--- loncom/auth/lonroles.pm	2024/12/29 02:02:29	1.269.2.42
+++ loncom/auth/lonroles.pm	2017/02/20 18:29:28	1.326
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.269.2.42 2024/12/29 02:02:29 raeburn Exp $
+# $Id: lonroles.pm,v 1.326 2017/02/20 18:29:28 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -140,65 +140,11 @@ use Apache::lonnavdisplay();
 use Apache::loncoursequeueadmin;
 use Apache::longroup;
 use Apache::lonrss;
+use Apache::lonplacementtest;
 use GDBM_File;
 use LONCAPA qw(:DEFAULT :match);
 use HTML::Entities;
- 
-sub start_loading_course {
-    my ($r,$title) = @_;
-    &Apache::loncommon::content_type($r,'text/html');
-    &Apache::loncommon::no_cache($r);
-    $r->send_http_header;
-    my $swinfo=&Apache::lonmenu::rawconfig();
-    # Breadcrumbs
-    my $brcrum = [{'href' => '',
-                   'text' => $title},];
-    my $start_page = &Apache::loncommon::start_page($title,undef,
-                                                    {'bread_crumbs' => $brcrum,
-                                                     'bread_crumbs_nomenu' => 1,
-                                                     'links_disabled' => 1});
-    $r->print(<<ENDREDIR);
-$start_page
-<script type="text/javascript">
-// <![CDATA[
-$swinfo
 
-document.body.addEventListener('click', function (event) {
-  // filter out clicks on any other elements
-  if (event.target.nodeName == 'A' && event.target.getAttribute('aria-disabled') == 'true') {
-    event.preventDefault();
-  }
-});
-// ]]>
-</script>
-ENDREDIR
-    return;
-}
-
-sub finish_loading_course {
-    my ($r,$msg,$url) = @_;
-    my $link = '<div id="LC_course_loaded" style="display:none"><a href="'.
-               &HTML::Entities::encode($url,'"<>&').'">'.&mt('Continue').'</a></div>';
-    my $end_page = &Apache::loncommon::end_page();
-    my $js_url = &js_escape($url);
-    $r->print(<<END);
-$msg
-<script type="text/javascript">
-// <![CDATA[
-\$(document).ready(function() {
-    \$("#LC_course_loaded").css("display","block");
-    \$('.isDisabled > a').removeAttr("aria-disabled");
-    \$('.isDisabled').removeClass("isDisabled");
-    var url = "$js_url";
-    \$(location).attr('href',url);
-});
-// ]]>
-</script>
-$link
-$end_page
-END
-    return;
-}
 
 sub redirect_user {
     my ($r,$title,$url,$msg) = @_;
@@ -206,7 +152,6 @@ sub redirect_user {
     &Apache::loncommon::content_type($r,'text/html');
     &Apache::loncommon::no_cache($r);
     $r->send_http_header;
-    my $swinfo=&Apache::lonmenu::rawconfig();
 
     # Breadcrumbs
     my $brcrum = [{'href' => $url,
@@ -221,11 +166,6 @@ sub redirect_user {
     $url=~s/ /\%20/g;
     $r->print(<<ENDREDIR);
 $start_page
-<script type="text/javascript">
-// <![CDATA[
-$swinfo
-// ]]>
-</script>
 <p>$msg</p>
 $end_page
 ENDREDIR
@@ -234,22 +174,29 @@ ENDREDIR
 
 sub error_page {
     my ($r,$error,$dest)=@_;
-    my %lt = &Apache::lonlocal::texthash(
-        pdc => 'Problems during Course Initialization',
-        tfp => 'The following problems occurred:',
-        con => 'Continue',
+    &Apache::loncommon::content_type($r,'text/html');
+    &Apache::loncommon::no_cache($r);
+    $r->send_http_header;
+    return OK if $r->header_only;
+    # Breadcrumbs
+    my $brcrum = [{'href' => $dest,
+                   'text' => 'Problems during Course Initialization'},];
+    $r->print(&Apache::loncommon::start_page('Problems during Course Initialization',
+                                             undef,
+                                             {'bread_crumbs' => $brcrum,})
     );
-    my $end_page = &Apache::loncommon::end_page();
-    $dest = &HTML::Entities::encode($dest,'"<>&');
-    $r->print(<<END);
-<h3>$lt{'pdc'}</h3>
-<p class="LC_error">$lt{'tfp'}
-<br />
-$error
-</p><br /><a href="$dest">$lt{'con'}</a>
-$end_page
-END
-    return;
+    $r->print(
+        '<script type="text/javascript">'.
+        '// <![CDATA['.
+        &Apache::lonmenu::rawconfig().
+        '// ]]>'.
+        '</script>'.
+	      '<p class="LC_error">'.&mt('The following problems occurred:').
+          '<br />'.
+	      $error.
+	      '</p><br /><a href="'.$dest.'">'.&mt('Continue').'</a>'
+    );
+    $r->print(&Apache::loncommon::end_page());
 }
 
 sub handler {
@@ -275,95 +222,9 @@ sub handler {
         $update = $then;
     }
 
