}
-                                $msg = &mt('Entering [_1] ...',
-					   $env{'course.'.$courseid.'.description'});
-				&redirect_user($r, &mt('Entering [_1]',
-                               $env{'course.'.$courseid.'.description'}),
-                               $furl, $msg);
+                                # Are we allowed to look at the first resource?
+                                my $access;
+                                if ($furl =~ m{^(/adm/wrapper|)/ext/}) {
+                                    # If it's an external resource,
+                                    # strip off the symb argument and possible query
+                                    my ($exturl,$symb) = ($furl =~ m{^(.+)(?:\?|\&)symb=(.+)$});
+                                    # Unencode $symb
+                                    $symb = &unescape($symb);
+                                    # Then check for permission
+                                    $access = &Apache::lonnet::allowed('bre',$exturl,$symb);
+                                # For other resources just check for permission
+                                } else {
+                                    $access = &Apache::lonnet::allowed('bre',$furl);
+                                }
+                                if ((!$access) || ($access eq 'D')) {
+                                    $furl = &Apache::lonpageflip::first_accessible_resource();
+                                } elsif ($access eq 'B') {
+                                    $furl = '/adm/navmaps?showOnlyHomework=1';
+                                }
+                                if ($env{'request.lti.login'}) {
+                                    undef($msg);
+                                    &finish_loading_course($r,$msg,$furl);
+                                } else {
+                                    $msg = '<p>'.&mt('Entering [_1] ...',
+					              $env{'course.'.$cdom.'_'.$cnum.'.description'}).
+                                           '</p>';
+                                    &finish_loading_course($r,$msg,$furl);
+                                }
 			    }
+                            $r->rflush();
 			    return OK;
 			}
 		    }
@@ -672,7 +944,7 @@ ENDENTERKEY
                             $redirect_url .= $where;
                         }
                         $redirect_url .= '/';
-                        &redirect_user($r,&mt('Entering Construction Space'),
+                        &redirect_user($r,&mt('Entering Authoring Space'),
                                        $redirect_url);
                         return OK;
                     }
@@ -682,6 +954,18 @@ ENDENTERKEY
                                        $redirect_url);
                         return OK;
                     }
+                    if ($role eq 'dh') {
+                        my $redirect_url = '/adm/menu/';
+                        &redirect_user($r,&mt('Loading Domain Helpdesk Menu'),
+                                       $redirect_url);
+                        return OK;
+                    }
+                    if ($role eq 'da') {
+                        my $redirect_url = '/adm/menu/';
+                        &redirect_user($r,&mt('Loading Domain Helpdesk Assistant Menu'),
+                                       $redirect_url);
+                        return OK;
+                    }
                     if ($role eq 'sc') {
                         my $redirect_url = '/adm/grades?command=scantronupload';
                         &redirect_user($r,&mt('Loading Data Upload Page'),
@@ -704,11 +988,13 @@ ENDENTERKEY
     my $crumbtext = 'User Roles';
     my $pagetitle = 'My Roles';
     my $recent = &mt('Recent Roles');
+    my $standby = &mt('Role selected. Please stand by.');
     my $show_course=&Apache::loncommon::show_course();
     if ($show_course) {
         $crumbtext = 'Courses';
         $pagetitle = 'My Courses';
         $recent = &mt('Recent Courses');
+        $standby = &mt('Course selected. Please stand by.');
     }
     my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}];
 
@@ -716,10 +1002,46 @@ ENDENTERKEY
     my $showcount = &roles_from_env(\%roles_in_env,$update); 
 
     my $swinfo=&Apache::lonmenu::rawconfig();
-    my $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum});
-    my $funcs = &get_roles_functions($showcount);
-    my $standby=&mt('Role selected. Please stand by.');
-    $standby=~s/\n/\\n/g;
+    my %domdefs=&Apache::lonnet::get_domain_defaults($env{'user.domain'}); 
+    my $cattype = 'std';
+    if ($domdefs{'catauth'}) {
+        $cattype = $domdefs{'catauth'};
+    }
+    my $placementonly;
+    if ($showcount == 1) {
+        if ($env{'request.course.id'}) {
+            if ($env{'course.'.$env{'request.course.id'}.'.type'} eq 'Placement') {
+                $placementonly = 1;
+            }
+        } else {
+            foreach my $rolecode (keys(%roles_in_env)) {
+                my ($cid) = ($rolecode =~ m{^\Quser.role.st./\E($match_domain/$match_courseid)(?:/|$)});
+                if ($cid) {
+                    my %coursedescription =
+                        &Apache::lonnet::coursedescription($cid,{'one_time' => '1'});
+                    if ($coursedescription{'type'} eq 'Placement') {
+                        $placementonly = 1;
+                    }
+                    last;
+                }
+            }
+        }
+    }
+    my ($start_page,$funcs);
+    if ($placementonly) {
+        $start_page=&Apache::loncommon::start_page($pagetitle,undef,
+                                                  {bread_crumbs=>$brcrum,crstype=>'Placement'});
+    } else {
+        $funcs = &get_roles_functions($showcount,$cattype);
+        my $crumbsright;
+        if ($env{'browser.mobile'}) {
+            $crumbsright = $funcs;
+            undef($funcs);
+        }
+        $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum,
+                                                                     bread_crumbs_component=>$crumbsright});
+    }
+    &js_escape(\$standby);
     my $noscript='<br /><span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will be unavailable.').'</span><br />';
 
     $r->print(<<ENDHEADER);
@@ -861,17 +1183,33 @@ ENDHEADER
                       \%sortrole,\%roleclass,\%futureroles,\%timezones,$loncaparev);
     $refresh = $now;
     &Apache::lonnet::appenv({'user.refresh.time'  => $refresh});
-    unless ($env{'user.adv'}) { 
+    if ($countactive == 1) {
+        if ($env{'request.course.id'}) {
+            if ($env{'course.'.$env{'request.course.id'}.'.type'} eq 'Placement') {
+                $placementonly = 1;
+            }
+        } elsif ($possiblerole) {
+            if ($possiblerole =~ m{^st\./($match_domain)/($match_courseid)(?:/|$)}) {
+                if ($env{'course.'.$1.'_'.$2.'.type'} eq 'Placement') {
+                    $placementonly = 1;
+                }
+            }
+        }
+    }
+    if ((($cattype eq 'std') || ($cattype eq 'domonly')) && (!$env{'user.adv'}) &&
+          (!$placementonly)) {
         if ($countactive > 0) {
             my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
             my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&'); 
             $r->print(
                 '<p>'
-               .&mt('[_1]Visit the [_2]Course/Community Catalog[_3]'
-                   .' to view all [_4] LON-CAPA courses and communities.'
+               .&mt('[_1]Visit the [_2]Course/Community Catalog[_3][_4]'
+                   .' to view all [_5] LON-CAPA courses and communities.'
                    ,'<b>'
                    ,'<a href="/adm/coursecatalog?showdom='.$esc_dom.'">'
-                   ,'</a></b>',$domdesc)
+                   ,'</a>'
+                   ,'</b>'
+                   ,'"'.$domdesc.'"')
                .'<br />'
                .&mt('If a course or community is [_1]not[_2] in your list of current courses and communities below,'
                    .' you may be able to enroll if self-enrollment is permitted.'
@@ -883,20 +1221,18 @@ ENDHEADER
 
