--- loncom/interface/loncreateuser.pm	2003/07/17 18:14:41	1.58
+++ loncom/interface/loncreateuser.pm	2003/07/18 19:50:28	1.61
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Create a user
 #
-# $Id: loncreateuser.pm,v 1.58 2003/07/17 18:14:41 www Exp $
+# $Id: loncreateuser.pm,v 1.61 2003/07/18 19:50:28 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -25,28 +25,6 @@
 #
 # http://www.lon-capa.org/
 #
-# (Create a course
-# (My Desk
-#
-# (Internal Server Error Handler
-#
-# (Login Screen
-# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
-# 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer)
-#
-# YEAR=2001
-# 3/1/1 Gerd Kortemeyer)
-#
-# 3/1 Gerd Kortemeyer)
-#
-# 2/14 Gerd Kortemeyer)
-#
-# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer
-# April Guy Albertelli
-# 05/10,10/16 Gerd Kortemeyer 
-# 02/11/02 Matthew Hall
-#
-# $Id: loncreateuser.pm,v 1.58 2003/07/17 18:14:41 www Exp $
 ###
 
 package Apache::loncreateuser;
@@ -83,6 +61,18 @@ BEGIN {
 }
 
 
+# ======================================================= Existing Custom Roles
+
+sub my_custom_roles {
+    my %returnhash=();
+    my %rolehash=&Apache::lonnet::dump('roles');
+    foreach (keys %rolehash) {
+	if ($_=~/^rolesdef\_(\w+)$/) {
+	    $returnhash{$1}=$1;
+	}
+    }
+    return %returnhash;
+}
 
 # ==================================================== Figure out author access
 
@@ -107,6 +97,9 @@ sub print_username_entry_form {
     my $selscript=&Apache::loncommon::studentbrowser_javascript();
     my $sellink=&Apache::loncommon::selectstudent_link
                                         ('crtuser','ccuname','ccdomain');
+    my %existingroles=&my_custom_roles();
+    my $choice=&Apache::loncommon::select_form('make new role','rolename',
+		('make new role' => 'Generate new role ...',%existingroles));
     $r->print(<<"ENDDOCUMENT");
 <html>
 <head>
@@ -127,7 +120,7 @@ Domain:</td><td>$domform</td></tr>
 <form action="/adm/createuser" method="post" name="docustom">
 <input type="hidden" name="phase" value="selected_custom_edit">
 <h2>Edit Custom Role Privileges</h2>
-Name of Role: <input type="text" size="15" name="rolename" /><br />
+Name of Role: $choice <input type="text" size="15" name="newrolename" /><br />
 <input name="customeditor" type="submit" value="Custom Role Editor" />
 </body>
 </html>
@@ -249,7 +242,7 @@ ENDNEWUSER
 $dochead
 <h1>Change User Privileges</h1>
 $forminfo
-<h2>User "$ccuname" in domain $ccdomain </h2>
+<h2>User "$ccuname" in domain "$ccdomain"</h2>
 ENDCHANGEUSER
         # Get the users information
         my %userenv = &Apache::lonnet::get('environment',
@@ -845,6 +838,10 @@ sub custom_role_editor {
     my $r=shift;
     my $rolename=$ENV{'form.rolename'};
 
+    if ($rolename eq 'make new role') {
+	$rolename=$ENV{'form.newrolename'};
+    }
+
     $rolename=~s/\W//gs;
 