-    my ($blocked_by_ip,$blocked_type,$clientip);
-    $clientip = &Apache::lonnet::get_requestor_ip($r);
-
-    if ($env{'form.selectrole'}) {
-        my ($role,$cdom,$cnum,$rest);
-        if ($env{'form.switchrole'} =~ m{^(co|cc|in|ta|ep|ad|st|cr).*?\./($match_domain)/($match_courseid)(/(\w+)|$)}) {
-            ($role,$cdom,$cnum,$rest) = ($1,$2,$3,$4);
-        } elsif ($env{'form.newrole'} =~ m{^(co|cc|in|ta|ep|ad|st|cr).*?\./($match_domain)/($match_courseid)(/(\w+)|$)}) {
-            ($role,$cdom,$cnum,$rest) = ($1,$2,$3,$4);
-        }
-        if ($cdom ne '') {
-            my ($has_evb,$check_ipaccess,$showrole);
-            $showrole = 1;
-            my $checkrole = "cm./$cdom/$cnum";
-            if ($rest ne '') {
-                $checkrole .= "/$rest";
-            }
-            if ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) &&
-                ($role ne 'st')) {
-                $has_evb = 1;
-            }
-            unless ($has_evb) {
-                my @machinedoms = &Apache::lonnet::current_machine_domains();
-                my $udom = $env{'user.domain'};
-                if ($udom eq $cdom) {
-                    $check_ipaccess = 1;
-                } elsif (($udom ne '') && (grep(/^\Q$udom\E$/,@machinedoms))) {
-                    $check_ipaccess = 1;
-                } else {
-                    my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
-                    my $internet_names = &Apache::lonnet::get_internet_names($lonhost);
-                    my $cprim = &Apache::lonnet::domain($cdom,'primary');
-                    my $cintdom = &Apache::lonnet::internet_dom($cprim);
-                    if (($cintdom ne '') && (ref($internet_names) eq 'ARRAY')) {
-                        if (grep(/^\Q$cintdom\E$/,@{$internet_names})) {
-                            $check_ipaccess = 1;
-                        }
-                    }
-                }
-                if ($check_ipaccess) {
-                    my ($ipaccessref,$cached)=&Apache::lonnet::is_cached_new('ipaccess',$cdom);
-                    unless (defined($cached)) {
-                        my %domconfig =
-                            &Apache::lonnet::get_dom('configuration',['ipaccess'],$cdom);
-                        $ipaccessref = &Apache::lonnet::do_cache_new('ipaccess',$cdom,$domconfig{'ipaccess'},1800);
-                    }
-                    if (ref($ipaccessref) eq 'HASH') {
-                        foreach my $id (keys(%{$ipaccessref})) {
-                            if (ref($ipaccessref->{$id}) eq 'HASH') {
-                                my $range = $ipaccessref->{$id}->{'ip'};
-                                if ($range) {
-                                    my $type = 'exclude';
-                                    if (&Apache::lonnet::ip_match($clientip,$range)) {
-                                        $type = 'include';
-                                    }
-                                    if (ref($ipaccessref->{$id}->{'courses'}) eq 'HASH') {
-                                        if ($ipaccessref->{$id}->{'courses'}{$cdom.'_'.$cnum}) {
-                                            if ($type eq 'include') {
-                                                $showrole = 1;
-                                                last;
-                                            } else {
-                                                $showrole = 0;
-                                            }
-                                        } else {
-                                            if ($type eq 'include') {
-                                                $showrole = 0;
-                                            } else {
-                                                $showrole = 1;
-                                            }
-                                        }
-                                    }
-                                }
-                            }
-                        }
-                    }
-                }
-            }
-            unless ($showrole) {
-                $blocked_by_ip = 1;
-                $blocked_type = &Apache::loncommon::course_type($cdom.'_'.$cnum);
-                delete($env{'form.selectrole'});
-                delete($env{'form.newrole'});
-            }
-        }
-    }
-
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'});
 
-# -------------------------------------------------- Check if setting hot list
+# -------------------------------------------------- Check if setting hot list 
     my $hotlist;
     if ($env{'form.action'} eq 'verify_and_change_rolespref') {
         $hotlist = &Apache::lonpreferences::verify_and_change_rolespref($r);
@@ -394,8 +255,8 @@ sub handler {
 
     my $envkey;
     my %dcroles = ();
-    my %helpdeskroles = (); 
-    my ($numdc,$numhelpdesk,$numadhoc) =
+    my %helpdeskroles = ();
+    my ($numdc,$numhelpdesk,$numadhoc) = 
         &check_for_adhoc(\%dcroles,\%helpdeskroles,$update,$then);
     my $loncaparev = $r->dir_config('lonVersion');
 
