--- loncom/interface/loncreateuser.pm	2017/07/26 19:45:45	1.442
+++ loncom/interface/loncreateuser.pm	2017/08/11 00:24:53	1.446
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Create a user
 #
-# $Id: loncreateuser.pm,v 1.442 2017/07/26 19:45:45 raeburn Exp $
+# $Id: loncreateuser.pm,v 1.446 2017/08/11 00:24:53 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -886,7 +886,15 @@ ENDBLOCK
         (!(($env{'form.action'} eq 'singleuser') && ($context eq 'domain') &&
         (!&Apache::lonnet::allowed('mau',$env{'request.role.domain'}))))) {
         my $defdom=$env{'request.role.domain'};
-        my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain');
+        my ($trusted,$untrusted);
+        if ($context eq 'course') {
+            ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('enroll',$defdom);
+        } elsif ($context eq 'author') {
+            ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('othcoau',$defdom);
+        } elsif ($context eq 'domain') {
+            ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('domroles',$defdom); 
+        }
+        my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain',undef,undef,undef,$trusted,$untrusted);
         my %lt=&Apache::lonlocal::texthash(
                   'enro' => 'Enroll one student',
                   'enrm' => 'Enroll one member',
@@ -1476,8 +1484,10 @@ ENDAUTH
             if ($env{'request.role.domain'} eq $ccdomain) {
                 $r->print(&build_tools_display($ccuname,$ccdomain,'requestcourses'));
             } else {
-                $r->print(&coursereq_externaluser($ccuname,$ccdomain,
-                                                  $env{'request.role.domain'}));
+                if (&Apache::lonnet::will_trust('reqcrs',$ccdomain,$env{'request.role.domain'})) {
+                    $r->print(&coursereq_externaluser($ccuname,$ccdomain,
+                                                      $env{'request.role.domain'}));
+                }
             }
             $r->print(&Apache::loncommon::end_data_table());
         }
@@ -2135,11 +2145,20 @@ sub new_domain_roles {
     '<th>'.&mt('Start').'</th><th>'.&mt('End').'</th>'.
     &Apache::loncommon::end_data_table_header_row();
     my @allroles = &Apache::lonuserutils::roles_by_context('domain');
+    my $uprimary = &Apache::lonnet::domain($env{'request.role.domain'},'primary');
+    my $uintdom = &Apache::lonnet::internet_dom($uprimary);
     foreach my $thisdomain (sort(&Apache::lonnet::all_domains())) {
         foreach my $role (@allroles) {
             next if ($role eq 'ad');
             next if (($role eq 'au') && ($ccdomain ne $thisdomain));
             if (&Apache::lonnet::allowed('c'.$role,$thisdomain)) {
+               if ($role eq 'dc') {
+                   unless ($thisdomain eq $env{'request.role.domain'}) {
+                       my $domprim = &Apache::lonnet::domain($thisdomain,'primary');
+                       my $intdom = &Apache::lonnet::internet_dom($domprim);
+                       next unless ($uintdom eq $intdom);
+                   }
+               }
                my $plrole=&Apache::lonnet::plaintext($role);
                my %lt=&Apache::lonlocal::texthash(
                     'ssd'  => "Set Start Date",
@@ -2352,7 +2371,7 @@ sub modify_login_block {
 
 sub personal_data_display {
     my ($ccuname,$ccdomain,$newuser,$context,$inst_results,$rolesarray,
-        $now,$captchaform,$emailusername,$usertype,$usernameset,$condition) = @_;
+        $now,$captchaform,$emailusername,$usertype,$usernameset,$condition,$excluded) = @_;
     my ($output,%userenv,%canmodify,%canmodify_status);
     my @userinfo = ('firstname','middlename','lastname','generation',
                     'permanentemail','id');
@@ -2428,16 +2447,38 @@ sub personal_data_display {
     $output = '<h3>'.$lt{'pd'}.'</h3>'.
