--- loncom/auth/lonroles.pm	2004/02/19 21:45:22	1.86
+++ loncom/auth/lonroles.pm	2004/05/09 00:45:00	1.91
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.86 2004/02/19 21:45:22 albertel Exp $
+# $Id: lonroles.pm,v 1.91 2004/05/09 00:45:00 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -109,12 +109,61 @@ sub handler {
 # check for keyed access
 		    if (($role eq 'st') && 
                        ($ENV{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) {
-		         unless (&Apache::lonnet::validate_access_key(
+# who is key authority?
+			my $authdom=$cdom;
+			my $authnum=$cnum;
+			if ($ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}) {
+			    ($authnum,$authdom)=
+				split(/\W/,$ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'});
+			}
+# check with key authority
+			unless (&Apache::lonnet::validate_access_key(
 				     $ENV{'environment.key.'.$cdom.'_'.$cnum},
-					     $cdom,$cnum)) {
+					     $authdom,$authnum)) {
 # there is no valid key
 			     if ($ENV{'form.newkey'}) {
 # student attempts to register a new key
+				 &Apache::loncommon::content_type($r,'text/html');
+				 &Apache::loncommon::no_cache($r);
+				 $r->send_http_header;
+				 my $swinfo=&Apache::lonmenu::rawconfig();
+				 my $bodytag=&Apache::loncommon::bodytag
+				    ('Verifying Access Key to Unlock this Course');
+				 my $buttontext=&mt('Enter Course');
+				 my $message=&mt('Successfully registered key');
+				 my $assignresult=
+				     &Apache::lonnet::assign_access_key(
+						     $ENV{'form.newkey'},
+						     $authdom,$authnum,
+						     $cdom,$cnum,
+                                                     $ENV{'user.domain'},
+						     $ENV{'user.name'},
+	      'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '.
+                                                     $trolecode);
+				 unless ($assignresult eq 'ok') {
+				     $assignresult=~s/^error\:\s*//;
+				     $message=&mt($assignresult).
+				     '<br /><a href="/adm/logout">'.
+				     &mt('Logout').'</a>';
+				     $buttontext=&mt('Re-Enter Key');
+				 }
+				 $r->print(<<ENDENTEREDKEY);
+<head><title>Verifying Course Access Key</title>
+</head>
+<html>
+$bodytag
+<script>
+$swinfo
+</script>
+<form method="post">
+<input type="hidden" name="selectrole" value="1" />
+<input type="hidden" name="$trolecode" value="1" />
+<font size="+2">$message</font><br />
+<input type="submit" value="$buttontext" />
+</form>
+</body></html>
+ENDENTEREDKEY
+                                 return OK;
 			     } else {
 # print form to enter a new key
 				 &Apache::loncommon::content_type($r,'text/html');
@@ -132,7 +181,8 @@ $bodytag
 $swinfo
 </script>
 <form method="post">
-<input type="hidden" name="selectrole" value="$ENV{'form.selectrole'}" />
+<input type="hidden" name="selectrole" value="1" />
+<input type="hidden" name="$trolecode" value="1" />
 <input type="text" size="20" name="newkey" value="$ENV{'form.newkey'}" />
 <input type="submit" value="Enter key" />
 </form>
@@ -142,6 +192,10 @@ ENDENTERKEY
 			     }
 			 }
 		     }
+		    &Apache::lonnet::log($ENV{'user.domain'},
+					 $ENV{'user.name'},
+					 $ENV{'user.home'},
+					 "Role ".$trolecode);
                     my $tadv=0;
                     if (($trolecode!~/^st/) && 
                         ($trolecode!~/^ta/) && 
@@ -525,7 +579,7 @@ ENDHEADER
 	$r->print('</form></body></html>');
 	return OK;
 # Is there only one choice?
-    } elsif ($countactive==1) {
+    } elsif (($countactive==1) && ($ENV{'request.role'} eq 'cm')) {
 	$r->print('<h3>'.&mt('Please stand by.').'</h3>'.
 	    '<input type="hidden" name="'.$possiblerole.'" value="1" />');
 	$r->print("</form>\n");