@@ -453,7 +314,7 @@ sub handler {
             if ($custom_adhoc) {
                 my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($cdom.'_'.$cnum,1);
                 if (ref($possroles) eq 'ARRAY') {
-                    if (grep(/^\Q$rolename\E$/,@{$possroles})) {
+                    if (grep(/^\Q$rolename\E$/,@{$possroles})) { 
                         if (&Apache::lonnet::check_adhoc_privs($cdom,$cnum,$update,$refresh,$now,
                                                                "cr/$cdom/$cdom".'-domainconfig/'.$rolename,undef,$sec)) {
                             &Apache::lonnet::appenv({"environment.internal.$cdom.$cnum.cr/$cdom/$cdom".'-domainconfig/'."$rolename.adhoc" => time});
@@ -465,8 +326,8 @@ sub handler {
 # Check if user is a DC trying to enter a course or author space and needs privs to be created
 # Check if user is a DH or DA trying to enter a course and needs privs to be created
             foreach my $envkey (keys(%env)) {
-                if ($numdc) {
 # Is this an ad-hoc Coordinator role?
+                if ($numdc) {
                     if (my ($ccrole,$domain,$coursenum) =
 		        ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) {
                         if ($dcroles{$domain}) {
@@ -557,10 +418,9 @@ sub handler {
                         }
                         last;
                     }
-                } 
+                }
             }
         }
-
         foreach $envkey (keys(%env)) {
             next if ($envkey!~/^user\.role\./);
             my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
@@ -629,7 +489,6 @@ sub handler {
 				 my $end_page=&Apache::loncommon::end_page();
 				 my $buttontext=&mt('Enter Course');
 				 my $message=&mt('Successfully registered key');
-                                 my $ip = &Apache::lonnet::get_requestor_ip();
 				 my $assignresult=
 				     &Apache::lonnet::assign_access_key(
 						     $env{'form.newkey'},
@@ -638,8 +497,8 @@ sub handler {
                                                      $env{'user.domain'},
 						     $env{'user.name'},
                                                      &mt('Assigned from [_1] at [_2] for [_3]'
-                                                        ,$ip
-                                                        ,&Apache::lonlocal::locallocaltime($now)
+                                                        ,$ENV{'REMOTE_ADDR'}
+                                                        ,&Apache::lonlocal::locallocaltime()
                                                         ,$trolecode)
                                                      );
 				 unless ($assignresult eq 'ok') {
@@ -715,62 +574,16 @@ ENDENTERKEY
                                 }
                             }
                         }
-                        my $crstype = &Apache::loncommon::course_type($cdom.'_'.$cnum);
-                        $crstype = lc($crstype);
-                        my $preamble = '<div id="LC_update_'.$cdom.'_'.$cnum.'" class="LC_info">'.
-                                       '<br />'.
-                                       &mt("Please be patient while your $crstype loads").
-                                       '<br /></div>'.
-                                       '<div style="padding:0;clear:both;margin:0;border:0"></div>';
-                        my $closure = <<ENDCLOSE;
-<script type="text/javascript">
-// <![CDATA[
-\$("#LC_update_${cdom}_${cnum}").hide('slow');
-// ]]>
-</script>
-ENDCLOSE
-                        my $title = &mt("Loading $crstype");
-                        &start_loading_course($r,$title);
-                        my %prog_state = &Apache::lonhtmlcommon::Create_PrgWin($r,undef,$preamble);
-                        &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Loading ...'));
-                        $r->rflush();
-                        my ($msg,$critmsg_check);
-                        $critmsg_check = 1;
-                        my ($furl,$ferr)=
-                            &Apache::lonuserstate::readmap($cdom.'/'.$cnum,$critmsg_check);
-                        &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Finished!'));
-                        &Apache::lonhtmlcommon::Close_PrgWin($r,\%prog_state);
-                        $r->print($closure);
-                        $r->rflush();
-                        if ($ferr) {
-                            $furl = '/adm/roles?tryagain=1';
-                        } else {
-                            &Apache::lonnet::appenv({'request.course.timechecked'=>$now});
-                            unless (($env{'form.switchrole'}) ||
+                        my $msg;
+			my ($furl,$ferr)=
+			    &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
+                        unless ($ferr) {
+                            unless (($env{'form.switchrole'}) || 
                                     ($env{"environment.internal.$cdom.$cnum.$role.adhoc"})) {
                                 &Apache::lonnet::put('nohist_crslastlogin',
                                     {$env{'user.name'}.':'.$env{'user.domain'}.
                                      ':'.$csec.':'.$role => $now},$cdom,$cnum);
                             }
-                            if (($env{"environment.internal.$cdom.$cnum.$role.adhoc"}) &&
-                                (&Apache::lonnet::allowed('vxc',$cdom.'_'.$cnum))) {
-                                my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'};
-                                my @coowners = split(/,/,$env{'course.'.$env{'request.course.id'}.'.internal.co-owners'});
-                                my %auaccess;
-                                foreach my $user ($owner,@coowners) {
-                                    my ($cpname,$cpdom) = split(/:/,$user);
-                                    my %auroles = &Apache::lonnet::get_my_roles($cpname,$cpdom,'userroles',undef,['au','ca','aa'],[$cdom]);
-                                    foreach my $key (keys(%auroles)) {
-                                        my ($auname,$audom,$aurole) = split(/:/,$key);
-                                        if ($aurole eq 'au') {
-                                            $auaccess{$cpname} = 1;
-                                        } else {
-                                            $auaccess{$auname} = 1;
-                                        }
-                                    }
-                                }
-                                &Apache::lonnet::appenv({'request.course.adhocsrcaccess' => join(',',sort(keys(%auaccess))) });
-                            }
                             my ($feeds,$syllabus_time);
                             &Apache::lonrss::advertisefeeds($cnum,$cdom,undef,\$feeds);
                             &Apache::lonnet::appenv({'request.course.feeds' => $feeds});
@@ -788,7 +601,7 @@ ENDCLOSE
                         }
 			if (($env{'form.orgurl'}) && 
 			    ($env{'form.orgurl'}!~/^\/adm\/flip/) &&
-                            ($env{'form.orgurl'} ne '/adm/roles')) {
+			    ($env{'form.orgurl'} ne '/adm/roles')) {
 			    my $dest=$env{'form.orgurl'};
                             if ($env{'form.symb'}) {
                                 if ($dest =~ /\?/) {
@@ -800,24 +613,9 @@ ENDCLOSE
                             }
 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
 			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
-                            if ($ferr) {
-                                if ($env{'form.orgurl'}) {
-                                    $furl .= '&orgurl='.&HTML::Entities::encode($env{'form.orgurl'},'<>&"');
-                                }
-                                if ($env{'form.symb'}) {
-                                    $furl .= '&symb='.&HTML::Entities::encode($env{'form.symb'},'<>&"');
-                                }
-                            }
                             if (($ferr) && ($tadv)) {
-                                &error_page($r,$ferr,$furl);
+				&error_page($r,$ferr,$dest);
 			    } else {
-                                if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
-                                    if (($env{'form.orgurl'} ne '') && ($env{'form.symb'} ne '')) {
-                                        unless (&Apache::lonnet::symbverify($env{'form.symb'},$env{'form.orgurl'})) {
-                                            $dest=$env{'form.orgurl'};
-                                        }
-                                    }
-                                }
                                 if ($dest =~ m{^/adm/coursedocs\?folderpath}) {
                                     if ($env{'request.course.id'} eq $cdom.'_'.$cnum) { 
                                         my $chome = &Apache::lonnet::homeserver($cnum,$cdom);
@@ -825,45 +623,26 @@ ENDCLOSE
                                                                                        $cdom.'_'.$cnum);
                                     }
                                 }
-                                if ($ferr) {
-                                    if (!$env{'request.course.id'}) {
-                                        &Apache::lonnet::appenv(
-                                           {"request.course.id"  => $cdom.'_'.$cnum});
-                                        $r->print('<p class="LC_error">'.
-                                                  &mt('Could not initialize [_1] at this time.',
-                                                      $env{'course.'.$cdom.'_'.$cnum.'.description'}).
-                                                  '</p>'.
-                                                  '<p><a href="'.$furl.'">'.
-                                                  &mt('Please try again.').'</a></p>'.
-                                                  &Apache::loncommon::end_page());
-                                    }
-                                } else {
-                                    $msg = '<p>'.&mt('Entering [_1] ...',
-                                                     $env{'course.'.$cdom.'_'.$cnum.'.description'}).
-                                           '</p>';
-                                    &finish_loading_course($r,$msg,$dest);
-                                }
+				$r->internal_redirect($dest);
 			    }
-                            $r->rflush();
 			    return OK;
 			} else {
 			    if (!$env{'request.course.id'}) {
 				&Apache::lonnet::appenv(
 				      {"request.course.id"  => $cdom.'_'.$cnum});
-                            }
+				$furl='/adm/roles?tryagain=1';
+                $msg='<p><span class="LC_error">'
+                    .&mt('Could not initialize [_1] at this time.',
+                         $env{'course.'.$cdom.'_'.$cnum.'.description'})
+                    .'</span></p>'
+                    .'<p>'.&mt('Please try again.').'</p>'
+                    .'<p>'.$ferr.'</p>';
+			    }
 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
 			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
-                            if ($ferr) {
-                                if ($tadv) {