               &Apache::lonhtmlcommon::start_pick_box();
     if (($context eq 'selfcreate') && ($newuser eq 'email')) {
+        my $size = 25;
         if ($condition) {
-            if ($condition =~ /[-\w]+\.[-\w]+$/) {
-                $condition = '@'.$condition;
+            if ($condition =~ /^\@[^\@]+$/) {
+                $size = 10;
             } else {
                 undef($condition);
             }
+        } 
+        if ($excluded) {
+            unless ($excluded =~ /^\@[^\@]+$/) {
+                undef($condition);
+            }
         }
         $output .= &Apache::lonhtmlcommon::row_title($lt{'email'}.'<b>*</b>',undef,
                                                      'LC_oddrow_value')."\n".
-                   '<input type="text" name="uname" size="25" value="'.$condition.'" autocomplete="off" />';
+                   '<input type="text" name="uname" size="'.$size.'" value="" autocomplete="off" />';
+        if ($condition) {
+            $output .= $condition;
+        } elsif ($excluded) {
+            $output .= '<br /><span style="font-size: smaller">'.&mt('You must use an e-mail address that does not end with [_1]',
+                                                                     $excluded).'</span>';
+        }
+        if ($usernameset eq 'first') {
+            $output .= '<br /><span style="font-size: smaller">';
+            if ($condition) {
+                $output .= &mt('Your username in LON-CAPA will be the part of your e-mail address before [_1]',
+                                      $condition);
+            } else {
+                $output .= &mt('Your username in LON-CAPA will be the part of your e-mail address before the @');
+            }
+            $output .= '</span>';
+        }
         $rowcount ++;
         $output .= &Apache::lonhtmlcommon::row_closure(1);
         my $upassone = '<input type="password" name="upass'.$now.'" size="20" autocomplete="off" />';
@@ -2452,8 +2493,8 @@ sub personal_data_display {
                                                      'LC_oddrow_value')."\n".
                    $upasstwo.
                    &Apache::lonhtmlcommon::row_closure()."\n";
-        if ($usernameset) {
-            my $onclick = "toggleDisplay(this,'selfcreateusername');"; 
+        if ($usernameset eq 'free') {
+            my $onclick = "toggleUsernameDisp(this,'selfcreateusername');"; 
             $output .= &Apache::lonhtmlcommon::row_title($lt{'username'},undef,'LC_oddrow_value')."\n".
                        &mt('Use e-mail address: ').
                        '<label><input type="radio" name="emailused" value="1" checked="checked" onclick="'.$onclick.'" />'.&mt('Yes').'</label>'."\n".
@@ -4943,13 +4984,17 @@ sub handler {
                             my ($showstatus,$showemail,$pickstart);
                             my $numextras = 0;
                             my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
-                            if (ref($usertypes) eq 'HASH') {
-                                if ($usertypes->{$usertype}) {
-                                    $showstatus = $usertypes->{$usertype};
-                                } else {
-                                    $showstatus = $othertitle;
+                            if ((ref($types) eq 'ARRAY') && (@{$types} > 0)) {
+                                if (ref($usertypes) eq 'HASH') {
+                                    if ($usertypes->{$usertype}) {
+                                        $showstatus = $usertypes->{$usertype};
+                                    } else {
+                                        $showstatus = $othertitle;
+                                    }
+                                    if ($showstatus) {
+                                        $numextras ++;
+                                    }
                                 }
-                                $numextras ++;
                             }
                             if (($info{$uname}{'email'} ne '') && ($info{$uname}{'email'} ne $uname)) {
                                 $showemail = $info{$uname}{'email'};
@@ -6103,10 +6148,11 @@ ENDSCRIPT
                 } elsif ($curr_types eq '') {
                     $add_domtitle = &mt('Users in other domain:');
                 }
+                my ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('enroll',$cdom);
                 $output .= &Apache::loncommon::start_data_table_row()
                            .'<td colspan="2"><span class="LC_nobreak">'.$add_domtitle.'</span><br />'
                            .&Apache::loncommon::select_dom_form('','selfenroll_newdom',
-                                                                $includeempty,$showdomdesc,'','','',$readonly)
+                                                                $includeempty,$showdomdesc,'',$trusted,$untrusted,$readonly)
                            .'<input type="hidden" name="selfenroll_types_total" value="'.$num.'" />'
                            .'</td>'.&Apache::loncommon::end_data_table_row()
                            .&Apache::loncommon::end_data_table();