 # No active roles
     if ($countactive==0) {
-	if ($inrole) {
-	    $r->print('<h2>'.&mt('Currently no additional roles, courses or communities').'</h2>');
-	} else {
-	    $r->print('<h2>'.&mt('Currently no active roles, courses or communities').'</h2>');
-	}
-        &findcourse_advice($r);
-        &requestcourse_advice($r); 
+        my $elapsed = 0;
+        if ($now && $update) {
+            $elapsed = $now - $update;
+        }
+        &requestcourse_advice($r,$cattype,$inrole,$elapsed); 
 	$r->print('</form>');
         if ($countfuture) {
             $r->print(&mt('The following [quant,_1,role,roles] will become active in the future:',$countfuture));
             my $doheaders = &roletable_headers($r,\%roleclass,\%sortrole,
                                                $nochoose);
             &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,
-                            \%roletext);
+                            \%roletext,$update,$then);
             my $tremark='';
             my $tbg;
             if ($env{'request.role'} eq 'cm') {
@@ -918,13 +1254,25 @@ ENDHEADER
         }
         $r->print(&Apache::loncommon::end_page());
 	return OK;
+    } elsif (($placementonly) && ($env{'request.role'} eq 'cm')) {
+	$r->print('<h3>'.&mt('Please stand by.').'</h3>
+	          <input type="hidden" name="'.$possiblerole.'" value="1" />
+                  <noscript><br />
+                  <input type="submit" name="submit" value="'.&mt('Continue').'" />
+                  </noscript></form>');
+	$r->rflush();
+	$r->print('<script type="text/javascript">document.forms.rolechoice.submit();</script>');
+	$r->print(&Apache::loncommon::end_page());
+	return OK;
     }
 # ----------------------------------------------------------------------- Table
 
+    if (($numdc > 0) || (($numhelpdesk > 0) && ($numadhoc > 0))) {
+        $r->print(&coursepick_jscript().
+                  &Apache::loncommon::coursebrowser_javascript());
+    }
     if ($numdc > 0) {
-        $r->print(&coursepick_jscript());
-        $r->print(&Apache::loncommon::coursebrowser_javascript().
-                  &Apache::loncommon::authorbrowser_javascript());
+        $r->print(&Apache::loncommon::authorbrowser_javascript());
     }
 