-                                    &error_page($r,$ferr,$furl);
-                                } else {
-                                    $r->print('<p class="LC_error">'.
-                                              &mt('Could not initialize [_1] at this time.',
-                                                  $env{'course.'.$cdom.'_'.$cnum.'.description'}).
-                                              '</p>'.
-                                              '<p><a href="'.$furl.'">'.&mt('Please try again.').'</a></p>'.
-                                              &Apache::loncommon::end_page());
-                                }
+
+			    if (($ferr) && ($tadv)) {
+				&error_page($r,$ferr,$furl);
 			    } else {
 				# Check to see if the user is a CC entering a course 
 				# for the first time
@@ -872,6 +651,17 @@ ENDCLOSE
 				    $furl = "/adm/helper/course.initialization.helper";
 				    # Send the user to the course they selected
 				} elsif ($env{'request.course.id'}) {
+                                    if ((&Apache::loncommon::course_type() eq 'Placement') && 
+                                        (!$env{'request.role.adv'})) {
+                                        my ($score,$incomplete) = 
+                                            &Apache::lonplacementtest::check_completion(undef,undef,1);
+                                        if (($incomplete) && ($incomplete < 100)) {
+                                            &redirect_user($r, &mt('Entering [_1]',
+                                                          $env{'course.'.$cdom.'_'.$cnum.'.description'}),
+                                                          '/adm/placement', $msg);
+                                            return OK;
+                                        }
+                                    }
                                     my ($dest,$destsymb,$checkenc);
                                     $dest = $env{'form.destinationurl'};
                                     $destsymb = $env{'form.destsymb'};
@@ -884,15 +674,11 @@ ENDCLOSE
                                                     }
                                                 }
                                             }
-                                            if (($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?|\&)usehttp=1}) ||
-                                                ($dest =~ m{^\Q/adm/wrapper/ext/\E(?!https:)})) {
+                                            if ($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?|\&)usehttp=1}) {
                                                 if ($ENV{'SERVER_PORT'} == 443) {
                                                     my $hostname = $r->hostname();
-                                                    unless ((&Apache::lonnet::uses_sts()) ||
-                                                            (&Apache::lonnet::waf_allssl($hostname))) {
-                                                        if ($hostname ne '') {
-                                                            $dest = 'http://'.$hostname.$dest;
-                                                        }
+                                                    if ($hostname ne '') {
+                                                        $dest = 'http://'.$hostname.$dest;
                                                     }
                                                 }
                                             }
@@ -900,7 +686,7 @@ ENDCLOSE
                                                 if ($env{'request.role.adv'}) {
                                                     $dest = &Apache::lonenc::unencrypted($dest);
                                                     if ($destsymb eq '') {
-                                                        ($destsymb) = ($dest =~ /(?:\?|\&)symb=([^\&]*)/); 
+                                                        ($destsymb) = ($dest =~ /(?:\?|\&)symb=([^\&]*)/);
                                                         $destsymb = &unescape($destsymb);
                                                     }
                                                 }
@@ -925,17 +711,15 @@ ENDCLOSE
                                                 }
                                             }
                                         }
-                                        unless (($dest =~ m{^/enc/}) || ($dest =~ /(\?|\&)symb=.+___\d+___.+/)) { 
+                                        unless (($dest =~ m{^/enc/}) || ($dest =~ /(\?|\&)symb=.+___\d+___.+/)) {
                                             if (($destsymb ne '') && ($destsymb !~ m{^/enc/})) {
                                                 my $esc_symb = &escape($destsymb);
                                                 $dest .= (($dest =~/\?/)? '&':'?').'symb='.$esc_symb;
                                             }
                                         }
-                                        $msg = '<p>'.&mt('Entering [_1] ...',
-                                                         $env{'course.'.$cdom.'_'.$cnum.'.description'}).
-                                               '</p>';
-                                        &finish_loading_course($r,$msg,$dest);
-                                        $r->rflush();
+                                        &redirect_user($r, &mt('Entering [_1]',
+                                                       $env{'course.'.$cdom.'_'.$cnum.'.description'}),
+                                                       $dest, $msg);
                                         return OK;
                                     }
 				    if (&Apache::lonnet::allowed('whn',
@@ -946,62 +730,40 @@ ENDCLOSE
 					) {
 					my $startpage = &courseloadpage($env{'request.course.id'});
 					unless ($startpage eq 'firstres') {         
-					    $msg = '<p>'.&mt('Entering [_1] ...',
-						             $env{'course.'.$cdom.'_'.$cnum.'.description'}).
-                                                   '</p>';
-                                            &finish_loading_course($r,$msg,'/adm/whatsnew?refpage=start');
-                                            $r->rflush();
-                                            return OK;
+					    $msg = &mt('Entering [_1] ...',
+						       $env{'course.'.$env{'request.course.id'}.'.description'});
+					    &redirect_user($r, &mt('New in course'),
+                                       '/adm/whatsnew?refpage=start', $msg);
+					    return OK;
 					}
 				    }
 				}
                                 # Are we allowed to look at the first resource?
-                                #
-                                # $furl returned by lonuserstate::readmap() has format:
-                                # $url?symb=escaped($symb). If the resource has the
-                                # encrypturl parameter in effect, the entire string
-                                # $url?symb=escaped($symb) is encrypted as a string
-                                # beginning /enc/.
-                                #
-                                my ($access,$unencfurl,$unencsymb);
-                                if ($furl =~ m{^(.+)(?:\?|\&)symb=([^&]+)(?:$|&)}) {
-                                    my ($poss_url,$poss_symb) = ($1,$2);
-                                    $unencsymb = &unescape($poss_symb);
-                                    $unencfurl = $poss_url;
-                                } elsif ($furl =~ m{^/enc/}) {
-                                    my $unenc = &Apache::lonenc::unencrypted($furl);
-                                    if ($unenc =~ m{^(.+)(?:\?|\&)symb=([^&]+)(?:$|&)}) {
-                                        ($unencfurl,$unencsymb) = ($1,$2);
-                                        $unencsymb = &unescape($unencsymb);
-                                    } else {
-                                        $unencfurl = $unenc;
-                                    }
+                                my $access;
+                                if ($furl =~ m{^(/adm/wrapper|)/ext/}) {
+                                    # If it's an external resource,
+                                    # strip off the symb argument and possible query
+                                    my ($exturl,$symb) = ($furl =~ m{^(.+)(?:\?|\&)symb=(.+)$});
+                                    # Unencode $symb
+                                    $symb = &unescape($symb);
+                                    # Then check for permission
+                                    $access = &Apache::lonnet::allowed('bre',$exturl,$symb);
+                                # For other resources just check for permission
                                 } else {
-                                    $unencfurl = $furl;
+                                    $access = &Apache::lonnet::allowed('bre',$furl);
                                 }
-                                if ($unencsymb) {
-                                    my $symb = &Apache::lonnet::symbclean($unencsymb);
-                                    if (($symb ne '') && (&Apache::lonnet::symbverify($symb,$unencfurl))) {
-                                        $access = &Apache::lonnet::allowed('bre',$unencfurl,$symb);
-                                    } else {
-                                        $access = &Apache::lonnet::allowed('bre',$unencfurl);
-                                    }
-                                } else {
-                                    $access = &Apache::lonnet::allowed('bre',$unencfurl);
-                                }
-                                if ((!$access) || ($access eq 'B')) {
+                                if (!$access) {
                                     $furl = &Apache::lonpageflip::first_accessible_resource();
-                                    if ($furl eq '') {
-                                        $furl = '/adm/navmaps?showOnlyHomework=1';
-                                    }
+                                } elsif ($access eq 'B') {
+                                    $furl = '/adm/navmaps?showOnlyHomework=1';
                                 }
-                                $msg = '<p>'.&mt('Entering [_1] ...',
-					         $env{'course.'.$cdom.'_'.$cnum.'.description'}).
-                                       '</p>';
-                                &finish_loading_course($r,$msg,$furl);
+                                $msg = &mt('Entering [_1] ...',
+					   $env{'course.'.$cdom.'_'.$cnum.'.description'});
+				&redirect_user($r, &mt('Entering [_1]',
+                               $env{'course.'.$cdom.'_'.$cnum.'.description'}),
+                               $furl, $msg);
 			    }
-                            $r->rflush();
-                            return OK;
+			    return OK;
 			}
 		    }
                     #
@@ -1064,7 +826,7 @@ ENDCLOSE
         $crumbtext = 'Courses';
         $pagetitle = 'My Courses';
         $recent = &mt('Recent Courses');
-        $standby = &mt('Course selected. Please stand by.');
+        $standby = &mt('Course selected. Please stand by.'); 
     }
     my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}];
 