     unless ($rolename) {
@@ -853,8 +850,138 @@ sub custom_role_editor {
     }
 
     $r->print(&Apache::loncommon::bodytag(
-                                     'Create Users, Change User Privileges'));
-   $r->print('Not yet implemented.');
+                     'Create Users, Change User Privileges').'<h2>');
+    my $syspriv='';
+    my $dompriv='';
+    my $coursepriv='';
+    my ($rdummy,$roledef)=
+			 &Apache::lonnet::get('roles',["rolesdef_$rolename"]);
+# ------------------------------------------------------- Does this role exist?
+    if (($rdummy ne 'con_lost') && ($roledef ne '')) {
+	$r->print('Existing Role "');
+# ------------------------------------------------- Get current role privileges
+	($syspriv,$dompriv,$coursepriv)=split(/\_/,$roledef);
+	$r->print($syspriv.' '.$dompriv.' '.$coursepriv);
+    } else {
+	$r->print('New Role "');
+	$roledef='';
+    }
+    $r->print($rolename.'"</h2>');
+# ------------------------------------------------------- What can be assigned?
+    my %full=();
+    my %courselevel=();
+    my %courselevelcurrent=();
+    foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
+	my ($priv,$restrict)=split(/\&/,$_);
+        unless ($restrict) { $restrict='F'; }
+        $courselevel{$priv}=$restrict;
+        if ($coursepriv=~/\:$priv/) {
+	    $courselevelcurrent{$priv}=1;
+	}
+	$full{$priv}=1;
+    }
+    my %domainlevel=();
+    my %domainlevelcurrent=();
+    foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) {
+	my ($priv,$restrict)=split(/\&/,$_);
+        unless ($restrict) { $restrict='F'; }
+        $domainlevel{$priv}=$restrict;
+        if ($dompriv=~/\:$priv/) {
+	    $domainlevelcurrent{$priv}=1;
+	}
+	$full{$priv}=1;
+    }
+    my %systemlevel=();
+    my %systemlevelcurrent=();
+    foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) {
+	my ($priv,$restrict)=split(/\&/,$_);
+        unless ($restrict) { $restrict='F'; }
+        $systemlevel{$priv}=$restrict;
+        if ($syspriv=~/\:$priv/) {
+	    $systemlevelcurrent{$priv}=1;
+	}
+	$full{$priv}=1;
+    }
+    $r->print(<<ENDCCF);
+<form method="post">
+<input type="hidden" name="phase" value="set_custom_roles" />
+<input type="hidden" name="rolename" value="$rolename" />
+<table border="2">
+<tr><th>Privilege</th><th>Course Level</th><th>Domain Level</th>
+<th>System Level</th></tr>
+ENDCCF
+    foreach (sort keys %full) {
+	$r->print('<tr><td>'.&Apache::lonnet::plaintext($_).'</td><td>'.
+    ($courselevel{$_}?'<input type="checkbox" name="'.$_.':c" '.
+    ($courselevelcurrent{$_}?'checked="1"':'').' />':'&nbsp;').
+    '</td><td>'.
+    ($domainlevel{$_}?'<input type="checkbox" name="'.$_.':d" '.
+    ($domainlevelcurrent{$_}?'checked="1"':'').' />':'&nbsp;').
+    '</td><td>'.
+    ($systemlevel{$_}?'<input type="checkbox" name="'.$_.':s" '.
+    ($systemlevelcurrent{$_}?'checked="1"':'').' />':'&nbsp;').
+    '</td></tr>');
+    }
+    $r->print(
+   '<table><input type="submit" value="Define Role" /></form></body></html>');
+}
+
+# ---------------------------------------------------------- Call to definerole
+sub set_custom_role {
+    my $r=shift;
+
+    my $rolename=$ENV{'form.rolename'};
+
+    $rolename=~s/\W//gs;
+
+    unless ($rolename) {
+	&print_username_entry_form($r);
+        return;
+    }
+
+    $r->print(&Apache::loncommon::bodytag(
+                     'Create Users, Change User Privileges').'<h2>');
+    my ($rdummy,$roledef)=
+			 &Apache::lonnet::get('roles',["rolesdef_$rolename"]);
+# ------------------------------------------------------- Does this role exist?
+    if (($rdummy ne 'con_lost') && ($roledef ne '')) {
+	$r->print('Existing Role "');
+    } else {
+	$r->print('New Role "');
+	$roledef='';
+    }
+    $r->print($rolename.'"</h2>');
+# ------------------------------------------------------- What can be assigned?
+    my $sysrole='';
+    my $domrole='';
+    my $courole='';
+
+    foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
+	my ($priv,$restrict)=split(/\&/,$_);
+        unless ($restrict) { $restrict=''; }
+        if ($ENV{'form.'.$priv.':c'}) {
+	    $courole.=':'.$_;
+	}
+    }
+
+    foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) {
+	my ($priv,$restrict)=split(/\&/,$_);
+        unless ($restrict) { $restrict=''; }
+        if ($ENV{'form.'.$priv.':d'}) {
+	    $domrole.=':'.$_;
+	}
+    }
+
+    foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) {
+	my ($priv,$restrict)=split(/\&/,$_);
+        unless ($restrict) { $restrict=''; }
+        if ($ENV{'form.'.$priv.':s'}) {
+	    $sysrole.=':'.$_;
+	}
+    }
+    $r->print('Defining Role: '.
+	   &Apache::lonnet::definerole($rolename,$sysrole,$domrole,$courole));
+    $r->print('</body></html>');
 }
 
 # ================================================================ Main Handler
@@ -884,6 +1011,8 @@ sub handler {
            &update_user_data($r);
        } elsif ($ENV{'form.phase'} eq 'selected_custom_edit') {
            &custom_role_editor($r);
+       } elsif ($ENV{'form.phase'} eq 'set_custom_roles') {
+	   &set_custom_role($r);
        }
    } else {
       $ENV{'user.error.msg'}=