     unless ((!&Apache::loncommon::show_course()) || ($nochoose) || ($countactive==1)) {
@@ -954,9 +1302,11 @@ ENDHEADER
                                $roletext{'user.role.'.$role}->[1].
                                &Apache::loncommon::end_data_table_row();
                 }
-                if ($role =~ m{dc\./($match_domain)/} 
+                if ($role =~ m{^dc\./($match_domain)/$} 
 		    && $dcroles{$1}) {
 		    $output .= &adhoc_roles_row($1,'recent');
+                } elsif ($role =~ m{^(dh|da)\./($match_domain)/$}) {
+                    $output .= &adhoc_customroles_row($1,$2,'recent',$update,$then);
                 }
 	    } elsif ($numdc > 0) {
                 unless ($role =~/^error\:/) {
@@ -985,7 +1335,7 @@ ENDHEADER
             $doheaders ++;
 	}
     }
-    &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext);
+    &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext,$update,$then);
     if ($countactive > 1) {
         my $tremark='';
         my $tbg;
@@ -1030,11 +1380,7 @@ ENDHEADER
         my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
         $r->print('<p><small><i>'
                  .&mt('This LON-CAPA server is version [_1]',$r->dir_config('lonVersion'))
-                 .'</i><br />'
-                 .'<a href="/adm/logout">'.&mt('Logout').'</a>&nbsp;&nbsp;'
-                 .'<a href="/adm/coursecatalog?showdom='.$esc_dom.'">'
-                 .&mt('Course/Community Catalog')
-                 .'</a></small></p>');
+                 .'</i></small></p>');
     }
     $r->print(&Apache::loncommon::end_page());
     return OK;
@@ -1065,7 +1411,9 @@ sub gather_roles {
     my $advanced = $env{'user.adv'};
     my $tryagain = $env{'form.tryagain'};
     my @ids = &Apache::lonnet::current_machine_ids();
+    my (%willtrust,%trustchecked);
     if (ref($roles_in_env) eq 'HASH') {
+        my %adhocdesc;
         foreach my $envkey (sort(keys(%{$roles_in_env}))) {
             my $button = 1;
             my $switchserver='';
@@ -1117,31 +1465,49 @@ sub gather_roles {
                 my $trole;
                 if ($role =~ /^cr\//) {
                     my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
-                    if ($tremark) { $tremark.='<br />'; }
-                    $tremark.=&mt('Customrole defined by [_1].',$rauthor.':'.$rdomain);
+                    unless ($rauthor eq $rdomain.'-domainconfig') {
+                        if ($tremark) { $tremark.='<br />'; }
+                        $tremark.=&mt('Custom role defined by [_1].',$rauthor.':'.$rdomain);
+                    }
                 }
                 $trole=Apache::lonnet::plaintext($role);
                 my $ttype;
                 my $twhere;
+                my $skipcal;
                 my ($tdom,$trest,$tsection)=
                     split(/\//,Apache::lonnet::declutter($where));
                 # First, Co-Authorship roles
                 if (($role eq 'ca') || ($role eq 'aa')) {
                     my $home = &Apache::lonnet::homeserver($trest,$tdom);
                     my $allowed=0;
+                    my $prohibited;
                     foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
                     if (!$allowed) {
                         $button=0;
-                        $switchserver='otherserver='.$home.'&amp;role='.$trolecode;
+                        unless ($trustchecked{$tdom}) {
+                            if ((&Apache::lonnet::will_trust('othcoau',$env{'user.domain'},$tdom)) &&
+                                (&Apache::lonnet::will_trust('coaurem',$tdom,$env{'user.domain'}))) {
+                                $willtrust{$tdom} = 1;
+                                $trustchecked{$tdom} = 1;
+                            }
+                        } 
+                        if ($willtrust{$tdom}) {
+                            $switchserver='otherserver='.$home.'&amp;role='.$trolecode;
+                        } else {
+                            $prohibited = 1;
+                            $tremark .= &mt('Session switch required but prohibited.');
+                        }
                     }
                     #next if ($home eq 'no_host');
                     $home = &Apache::lonnet::hostname($home);
-                    $ttype='Construction Space';
+                    $ttype='Authoring Space';
                     $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain').
                         ': '.$tdom.'<br />'.
                         ' '.&mt('Server').':&nbsp;'.$home;
                     $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
-                    $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
+                    unless ($prohibited) {
+                        $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
+                    }
                     $sortkey=$role."$trest:$tdom";
                 } elsif ($role eq 'au') {
                     # Authors
@@ -1155,7 +1521,7 @@ sub gather_roles {
                     }
                     #next if ($home eq 'no_host');
                     $home = &Apache::lonnet::hostname($home);
-                    $ttype='Construction Space';
+                    $ttype='Authoring Space';
                     $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server').
                         ':&nbsp;'.$home;
                     $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
@@ -1164,7 +1530,32 @@ sub gather_roles {
                 } elsif ($trest) {
                     my $tcourseid=$tdom.'_'.$trest;
                     $ttype = &Apache::loncommon::course_type($tcourseid);
-                    $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid);
+                    if ($role !~ /^cr/) {
+                        $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid);
+                    } elsif ($role =~ m{^\Qcr/$tdom/$tdom\E\-domainconfig/(\w+)$}) {
+                        my $rolename = $1;
+                        my $desc;
+                        if (ref($adhocdesc{$tdom}) eq 'HASH') {
+                            $desc = $adhocdesc{$tdom}{$rolename};
+                        } else {
+                            my %domdef = &Apache::lonnet::get_domain_defaults($tdom);
+                            if (ref($domdef{'adhocroles'}) eq 'HASH') {
+                                foreach my $rolename (sort(keys(%{$domdef{'adhocroles'}}))) {
+                                    if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
+                                        $adhocdesc{$tdom}{$rolename} = $domdef{'adhocroles'}{$rolename}{'desc'};
+                                        $desc = $adhocdesc{$tdom}{$rolename};
+                                    }
+                                }
+                            }
+                        }
+                        if ($desc ne '') {
+                            $trole = $desc;
+                        } else {
+                            $trole = &mt('Helpdesk[_1]','&nbsp;'.$rolename);
+                        }
+                    } else {
+                        $trole = (split(/\//,$role,4))[-1];
+                    }
                     if ($env{'course.'.$tcourseid.'.description'}) {
                         my $home=$env{'course.'.$tcourseid.'.home'};
                         $twhere=$env{'course.'.$tcourseid.'.description'};
@@ -1178,7 +1569,7 @@ sub gather_roles {
                                 my $required = $env{'course.'.$tcourseid.'.internal.releaserequired'};
                                 if ($required ne '') {
                                     ($switchserver,$switchwarning) = 
-                                        &check_release_required($loncaparev,$tcourseid,$trolecode,$required);
+                                        &Apache::loncommon::check_release_required($loncaparev,$tcourseid,$trolecode,$required);
                                     if ($switchserver || $switchwarning) {
                                         $button = 0;
                                     }
@@ -1201,7 +1592,7 @@ sub gather_roles {
                                 my $required = $newhash{'internal.releaserequired'};
                                 if ($required ne '') {
                                     ($switchserver,$switchwarning) =
-                                        &check_release_required($loncaparev,$tcourseid,$trolecode,$required);
+                                        &Apache::loncommon::check_release_required($loncaparev,$tcourseid,$trolecode,$required);
                                     if ($switchserver || $switchwarning) {
                                         $button = 0;
                                     }
@@ -1212,8 +1603,12 @@ sub gather_roles {
                             $env{'course.'.$tcourseid.'.description'}=$twhere;
                             $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
                             $ttype = 'Unavailable';
+                            $skipcal = 1;
                         }
                     }
+                    if ($ttype eq 'Placement') {
+                        $ttype = 'Placement Test';
+                    }
                     if ($tsection) {
                         $twhere.='<br />'.&mt('Section').': '.$tsection;
                     }
@@ -1230,7 +1625,8 @@ sub gather_roles {
                 ($role_text,$role_text_end) =
                     &build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,
                                     $advanced,$tremark,$tbg,$trole,$twhere,$tpstart,
-                                    $tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning);
+                                    $tpend,$nochoose,$button,$switchserver,$reinit,
+                                    $switchwarning,$skipcal);
                 $roletext->{$envkey}=[$role_text,$role_text_end];
                 if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
                 $sortrole->{$sortkey}=$envkey;
@@ -1302,7 +1698,7 @@ sub roletable_headers {
     my $doheaders;
     if ((ref($sortrole) eq 'HASH') && (ref($roleclass) eq 'HASH')) {
         $r->print('<br />'
-                 .&Apache::loncommon::start_data_table()
+                 .&Apache::loncommon::start_data_table('LC_textsize_mobile')
                  .&Apache::loncommon::start_data_table_header_row()
         );
         if (!$nochoose) { $r->print('<th>&nbsp;</th>'); }
@@ -1328,12 +1724,12 @@ sub roletable_headers {
 }
 
 sub roletypes {
-    my @types = ('Domain','Construction Space','Course','Community','Unavailable','System');
+    my @types = ('Domain','Authoring Space','Course','Placement Test','Community','Unavailable','System');
     return @types; 
 }
 
 sub print_rolerows {
-    my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext) = @_;
+    my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext,$update,$then) = @_;
     if ((ref($roleclass) eq 'HASH') && (ref($sortrole) eq 'HASH')) {
         my @types = &roletypes();
         foreach my $type (@types) {
@@ -1351,12 +1747,14 @@ sub print_rolerows {
                                            &Apache::loncommon::end_data_table_row();
                             }
                         }
-                        if ($sortrole->{$which} =~ m-dc\./($match_domain)/-) {
+                        if ($sortrole->{$which} =~ m{^user\.role\.dc\./($match_domain)/}) {
                             if (ref($dcroles) eq 'HASH') {
                                 if ($dcroles->{$1}) {
                                     $output .= &adhoc_roles_row($1,'');
                                 }
                             }
+                        } elsif ($sortrole->{$which} =~ m{^user\.role\.(dh|da)\./($match_domain)/}) {
+                            $output .= &adhoc_customroles_row($1,$2,'',$update,$then);
                         }
                     }
                 }
@@ -1377,52 +1775,57 @@ sub print_rolerows {
 }
 