@@ -1077,16 +839,40 @@ ENDCLOSE
     if ($domdefs{'catauth'}) {
         $cattype = $domdefs{'catauth'};
     }
-    my ($funcs,$crumbsright,$crumbs_style);
-    $funcs = &get_roles_functions($showcount,$cattype);
-    if ($env{'browser.mobile'}) {
-        $crumbsright = $funcs;
-        undef($funcs);
-        $crumbs_style = 'overflow: visible;';
-    }
-    my $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum,
-                                                                    bread_crumbs_component=>$crumbsright,
-                                                                    bread_crumbs_style=>$crumbs_style,});
+    my $placementonly;
+    if ($showcount == 1) {
+        if ($env{'request.course.id'}) {
+            if ($env{'course.'.$env{'request.course.id'}.'.type'} eq 'Placement') {
+                $placementonly = 1;
+            }
+        } else {
+            foreach my $rolecode (keys(%roles_in_env)) {
+                my ($cid) = ($rolecode =~ m{^\Quser.role.st./\E($match_domain/$match_courseid)(?:/|$)});
+                if ($cid) {
+                    my %coursedescription =
+                        &Apache::lonnet::coursedescription($cid,{'one_time' => '1'});
+                    if ($coursedescription{'type'} eq 'Placement') {
+                        $placementonly = 1;
+                    }
+                    last;
+                }
+            }
+        }
+    }
+    my ($start_page,$funcs);
+    if ($placementonly) {
+        $start_page=&Apache::loncommon::start_page($pagetitle,undef,
+                                                  {bread_crumbs=>$brcrum,crstype=>'Placement'});
+    } else {
+        $funcs = &get_roles_functions($showcount,$cattype);
+        my $crumbsright;
+        if ($env{'browser.mobile'}) {
+            $crumbsright = $funcs;
+            undef($funcs);
+        }
+        $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum,
+                                                                     bread_crumbs_component=>$crumbsright});
+    }
     &js_escape(\$standby);
     my $noscript='<br /><span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will be unavailable.').'</span><br />';
 
