--- loncom/interface/londocs.pm	2016/08/08 13:37:42	1.484.2.65
+++ loncom/interface/londocs.pm	2020/09/09 02:08:15	1.484.2.90
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Documents
 #
-# $Id: londocs.pm,v 1.484.2.65 2016/08/08 13:37:42 raeburn Exp $
+# $Id: londocs.pm,v 1.484.2.90 2020/09/09 02:08:15 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -139,7 +139,43 @@ sub clean {
     return $title;
 }
 
-
+sub default_folderpath {
+    my ($coursenum,$coursedom,$navmapref) = @_;
+    return unless ($coursenum && $coursedom && ref($navmapref));
+# Check if entire course is hidden and/or encrypted
+    my ($hiddenmap,$encryptmap,$folderpath,$hiddentop);
+    my $toplevel = "uploaded/$coursedom/$coursenum/default.sequence";
+    unless (ref($$navmapref)) {
+        $$navmapref = Apache::lonnavmaps::navmap->new();
+    }
+    if (ref($$navmapref)) {
+        if (lc($$navmapref->get_mapparam(undef,$toplevel,"0.hiddenresource")) eq 'yes') {
+            my $filterFunc = sub { my $res = shift; return (!$res->randomout() && !$res->is_map()) };
+            my @resources = $$navmapref->retrieveResources($toplevel,$filterFunc,1,1);
+            unless (@resources) {
+                $hiddenmap = 1;
+                unless ($env{'request.role.adv'}) {
+                    $hiddentop = 1;
+                    if ($env{'form.folder'}) {
+                        undef($env{'form.folder'});
+                    }
+                }
+            }
+        }
+        if (lc($$navmapref->get_mapparam(undef,$toplevel,"0.encrypturl")) eq 'yes') {
+            $encryptmap = 1;
+        }
+    }
+    unless ($hiddentop) {
+        $folderpath='default&'.&escape(&mt('Main Content')).
+                    '::'.$hiddenmap.':'.$encryptmap.'::';
+    }
+    if (wantarray) {
+        return ($folderpath,$hiddentop);
+    } else {
+        return $folderpath;
+    }
+}
 
 sub dumpcourse {
     my ($r) = @_;
@@ -791,12 +827,14 @@ sub log_docs {
 }
 
 sub docs_change_log {
-    my ($r,$coursenum,$coursedom,$folder,$allowed,$crstype,$iconpath)=@_;
+    my ($r,$coursenum,$coursedom,$folder,$allowed,$crstype,$iconpath,$canedit)=@_;
     my $supplementalflag=($env{'form.folderpath'}=~/^supplemental/);
+    my $navmap;   
     my $js = '<script type="text/javascript">'."\n".
              '// <![CDATA['."\n".
              &Apache::loncommon::display_filter_js('docslog')."\n".
-             &editing_js($env{'user.domain'},$env{'user.name'},$supplementalflag)."\n".
+             &editing_js($env{'user.domain'},$env{'user.name'},$supplementalflag,
+                         $coursedom,$coursenum,$canedit,'',\$navmap)."\n".
              &history_tab_js()."\n".
              &Apache::lonratedt::editscript('simple')."\n".
              '// ]]>'."\n".
@@ -812,8 +850,9 @@ sub docs_change_log {
     }
     my $folderpath=$env{'form.folderpath'};
     if ($folderpath eq '') {
-        $folderpath = 'default&'.&escape(&mt('Main Content').':::::');
+        $folderpath = &default_folderpath($coursenum,$coursedom,\$navmap);
     }
+    undef($navmap);
     $pathitem = '<input type="hidden" name="folderpath" value="'.
                 &HTML::Entities::encode($folderpath,'<>&"').'" />';
     my $readfile="/uploaded/$coursedom/$coursenum/$folder.$container";
@@ -1020,29 +1059,47 @@ sub update_paste_buffer {
 # Construct identifiers for current contents of user's paste buffer
     if (@currpaste) {
         foreach my $suffix (@currpaste) {
-             my $cid = $env{'docs.markedcopy_crs_'.$suffix};
-             my $url = $env{'docs.markedcopy_url_'.$suffix};
-             if (($cid =~ /^$match_domain(?:_)$match_courseid$/) &&
-                 ($url ne '')) {
-                 $pasteurls{$cid.'_'.$url} = 1;
-             }
+            my $cid = $env{'docs.markedcopy_crs_'.$suffix};
+            my $url = $env{'docs.markedcopy_url_'.$suffix};
+            my $mapidx = $env{'docs.markedcopy_map_'.$suffix};
+            if (($cid =~ /^$match_domain(?:_)$match_courseid$/) &&
+                ($url ne '')) {
+                if ($url eq '/res/lib/templates/simpleproblem.problem') {
+                    $pasteurls{$cid.'_'.$mapidx} = 1;
+                } elsif ($url =~ m{^/res/$match_domain/$match_username/}) {
+                    $pasteurls{$url} = 1;
+                } else {
+                    $pasteurls{$cid.'_'.$url} = 1;
+                }
+            }
         }
     }
 