 sub findcourse_advice {
-    my ($r) = @_;
+    my ($r,$cattype,$elapsed) = @_;
     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
     my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
     if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) {
-        $r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
+        $r->print('<p>'.&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
 <ul>
  <li>'.&mt('The course has yet to be created.').'</li>
  <li>'.&mt('Automatic enrollment of registered students has not been enabled for the course.').'</li>
  <li>'.&mt('You are in a section of course for which automatic enrollment in the corresponding LON-CAPA course is not active.').'</li>
  <li>'.&mt('The start date for automated enrollment has yet to be reached.').'</li>
  <li>'.&mt('You registered for the course recently and there is a time lag between the time you register, and the time this information becomes available for the update of LON-CAPA course rosters.').'</li>
- </ul>');
+ <li>'.&mt('Automated enrollment added you to the course in the time since you last logged-in.').' '.&mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'</li>   
+ </ul></p>');
     } else {
-        $r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'<br />');
+        $r->print('<p>'.&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'</p>');
+        if ($elapsed > 600) {
+            $r->print('<p>'.&mt('You may also have been assigned to a course in the time since you last logged-in, or checked for changes').
+                      '<br />'.
+                      &mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'</p>');
+        }  
+    }
+    if (($cattype eq 'std') || ($cattype eq 'domonly')) {
+        $r->print('<h3>'.&mt('Self-Enrollment').'</h3>'.
+                  '<p>'.&mt('The [_1]Course/Community Catalog[_2] provides information about all [_3] classes for which LON-CAPA courses have been created, as well as any communities in the domain.','<a href="/adm/coursecatalog?showdom='.$esc_dom.'">','</a>',$domdesc).'<br />');
+        $r->print(&mt('You can search for courses and communities which permit self-enrollment, if you would like to enroll in one.').'</p>'.
+        &Apache::loncoursequeueadmin::queued_selfenrollment());
     }
-    $r->print('<h3>'.&mt('Self-Enrollment').'</h3>'.
-              '<p>'.&mt('The [_1]Course/Community Catalog[_2] provides information about all [_3] classes for which LON-CAPA courses have been created, as well as any communities in the domain.','<a href="/adm/coursecatalog?showdom='.$esc_dom.'">','</a>',$domdesc).'<br />');
-    $r->print(&mt('You can search for courses and communities which permit self-enrollment, if you would like to enroll in one.').'</p>'.
-              &Apache::loncoursequeueadmin::queued_selfenrollment());
     return;
 }
 
 sub requestcourse_advice {
-    my ($r) = @_;
+    my ($r,$cattype,$inrole,$elapsed) = @_;
     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
     my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
-    my (%can_request,%request_doms);
+    my (%can_request,%request_doms,$output);
     &Apache::lonnet::check_can_request($env{'user.domain'},\%can_request,\%request_doms);
     if (keys(%request_doms) > 0) {
         my ($types,$typename) = &Apache::loncommon::course_types();
         if ((ref($types) eq 'ARRAY') && (ref($typename) eq 'HASH')) { 
-            $r->print('<h3>'.&mt('Request creation of a course or community').'</h3>'.
-                      '<p>'.&mt('You have rights to request the creation of courses and/or communities in the following domain(s):').'<ul>');
             my (@reqdoms,@reqtypes);
             foreach my $type (sort(keys(%request_doms))) {
                 push(@reqtypes,$type); 
                 if (ref($request_doms{$type}) eq 'ARRAY') {
                     my $domstr = join(', ',map { &Apache::lonnet::domain($_) } sort(@{$request_doms{$type}}));
-                    $r->print(
+                    $output .=
                         '<li>'
                        .&mt('[_1]'.$typename->{$type}.'[_2] in domain: [_3]',
                             '<i>',
                             '</i>',
                             '<b>'.$domstr.'</b>')
-                       .'</li>'
-                    );
+                       .'</li>';
                     foreach my $dom (@{$request_doms{$type}}) {
                         unless (grep(/^\Q$dom\E/,@reqdoms)) {
                             push(@reqdoms,$dom);
@@ -1445,9 +1848,26 @@ sub requestcourse_advice {
             }
             if (@reqdoms == 1 || @showtypes > 0) {
                 $requrl .= '&state=crstype&action=new';
-            } 
-            $r->print('</ul>'.&mt('Use the [_1]request form[_2] to submit a request for creation of a new course or community.','<a href="'.$requrl.'">','</a>').'</p>');
+            }
+            if ($output) {
+                $r->print('<h3>'.&mt('Request creation of a course or community').'</h3>'.
+                          '<p>'.
+                          &mt('You have rights to request the creation of courses and/or communities in the following domain(s):').
+                          '<ul>'.
+                          $output.
+                          '</ul>'.
+                          &mt('Use the [_1]request form[_2] to submit a request for creation of a new course or community.',
+                              '<a href="'.$requrl.'">','</a>').
+                          '</p>');
+            }
+        }
+    } elsif (!$env{'user.adv'}) {
+       if ($inrole) {
+            $r->print('<h3>'.&mt('Currently no additional roles, courses or communities').'</h3>');
+        } else {
+            $r->print('<h3>'.&mt('Currently no active roles, courses or communities').'</h3>');
         }
+        &findcourse_advice($r,$cattype,$elapsed);
     }
     return;
 }
@@ -1467,7 +1887,7 @@ sub privileges_info {
 	my (undef,$tdom,$trest,$tsec)=split(m{/},$where);
 	if ($trest) {
 	    if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') {
-		$ttype='Construction Space';
+		$ttype='Authoring Space';
 		$twhere='User: '.$trest.', Domain: '.$tdom;
 	    } else {
 		$ttype= &Apache::loncommon::course_type($tdom.'_'.$trest);
@@ -1508,10 +1928,13 @@ sub privileges_info {
 }
 
 sub build_roletext {
-    my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning) = @_;
-    my ($roletext,$roletext_end);
-    my $is_dc=($trolecode =~ m/^dc\./);
-    my $rowspan=($is_dc) ? ''
+    my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere,
+        $tpstart,$tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning,$skipcal) = @_;
+    my ($roletext,$roletext_end,$poss_adhoc);
+    if ($trolecode =~ m/^d(c|h|a)\./) {
+        $poss_adhoc = 1;
+    }
+    my $rowspan=($poss_adhoc) ? ''
                          : ' rowspan="2" ';
 
     unless ($nochoose) {
@@ -1564,7 +1987,7 @@ sub build_roletext {
                         $trolecode."','".$buttonname.'\');" /></td>';
         }
     }
-    if ($trolecode !~ m/^(dc|ca|au|aa)\./) {
+    if (($trolecode !~ m/^(dc|ca|au|aa)\./)  && (!$skipcal)) {
 	$tremark.=&Apache::lonannounce::showday(time,1,
 			 &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
     }
@@ -1572,7 +1995,7 @@ sub build_roletext {
               .'<td>'.$twhere.'</td>'
               .'<td>'.$tpstart.'</td>'
               .'<td>'.$tpend.'</td>';
-    if (!$is_dc) {
+    unless ($poss_adhoc) {
         $roletext_end = '<td colspan="4">'.
                         $tremark.'&nbsp;'.
                         '</td>';
@@ -1580,24 +2003,6 @@ sub build_roletext {
     return ($roletext,$roletext_end);
 }
 