@@ -1120,7 +906,7 @@ function rolesView (caller) {
         document.rolechoice.display.value = caller;
     } else {
         if ((caller == 'doupdate') || (caller == 'requestauthor') ||
-            (caller == 'queued')) {
+            (caller == 'queued')) { 
             document.rolechoice.state.value = caller;
         }
     }
@@ -1204,7 +990,7 @@ ENDHEADER
             }
             if ($hotlist) {
                 $showresult .= $hotlist;
-            }
+            } 
             $showresult .= '</div>';
             $r->print($showresult);
         } elsif ($env{'form.state'} eq 'queued') {
@@ -1220,16 +1006,6 @@ ENDHEADER
         $r->print('<input type="hidden" name="newrole" value="" />');
         $r->print('<input type="hidden" name="display" value="'.$display.'" />');
         $r->print('<input type="hidden" name="state" value="" />');
-        if ($blocked_by_ip) {
-            my $blocked_role = 'student';
-            if ($blocked_type eq 'Community') {
-                $blocked_role = 'member';
-            }
-            $r->print('<h3><span class="LC_error">'.
-                      &mt('The [_1] you selected is not available for access with a [_2] role from your current IP address: [_3].',
-                          lc($blocked_type),$blocked_role,$clientip).
-                      '</span></h3>');
-        }
     }
     $r->rflush();
 