-sub check_needs_switchserver {
-    my ($possiblerole) = @_;
-    my $needs_switchserver;
-    my ($role,$where) = split(/\./,$possiblerole,2);
-    my (undef,$tdom,$twho) = split(/\//,$where);
-    my ($server_status,$home);
-    if (($role eq 'ca') || ($role eq 'aa')) {
-        ($server_status,$home) = &check_author_homeserver($twho,$tdom);
-    } else {
-        ($server_status,$home) = &check_author_homeserver($env{'user.name'},
-                                                          $env{'user.domain'});
-    }
-    if ($server_status eq 'switchserver') {
-        $needs_switchserver = 1;
-    }
-    return $needs_switchserver;
-}
-
 sub check_author_homeserver {
     my ($uname,$udom)=@_;
     if (($uname eq '') || ($udom eq '')) {
@@ -1615,29 +2020,44 @@ sub check_author_homeserver {
     }
 }
 
-sub check_fordc {
-    my ($dcroles,$update,$then) = @_;
+sub check_for_adhoc {
+    my ($dcroles,$helpdeskroles,$update,$then) = @_;
     my $numdc = 0;
-    if ($env{'user.adv'}) {
-        foreach my $envkey (sort keys %env) {
-            if ($envkey=~/^user\.role\.dc\.\/($match_domain)\/$/) {
-                my $dcdom = $1;
-                my $livedc = 1;
+    my $numhelpdesk = 0;
+    my $numadhoc = 0;
+    my $num_custom_adhoc = 0; 
+    if (($env{'user.adv'}) || ($env{'user.rar'})) {
+        foreach my $envkey (sort(keys(%env))) {
+            if ($envkey=~/^user\.role\.(dc|dh|da)\.\/($match_domain)\/$/) {
+                my $role = $1;
+                my $roledom = $2;
+                my $liverole = 1;
                 my ($tstart,$tend)=split(/\./,$env{$envkey});
                 my $limit = $update;
-                if ($env{'request.role'} eq 'dc./'.$dcdom.'/') {
+                if ($env{'request.role'} eq "$role./$roledom/") {
                     $limit = $then;
                 }
-                if ($tstart && $tstart>$limit) { $livedc = 0; }
-                if ($tend   && $tend  <$limit) { $livedc = 0; }
-                if ($livedc) {
-                    $$dcroles{$dcdom} = $envkey;
-                    $numdc++;
+                if ($tstart && $tstart>$limit) { $liverole = 0; }
+                if ($tend   && $tend  <$limit) { $liverole = 0; }
+                if ($liverole) {
+                    if ($role eq 'dc') {
+                        $dcroles->{$roledom} = $envkey;
+                        $numdc++;
+                    } else {
+                        $helpdeskroles->{$roledom} = $envkey;
+                        my %domdefaults = &Apache::lonnet::get_domain_defaults($roledom);
+                        if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
+                            if (keys(%{$domdefaults{'adhocroles'}})) {
+                                $numadhoc ++;
+                            }
+                        }
+                        $numhelpdesk++;
+                    }
                 }
             }
         }
     }
-    return $numdc;
+    return ($numdc,$numhelpdesk,$numadhoc);
 }
 
 sub adhoc_course_role {
@@ -1663,7 +2083,7 @@ sub adhoc_course_role {
             }
         }
         if ($setprivs) {
-            if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)([\w/]*)\./\Q$cdom\E/\Q$cnum\E/?(\w*)$-) {
+            if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)(.*?)\./\Q$cdom\E/\Q$cnum\E/?(\w*)$-) {
                 my $role = $1;
                 my $custom_role = $2;
                 my $usec = $3;
@@ -1678,9 +2098,15 @@ sub adhoc_course_role {
                 my %cgroups =
                     &Apache::lonnet::get_active_groups($env{'user.domain'},
                                             $env{'user.name'},$cdom,$cnum);
+                my $ccrole;
+                if ($crstype eq 'Community') {
+                    $ccrole = 'co';
+                } else {
+                    $ccrole = 'cc';
+                }
                 foreach my $group (keys(%cgroups)) {
                     $group_privs{$group} =
-                        $env{'user.priv.cc./'.$cdom.'/'.$cnum.'./'.$cdom.'/'.$cnum.'/'.$group};
+                        $env{'user.priv.'.$ccrole.'./'.$cdom.'/'.$cnum.'./'.$cdom.'/'.$cnum.'/'.$group};
                 }
                 $newgroups{'/'.$cdom.'/'.$cnum} = \%group_privs;
                 my $area = '/'.$cdom.'/'.$cnum;
@@ -1728,76 +2154,26 @@ sub check_forcc {
     return $is_cc;
 }
 
-sub check_release_required {
-    my ($loncaparev,$tcourseid,$trolecode,$required) = @_;
-    my ($switchserver,$warning);
-    if ($required ne '') {
-        my ($reqdmajor,$reqdminor) = ($required =~ /^(\d+)\.(\d+)$/);
-        my ($major,$minor) = ($loncaparev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
-        if ($reqdmajor ne '' && $reqdminor ne '') {
-            my $otherserver;
-            if (($major eq '' && $minor eq '') || 
-                (($reqdmajor > $major) || (($reqdmajor == $major) && ($reqdminor > $minor)))) {
-                my ($userdomserver) = &Apache::lonnet::choose_server($env{'user.domain'});
-                my $switchlcrev = 
-                    &Apache::lonnet::get_server_loncaparev($env{'user.domain'},
-                                                           $userdomserver);
-                my ($swmajor,$swminor) = ($switchlcrev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
-                if (($swmajor eq '' && $swminor eq '') || ($reqdmajor > $swmajor) || 
-                    (($reqdmajor == $swmajor) && ($reqdminor > $swminor))) {
-                    my $cdom = $env{'course.'.$tcourseid.'.domain'};
-                    if ($cdom ne $env{'user.domain'}) {
-                        my ($coursedomserver,$coursehostname) = &Apache::lonnet::choose_server($cdom); 
-                        my $serverhomeID = &Apache::lonnet::get_server_homeID($coursehostname);
-                        my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);
-                        my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);
-                        my %udomdefaults = &Apache::lonnet::get_domain_defaults($env{'user.domain'});
-                        my $remoterev = &Apache::lonnet::get_server_loncaparev($serverhomedom,$coursedomserver);
-                        my $canhost =
-                            &Apache::lonnet::can_host_session($env{'user.domain'},
-                                                              $coursedomserver,
-                                                              $remoterev,
-                                                              $udomdefaults{'remotesessions'},
-                                                              $defdomdefaults{'hostedsessions'});
-
-                        if ($canhost) {
-                            $otherserver = $coursedomserver;
-                        } else {
-                            $warning = &mt('Requires LON-CAPA version [_1].',$env{'course.'.$tcourseid.'.internal.releaserequired'}).'<br />'. &mt("No suitable server could be found amongst servers in either your own domain or in the course's domain.");
-                        }
-                    } else {
-                        $warning = &mt('Requires LON-CAPA version [_1].',$env{'course.'.$tcourseid.'.internal.releaserequired'}).'<br />'.&mt("No suitable server could be found amongst servers in your own domain (which is also the course's domain).");
-                    }
-                } else {
-                    $otherserver = $userdomserver;
-                }
-            }
-            if ($otherserver ne '') {
-                $switchserver = 'otherserver='.$otherserver.'&amp;role='.$trolecode;
-            }
-        }
-    }
-    return ($switchserver,$warning);
-}
-
 sub courselink {
-    my ($dcdom,$rowtype) = @_;
+    my ($roledom,$rowtype,$role) = @_;
     my $courseform=&Apache::loncommon::selectcourse_link
-                   ('rolechoice','dccourse'.$rowtype.'_'.$dcdom,
-                    'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'.
-                    $dcdom,$dcdom,undef,'Course/Community');
-    my $hiddenitems = '<input type="hidden" name="dcdomain'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
-                      '<input type="hidden" name="origdom'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
-                      '<input type="hidden" name="dccourse'.$rowtype.'_'.$dcdom.'" value="" />'.
-                      '<input type="hidden" name="coursedesc'.$rowtype.'_'.$dcdom.'" value="" />';
+                   ('rolechoice','course'.$rowtype.'_'.$roledom.'_'.$role,
+                    'domain'.$rowtype.'_'.$roledom.'_'.$role,
+                    'coursedesc'.$rowtype.'_'.$roledom.'_'.$role,
+                    $roledom.':'.$role,undef,'Course/Community');
+    my $hiddenitems = '<input type="hidden" name="domain'.$rowtype.'_'.$roledom.'_'.$role.'" value="'.$roledom.'" />'.
+                      '<input type="hidden" name="origdom'.$rowtype.'_'.$roledom.'_'.$role.'" value="'.$roledom.'" />'.
+                      '<input type="hidden" name="course'.$rowtype.'_'.$roledom.'_'.$role.'" value="" />'.
+                      '<input type="hidden" name="coursedesc'.$rowtype.'_'.$roledom.'_'.$role.'" value="" />';
     return $courseform.$hiddenitems;
 }
 
 sub coursepick_jscript {
-    my %lt = &Apache::lonlocal::texthash(
+    my %js_lt = &Apache::lonlocal::texthash(
                   plsu => "Please use the 'Select Course/Community' link to open a separate pick course window where you may select the course or community you wish to enter.",
                   youc => 'You can only use this screen to select courses and communities in the current domain.',
              );
+    &js_escape(\%js_lt);
     my $verify_script = <<"END";
 <script type="text/javascript">
 // <![CDATA[
@@ -1814,11 +2190,11 @@ function verifyCoursePick(caller) {
             }
         }
         else {
-            alert("$lt{'plsu'}");
+            alert("$js_lt{'plsu'}");
         }
     }
     else {
-        alert("$lt{'youc'}")
+        alert("$js_lt{'youc'}")
     }
 }
 function getIndex(caller) {
@@ -1856,6 +2232,7 @@ sub display_cc_role {
             my $trolecode = $ccrole.'./'.$tdom.'/'.$trest;
             my $twhere;
             my $ttype;
+            my $skipcal;
             my $tbg='LC_roles_is';
             my %newhash=&Apache::lonnet::coursedescription($tcourseid);
             if (%newhash) {
@@ -1867,10 +2244,11 @@ sub display_cc_role {
             } else {
                 $twhere=&mt('Currently not available');
                 $env{'course.'.$tcourseid.'.description'}=$twhere;
+                $skipcal = 1;
             }
             my $trole = &Apache::lonnet::plaintext($ccrole,$ttype,$tcourseid);
             $twhere.="<br />".&mt('Domain').":".$tdom;
-            ($roletext,$roletext_end) = &build_roletext($trolecode,$tdom,$trest,'is',$tryagain,$advanced,'',$tbg,$trole,$twhere,'','','',1,'');
+            ($roletext,$roletext_end) = &build_roletext($trolecode,$tdom,$trest,'is',$tryagain,$advanced,'',$tbg,$trole,$twhere,'','','',1,'','','',$skipcal);
         }
     }
     return ($roletext,$roletext_end);
@@ -1879,11 +2257,12 @@ sub display_cc_role {
 sub adhoc_roles_row {
     my ($dcdom,$rowtype) = @_;
     my $output = &Apache::loncommon::continue_data_table_row()
-                 .' <td colspan="5">'
-                 .&mt('[_1]Ad hoc[_2] roles in domain [_3] --'
+                 .' <td colspan="5" class="LC_textsize_mobile">'
+                 .&mt('[_1]Ad hoc[_2] roles in domain [_3]'
                      ,'<span class="LC_cusr_emph">','</span>',$dcdom)
-                 .' ';
-    my $selectcclink = &courselink($dcdom,$rowtype);
+                 .' -- ';
+    my $role = 'cc';
+    my $selectcclink = &courselink($dcdom,$rowtype,$role);
     my $ccrole = &Apache::lonnet::plaintext('co',undef,undef,1);
     my $carole = &Apache::lonnet::plaintext('ca');
     my $selectcalink = &coauthorlink($dcdom,$rowtype);
@@ -1893,6 +2272,30 @@ sub adhoc_roles_row {
     return $output;
 }
 