@@ -1239,7 +1015,21 @@ ENDHEADER
                       \%sortrole,\%roleclass,\%futureroles,\%timezones,$loncaparev);
     $refresh = $now;
     &Apache::lonnet::appenv({'user.refresh.time'  => $refresh});
-    if ((($cattype eq 'std') || ($cattype eq 'domonly')) && (!$env{'user.adv'})) {
+    if ($countactive == 1) {
+        if ($env{'request.course.id'}) {
+            if ($env{'course.'.$env{'request.course.id'}.'.type'} eq 'Placement') {
+                $placementonly = 1;
+            }
+        } elsif ($possiblerole) {
+            if ($possiblerole =~ m{^st\./($match_domain)/($match_courseid)(?:/|$)}) {
+                if ($env{'course.'.$1.'_'.$2.'.type'} eq 'Placement') {
+                    $placementonly = 1;
+                }
+            }
+        }
+    }
+    if ((($cattype eq 'std') || ($cattype eq 'domonly')) && (!$env{'user.adv'}) &&
+          (!$placementonly)) {
         if ($countactive > 0) {
             my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
             my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&'); 
@@ -1263,11 +1053,7 @@ ENDHEADER
 
 # No active roles
     if ($countactive==0) {
-        my $elapsed = 0;
-        if ($now && $update) {
-            $elapsed = $now - $update;
-        }
-        &requestcourse_advice($r,$cattype,$inrole,$elapsed); 
+        &requestcourse_advice($r,$cattype,$inrole); 
 	$r->print('</form>');
         if ($countfuture) {
             $r->print(&mt('The following [quant,_1,role,roles] will become active in the future:',$countfuture));
@@ -1296,15 +1082,23 @@ ENDHEADER
         }
         $r->print(&Apache::loncommon::end_page());
 	return OK;
+    } elsif (($placementonly) && ($env{'request.role'} eq 'cm')) {
+	$r->print('<h3>'.&mt('Please stand by.').'</h3>
+	          <input type="hidden" name="'.$possiblerole.'" value="1" />
+                  <noscript><br />
+                  <input type="submit" name="submit" value="'.&mt('Continue').'" />
+                  </noscript></form>');
+	$r->rflush();
+	$r->print('<script type="text/javascript">document.forms.rolechoice.submit();</script>');
+	$r->print(&Apache::loncommon::end_page());
+	return OK;
     }
 # ----------------------------------------------------------------------- Table
 
     if (($numdc > 0) || (($numhelpdesk > 0) && ($numadhoc > 0))) {
-        $r->print(&coursepick_jscript().
-                  &Apache::loncommon::coursebrowser_javascript());
-    }
-    if ($numdc > 0) {
-        $r->print(&Apache::loncommon::authorbrowser_javascript());
+        $r->print(&coursepick_jscript());
+        $r->print(&Apache::loncommon::coursebrowser_javascript().
+                  &Apache::loncommon::authorbrowser_javascript());
     }
 
     unless ((!&Apache::loncommon::show_course()) || ($nochoose) || ($countactive==1)) {
@@ -1559,9 +1353,9 @@ sub gather_roles {
                                 foreach my $rolename (sort(keys(%{$domdef{'adhocroles'}}))) {
                                     if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
                                         $adhocdesc{$tdom}{$rolename} = $domdef{'adhocroles'}{$rolename}{'desc'};
+                                        $desc = $adhocdesc{$tdom}{$rolename};
                                     }
                                 }
-                                $desc = $adhocdesc{$tdom}{$rolename}; 
                             }
                         }
                         if ($desc ne '') {
@@ -1622,6 +1416,9 @@ sub gather_roles {
                             $skipcal = 1;
                         }
                     }
+                    if ($ttype eq 'Placement') {
+                        $ttype = 'Placement Test';
+                    }
                     if ($tsection) {
                         $twhere.='<br />'.&mt('Section').': '.$tsection;
                     }
@@ -1737,7 +1534,7 @@ sub roletable_headers {
 }
 
 sub roletypes {
-    my @types = ('Domain','Authoring Space','Course','Community','Unavailable','System');
+    my @types = ('Domain','Authoring Space','Course','Placement Test','Community','Unavailable','System');
     return @types; 
 }
 
@@ -1788,26 +1585,20 @@ sub print_rolerows {
 }
 
 sub findcourse_advice {
-    my ($r,$cattype,$elapsed) = @_;
+    my ($r,$cattype) = @_;
     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
     my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
     if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) {
-        $r->print('<p>'.&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
+        $r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
 <ul>
  <li>'.&mt('The course has yet to be created.').'</li>
  <li>'.&mt('Automatic enrollment of registered students has not been enabled for the course.').'</li>
  <li>'.&mt('You are in a section of course for which automatic enrollment in the corresponding LON-CAPA course is not active.').'</li>
  <li>'.&mt('The start date for automated enrollment has yet to be reached.').'</li>
  <li>'.&mt('You registered for the course recently and there is a time lag between the time you register, and the time this information becomes available for the update of LON-CAPA course rosters.').'</li>
- <li>'.&mt('Automated enrollment added you to the course in the time since you last logged-in.').' '.&mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'</li>
- </ul></p>');
+ </ul>');
     } else {
-        $r->print('<p>'.&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'</p>');
-        if ($elapsed > 600) {
-            $r->print('<p>'.&mt('You may also have been assigned to a course in the time since you last logged-in, or checked for changes.').
-                      '<br />'.
-                      &mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'</p>');
-        }
+        $r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'<br />');
     }
     if (($cattype eq 'std') || ($cattype eq 'domonly')) {
         $r->print('<h3>'.&mt('Self-Enrollment').'</h3>'.
@@ -1819,7 +1610,7 @@ sub findcourse_advice {
 }
 
 sub requestcourse_advice {
-    my ($r,$cattype,$inrole,$elapsed) = @_;
+    my ($r,$cattype,$inrole) = @_;
     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
     my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
     my (%can_request,%request_doms,$output);
@@ -1880,7 +1671,7 @@ sub requestcourse_advice {
         } else {
             $r->print('<h3>'.&mt('Currently no active roles, courses or communities').'</h3>');
         }
-        &findcourse_advice($r,$cattype,$elapsed);
+        &findcourse_advice($r,$cattype);
     }
     return;
 }
@@ -1943,11 +1734,9 @@ sub privileges_info {
 sub build_roletext {
     my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere,
         $tpstart,$tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning,$skipcal) = @_;
-    my ($roletext,$roletext_end,$poss_adhoc);
-    if ($trolecode =~ m/^d(c|h|a)\./) {
-        $poss_adhoc = 1;
-    }
-    my $rowspan=($poss_adhoc) ? ''
+    my ($roletext,$roletext_end);
+    my $is_dc=($trolecode =~ m/^dc\./);
+    my $rowspan=($is_dc) ? ''
                          : ' rowspan="2" ';
 