+sub adhoc_customroles_row {
+    my ($role,$dhdom,$rowtype,$update,$then) = @_;
+    my $liverole = 1;
+    my ($tstart,$tend)=split(/\./,$env{"user.role.$role./$dhdom/"});
+    my $limit = $update;
+    if (($role eq 'dh') && ($env{'request.role'} eq 'dh./'.$dhdom.'/')) {
+        $limit = $then;
+    }
+    if ($tstart && $tstart>$limit) { $liverole = 0; }
+    if ($tend   && $tend  <$limit) { $liverole = 0; }
+    return unless ($liverole);
+    my %domdefaults = &Apache::lonnet::get_domain_defaults($dhdom); 
+    if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
+        if (scalar(keys(%{$domdefaults{'adhocroles'}})) > 0) {
+            return &Apache::loncommon::continue_data_table_row()
+                  .' <td colspan="5" class="LC_textsize_mobile">'
+                  .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3]',
+                       '<span class="LC_cusr_emph">','</span>',$dhdom)
+                  .' -- '.&courselink($dhdom,$rowtype,$role);
+        }
+    }
+    return;
+}
+
 sub recent_filename {
     my $area=shift;
     return 'nohist_recent_'.&escape($area);
@@ -2209,7 +2612,8 @@ sub update_session_roles {
         my $status_in_env =
             &curr_role_status($currstart,$currend,$refresh,$update);
         my ($rolekey) = ($envkey =~ /^user\.role\.(.+)$/);
-        my ($role,$rest)=split(/\./,$rolekey,2);
+        my ($role,$rest)=split(m{\./},$rolekey,2);
+        $rest = '/'.$rest;
         if (&Apache::lonnet::delenv($envkey,undef,[$role])) {
             if ($status_in_env eq 'active') {
                 if ($role eq 'gr') {
@@ -2421,9 +2825,11 @@ sub update_session_roles {
                                 &unescape($groupinfo{'description'});
                         }
                         $groupdesc = $groupdescs{$cdom.'_'.$cnum}{$group};
-                        $groupmsg .= '<li>'.
-                                     &mt('[_1] with status: [_2].',
-                                     '<b>'.$groupdesc.'</b>',$newgroup{$item}).'</li>';
+                        if ($groupdesc) {
+                            $groupmsg .= '<li>'.
+                                         &mt('[_1] with status: [_2].',
+                                         '<b>'.$groupdesc.'</b>',$newgroup{$item}).'</li>';
+                        }
                     }
                 }
                 if ($groupmsg) {
@@ -2437,47 +2843,67 @@ sub update_session_roles {
             }
         }
         if (keys(%newrole) > 0) {
-            $changemsg .= '<li>'.&mt('New roles').
-                          '<ul>';
+            my $newmsg;
             foreach my $item (sort(keys(%newrole))) {
                 my $desc = &role_desc($item,$update,$refresh,$now);
-                $changemsg .= '<li>'.
-                              &mt('[_1] with status: [_2].',
-                              $desc,$newrole{$item}).'</li>';
+                if ($desc) {
+                    $newmsg .= '<li>'.
+                               &mt('[_1] with status: [_2].',
+                               $desc,&mt($newrole{$item})).'</li>';
+                }
+            }
+            if ($newmsg) {
+                $changemsg .= '<li>'.&mt('New roles').
+                              '<ul>'.$newmsg.'</ul>'.
+                              '</li>';
             }
-            $changemsg .= '</ul></li>';
         }
         if (keys(%customprivchg) > 0) {
-            $changemsg .= '<li>'.
-                          &mt('Custom roles with privilege changes').
-                          '<ul>';
+            my $privmsg;
             foreach my $item (sort(keys(%customprivchg))) {
                 my $desc = &role_desc($item,$update,$refresh,$now);
-                $changemsg .= '<li>'.$desc.'</li>';
+                if ($desc) {
+                    $privmsg .= '<li>'.$desc.'</li>';
+                }
             }
-            $changemsg .= '</ul></li>';
+            if ($privmsg) {
+                $changemsg .= '<li>'.
+                              &mt('Custom roles with privilege changes').
+                              '<ul>'.$privmsg.'</ul>'.
+                              '</li>';
+             }
         }
         if (keys(%rolechange) > 0) {
-            $changemsg .= '<li>'.
-                          &mt('Existing roles with status changes').'</li>'.
-                          '<ul>';
+            my $rolemsg;
             foreach my $item (sort(keys(%rolechange))) {
                 my $desc = &role_desc($item,$update,$refresh,$now);  
+                if ($desc) {
+                    $rolemsg .= '<li>'.
+                                &mt('[_1] status now: [_2].',$desc,
+                                $rolechange{$item}).'</li>';
+                }
+            }
+            if ($rolemsg) {
                 $changemsg .= '<li>'.
-                              &mt('[_1] status now: [_2].',$desc,
-                              $rolechange{$item}).'</li>';
+                              &mt('Existing roles with status changes').'</li>'.
+                              '<ul>'.$rolemsg.'</ul>'.
+                              '</li>';
             }
-            $changemsg .= '</ul></li>';
         }
         if (keys(%deletedroles) > 0) {
-            $changemsg .= '<li>'.
-                          &mt('Existing roles now expired').'</li>'.
-                          '<ul>';
+            my $delmsg;
             foreach my $item (sort(keys(%deletedroles))) {
                 my $desc = &role_desc($item,$update,$refresh,$now);
-                $changemsg .= '<li>'.$desc.'</li>';
+                if ($desc) {
+                    $delmsg .= '<li>'.$desc.'</li>';
+                }
+            }
+            if ($delmsg) {
+                $changemsg .= '<li>'.
+                              &mt('Existing roles now expired').'</li>'.
+                              '<ul>'.$delmsg.'</ul>'.
+                              '</li>';
             }
-            $changemsg .= '</ul></li>';
         }
     }
     if ((keys(%changed_groups) > 0) || (keys(%groupchange) > 0)) {
@@ -2537,6 +2963,12 @@ sub update_session_roles {
     }
     if ($changemsg) {
         $msg .= '<ul>'.$changemsg.'</ul>';
+    } else {
+        if (&Apache::loncommon::show_course()) {
+            $msg = &mt('No new courses or communities');
+        } else {
+            $msg = &mt('No role changes');
+        }
     }
     return $msg;
 }
@@ -2545,11 +2977,13 @@ sub role_desc {
     my ($item,$update,$refresh,$now) = @_;
     my ($where,$trolecode,$role,$tstatus,$tend,$tstart,$twhere,
         $trole,$tremark);
-    &Apache::lonnet::role_status('user.role.'.$item,$update,$refresh,                                      $now,\$role,\$where, \$trolecode,
+    &Apache::lonnet::role_status('user.role.'.$item,$update,$refresh,
+                                 $now,\$role,\$where,\$trolecode,
                                  \$tstatus,\$tstart,\$tend);
+    return unless ($role);
     if ($role =~ /^cr\//) {
         my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
-        $tremark = &mt('Customrole defined by [_1].',$rauthor.':'.$rdomain);
+        $tremark = &mt('Custom role defined by [_1].',$rauthor.':'.$rdomain);
     }
     $trole=Apache::lonnet::plaintext($role);
     my ($tdom,$trest,$tsection)=
@@ -2588,9 +3022,15 @@ sub role_desc {
     } elsif ($tdom) {
         $twhere = &mt('Domain').':&nbsp;'.$tdom;
     }
-    my $output = "$trole -- $twhere";
-    if ($tremark) {
-        $output .= '<br />'.$tremark;
+    my $output;
+    if ($trole) {
+        $output = $trole;
+        if ($twhere) {
+            $output .= " -- $twhere";
+        }
+        if ($tremark) {
+            $output .= '<br />'.$tremark;
+        }
     }
     return $output;
 }
@@ -2655,7 +3095,7 @@ sub is_active_course {
 }
 