     unless ($nochoose) {
@@ -2000,7 +1789,7 @@ sub build_roletext {
                         $trolecode."','".$buttonname.'\');" /></td>';
         }
     }
-    if (($trolecode !~ m/^(ca|aa)\./) && ($trest ne '') && (!$skipcal)) {
+    if (($trolecode !~ m/^(dc|ca|au|aa)\./)  && (!$skipcal)) {
 	$tremark.=&Apache::lonannounce::showday(time,1,
 			 &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
     }
@@ -2008,7 +1797,7 @@ sub build_roletext {
               .'<td>'.$twhere.'</td>'
               .'<td>'.$tpstart.'</td>'
               .'<td>'.$tpend.'</td>';
-    unless ($poss_adhoc) {
+    if (!$is_dc) {
         $roletext_end = '<td colspan="4">'.
                         $tremark.'&nbsp;'.
                         '</td>';
@@ -2038,8 +1827,8 @@ sub check_for_adhoc {
     my $numdc = 0;
     my $numhelpdesk = 0;
     my $numadhoc = 0;
-    my $num_custom_adhoc = 0;
-    if (($env{'user.adv'}) || ($env{'user.rar'})) {
+    my $num_custom_adhoc = 0; 
+    if ($env{'user.adv'}) {
         foreach my $envkey (sort(keys(%env))) {
             if ($envkey=~/^user\.role\.(dc|dh|da)\.\/($match_domain)\/$/) {
                 my $role = $1;
@@ -2257,7 +2046,7 @@ sub display_cc_role {
             } else {
                 $twhere=&mt('Currently not available');
                 $env{'course.'.$tcourseid.'.description'}=$twhere;
-                $skipcal = 1; 
+                $skipcal = 1;
             }
             my $trole = &Apache::lonnet::plaintext($ccrole,$ttype,$tcourseid);
             $twhere.="<br />".&mt('Domain').":".$tdom;
@@ -2271,9 +2060,9 @@ sub adhoc_roles_row {
     my ($dcdom,$rowtype) = @_;
     my $output = &Apache::loncommon::continue_data_table_row()
                  .' <td colspan="5" class="LC_textsize_mobile">'
-                 .&mt('[_1]Ad hoc[_2] roles in domain [_3]'
+                 .&mt('[_1]Ad hoc[_2] roles in domain [_3] --'
                      ,'<span class="LC_cusr_emph">','</span>',$dcdom)
-                 .' -- ';
+                 .' ';
     my $role = 'cc';
     my $selectcclink = &courselink($dcdom,$rowtype,$role);
     my $ccrole = &Apache::lonnet::plaintext('co',undef,undef,1);
@@ -2296,14 +2085,14 @@ sub adhoc_customroles_row {
     if ($tstart && $tstart>$limit) { $liverole = 0; }
     if ($tend   && $tend  <$limit) { $liverole = 0; }
     return unless ($liverole);
-    my %domdefaults = &Apache::lonnet::get_domain_defaults($dhdom);
+    my %domdefaults = &Apache::lonnet::get_domain_defaults($dhdom); 
     if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
         if (scalar(keys(%{$domdefaults{'adhocroles'}})) > 0) {
             return &Apache::loncommon::continue_data_table_row()
                   .' <td colspan="5" class="LC_textsize_mobile">'
-                  .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3]',
+                  .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3] --',
                        '<span class="LC_cusr_emph">','</span>',$dhdom)
-                  .' -- '.&courselink($dhdom,$rowtype,$role);
+                  .' '.&courselink($dhdom,$rowtype,$role);
         }
     }
     return;
@@ -2626,7 +2415,7 @@ sub update_session_roles {
             &curr_role_status($currstart,$currend,$refresh,$update);
         my ($rolekey) = ($envkey =~ /^user\.role\.(.+)$/);
         my ($role,$rest)=split(m{\./},$rolekey,2);
-        $rest = '/'.$rest; 
+        $rest = '/'.$rest;
         if (&Apache::lonnet::delenv($envkey,undef,[$role])) {
             if ($status_in_env eq 'active') {
                 if ($role eq 'gr') {
@@ -2826,15 +2615,15 @@ sub update_session_roles {
                         }
                         my $groupdesc;
                         unless (ref($curr_groups{$cdom.'_'.$cnum}) eq 'HASH') {
-                            %{$curr_groups{$cdom.'_'.$cnum}} =
+                            %{$curr_groups{$cdom.'_'.$cnum}} = 
                                 &Apache::longroup::coursegroups($cdom,$cnum);
                         }
                         unless ((ref($groupdescs{$cdom.'_'.$cnum}) eq 'HASH') &&
                             ($groupdescs{$cdom.'_'.$cnum}{$group})) {
 
-                            my %groupinfo =
+                            my %groupinfo = 
                                 &Apache::longroup::get_group_settings($curr_groups{$cdom.'_'.$cnum}{$group});
-                            $groupdescs{$cdom.'_'.$cnum}{$group} =
+                            $groupdescs{$cdom.'_'.$cnum}{$group} = 
                                 &unescape($groupinfo{'description'});
                         }
                         $groupdesc = $groupdescs{$cdom.'_'.$cnum}{$group};
@@ -2953,7 +2742,7 @@ sub update_session_roles {
                 my $cdom = $env{'course.'.$cid.'.domain'};
                 my $cnum = $env{'course.'.$cid.'.num'};
                 my %curr_groups = &Apache::longroup::coursegroups($cdom,$cnum);
-                my %groupdesc;
+                my %groupdesc; 
                 if (ref($groupchange{$crs}) eq 'HASH') {
                     $groupchgmsg .= '<li>'.&mt('Course/Community: [_1]','<b>'.$crsdesc.'</b><ul>');
                     foreach my $group (sort(keys(%{$groupchange{$crs}}))) {
@@ -3186,7 +2975,7 @@ sub get_queued {
             if (ref($history{'details'}) eq 'HASH') {
                 $description = $history{details}{'cdescr'};
             }
-            @{$reqcrs{$reqtime}} = ($description,$showtype);
+            @{$reqcrs{$reqtime}} = ($description,$showtype); 
         }
     }
     my @sortedtimes = sort {$a <=> $b} (keys(%reqcrs));