 sub get_roles_functions {
-    my ($rolescount) = @_;
+    my ($rolescount,$cattype) = @_;
     my @links;
     push(@links,["javascript:rolesView('doupdate');",'start-here-22x22',&mt('Check for changes')]);
     if ($env{'environment.canrequest.author'}) {
@@ -2676,20 +3116,38 @@ sub get_roles_functions {
     }
     if ($env{'user.adv'}) {
         if ($env{'form.display'} eq 'showall') {
-            push(@links,["javascript:rolesView('noshowall');",'edit-redo-22x22',&mt('Exclude expired roles')]);
+            push(@links,["javascript:rolesView('noshowall');",'edit-redo-22x22',&mt('Exclude expired')]);
         } else {
-            push(@links,["javascript:rolesView('showall');",'edit-undo-22x22',&mt('Include expired roles')]);
+            push(@links,["javascript:rolesView('showall');",'edit-undo-22x22',&mt('Include expired')]);
         }
     }
-    my $funcs = &Apache::lonhtmlcommon::start_funclist();
-    foreach my $link (@links) {
-        $funcs .= &Apache::lonhtmlcommon::add_item_funclist(
-                      '<a href="'.$link->[0].'" class="LC_menubuttons_link">'.
-                      '<img src="/res/adm/pages/'.$link->[1].'.png" class="LC_icon" alt="'.$link->[2].'" />'.
-                      $link->[2].'</a>');
+    unless ($cattype eq 'none') {
+        push(@links,['/adm/coursecatalog','ccat-22x22',&mt('Course catalog')]);
+    }
+    my $funcs;
+    if ($env{'browser.mobile'}) {
+        my @functions;
+        foreach my $link (@links) {
+            push(@functions,[$link->[0],$link->[2]]);
+        }
+        my $title = 'Display options';
+        if ($env{'user.adv'}) {
+            $title = 'Roles options';
+        }
+        $funcs = &Apache::lonmenu::create_submenu('','',$title,\@functions,1,'LC_breadcrumbs_hoverable');
+        $funcs = '<ol class="LC_primary_menu LC_floatright">'.$funcs.'</ol>';
+    } else {
+        $funcs = &Apache::lonhtmlcommon::start_funclist();
+        foreach my $link (@links) {
+            $funcs .= &Apache::lonhtmlcommon::add_item_funclist(
+                          '<a href="'.$link->[0].'" class="LC_menubuttons_link">'.
+                          '<img src="/res/adm/pages/'.$link->[1].'.png" class="LC_icon" alt="'.$link->[2].'" />'.
+                          $link->[2].'</a>');
+        }
+        $funcs .= &Apache::lonhtmlcommon::end_funclist();
+        $funcs = &Apache::loncommon::head_subbox($funcs);
     }
-    $funcs .= &Apache::lonhtmlcommon::end_funclist();
-    return &Apache::loncommon::head_subbox($funcs);
+    return $funcs;
 }
 
 sub get_queued {
@@ -2699,7 +3157,7 @@ sub get_queued {
                                            $env{'user.name'},'^status:');
     foreach my $key (keys(%statusinfo)) {
         next unless (($statusinfo{$key} eq 'approval') || ($statusinfo{$key} eq 'pending'));
-        (undef,my($cdom,$cnum)) = split(':',$key);
+        (undef,my($cdom,$cnum)) = split(/:/,$key);
         my $requestkey = $cdom.'_'.$cnum;
         if ($requestkey =~ /^($match_domain)_($match_courseid)$/) {
             my %history = &Apache::lonnet::restore($requestkey,'courserequests',
@@ -2749,7 +3207,7 @@ sub get_queued {
             if (($status eq 'approval') || ($status eq 'approved')) {
                 $output .= '<p><b>'.&mt('Author role request').'</b><br />';
                 if ($status eq 'approval') {
-                    $output .= &mt('A request for authoring space submitted on [_1] is awaiting approval',
+                    $output .= &mt('A request for Authoring Space submitted on [_1] is awaiting approval',
                                   &Apache::lonlocal::locallocaltime($timestamp));
                 } elsif ($status eq 'approved') {
                     my %roleshash =
@@ -2778,6 +3236,84 @@ sub get_queued {
            $output.'</fieldset></div><br clear="all" />';
 }
 
+sub process_lti {
+    my ($r,$cdom,$cnum) = @_;
+    my %lti = &Apache::lonnet::get_domain_lti($cdom,'provider');
+    my $uriscope = &LONCAPA::ltiutils::lti_provider_scope($env{'request.lti.uri'},
+                                                          $cdom,$cnum);
+    my $lonhost = $r->dir_config('lonHostID');
+    my $internet_names = &Apache::lonnet::get_internet_names($lonhost);
+    if ($env{'request.lti.rosterid'} &&
+        $env{'request.lti.rosterurl'}) {
+        if (ref($lti{$env{'request.lti.login'}}) eq 'HASH') {
+            if ($lti{$env{'request.lti.login'}}{'roster'}) {
+                my @lcroles = ('in','ta','ep','st');
+                my @possibleroles;
+                foreach my $role (@lcroles) {
+                    if (&Apache::lonnet::allowed('c'.$role,"$cdom/$cnum")) {
+                        push(@possibleroles,$role);
+                    }
+                }
+                my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'};
+                if ($owner eq $env{'user.name'}.':'.$env{'user.domain'}) {
+                    my $crstype = &Apache::loncommon::course_type($cdom.'_'.$cnum);
+                    if ($crstype eq 'Community') {
+                        unshift(@possibleroles,'co');
+                    } else {
+                        unshift(@possibleroles,'cc');
+                    }
+                }
+                if (@possibleroles) {
+                    push(@{$rosterupdates},{cid        => $cdom.'_'.$cnum,
+                                            lti        => $env{'request.lti.login'},
+                                            ltiref     => $lti{$env{'request.lti.login'}},
+                                            id         => $env{'request.lti.rosterid'},
+                                            url        => $env{'request.lti.rosterurl'},
+                                            sourcecrs  => $env{'request.lti.sourcecrs'},
+                                            uriscope   => $uriscope,
+                                            possroles  => \@possibleroles,
+                                            intdoms    => $internet_names,
+                                           });
+                    unless ($registered_cleanup) {
+                        my $handlers = $r->get_handlers('PerlCleanupHandler');
+                        $r->set_handlers('PerlCleanupHandler' =>
+                                         [\&ltienroll,@{$handlers}]);
+                        $registered_cleanup=1;
+                    }
+                }
+            }
+        }
+    }
+    if ($env{'request.lti.passbackid'} &&
+        $env{'request.lti.passbackurl'}) {
+        if (ref($lti{$env{'request.lti.login'}}) eq 'HASH') {
+            if ($lti{$env{'request.lti.login'}}{'passback'}) {
+                my ($pbnum,$error) =
+                    &LONCAPA::ltiutils::store_passbackurl($env{'request.lti.login'},
+                                                          $env{'request.lti.passbackurl'},
+                                                          $cdom,$cnum);
+                if ($pbnum eq '') {
+                    $pbnum = $env{'request.lti.passbackurl'};
+                }
+                &Apache::lonnet::put('nohist_'.$cdom.'_'.$cnum.'_passback',
+                                     {"$uriscope\0$env{'request.lti.sourcecrs'}\0$env{'request.lti.login'}" =>
+                                     "$pbnum\0$env{'request.lti.passbackid'}"});
+            }
+        }
+    }
+    return;
+}
+
+sub ltienroll {
+    if (ref($rosterupdates) eq 'ARRAY') {
+        foreach my $item (@{$rosterupdates}) {
+            if (ref($item) eq 'HASH') {
+                &LONCAPA::ltiutils::batchaddroster($item);
+            }
+        }
+    }
+}
+
 1;
 __END__