 # Mark items for copying (skip any items already in user's paste buffer)
     my %addtoenv;
-                  
+
+    my @pathitems = split(/\&/,$env{'form.folderpath'});
+    my @folderconf = split(/\:/,$pathitems[-1]);
+    my $ispage = $folderconf[5];
+
     foreach my $item (@possibles) {
         my ($orderidx,$cmd) = split(/:/,$item);
         next if ($orderidx =~ /\D/);
         next unless (($cmd eq 'cut') || ($cmd eq 'copy') || ($cmd eq 'remove'));
+        my $mapidx = $folder.':'.$orderidx.':'.$ispage;
         my ($title,$url)=split(':',$LONCAPA::map::resources[$orderidx]);
         my %denied = &action_restrictions($coursenum,$coursedom,
                                           &LONCAPA::map::qtescape($url),
                                           $env{'form.folderpath'},\%curr_groups);
         next if ($denied{'copy'});
         $url=~s{http(&colon;|:)//https(&colon;|:)//}{https$2//};
-        next if (exists($pasteurls{$coursedom.'_'.$coursenum.'_'.$url}));
+        if ($url eq '/res/lib/templates/simpleproblem.problem') {
+            next if (exists($pasteurls{$coursedom.'_'.$coursenum.'_'.$mapidx}));
+        } elsif ($url =~ m{^/res/$match_domain/$match_username/}) {
+            next if (exists($pasteurls{$url}));
+        } else {
+            next if (exists($pasteurls{$coursedom.'_'.$coursenum.'_'.$url}));
+        }
         my ($suffix,$errortxt,$locknotfreed) =
             &new_timebased_suffix($env{'user.domain'},$env{'user.name'},'paste');
         if ($suffix ne '') {
@@ -1061,7 +1118,7 @@ sub update_paste_buffer {
         $addtoenv{'docs.markedcopy_url_'.$suffix}   = $url,
         $addtoenv{'docs.markedcopy_cmd_'.$suffix}   = $cmd,
         $addtoenv{'docs.markedcopy_crs_'.$suffix}   = $env{'request.course.id'};
- 
+        $addtoenv{'docs.markedcopy_map_'.$suffix}   = $mapidx;
         if ($url =~ m{^/uploaded/$match_domain/$match_courseid/(default|supplemental)_?(\d*)\.(page|sequence)$}) {
             my $prefix = $1;
             my $subdir =$2;
@@ -1139,6 +1196,7 @@ sub print_paste_buffer {
         next if ($suffix =~ /\D/);
         my $cid = $env{'docs.markedcopy_crs_'.$suffix};
         my $url = $env{'docs.markedcopy_url_'.$suffix};
+        my $mapidx = $env{'docs.markedcopy_map_'.$suffix}; 
         if (($cid =~ /^$match_domain\_$match_courseid$/) &&
             ($url ne '')) {
             $clipboardcount ++;
@@ -1164,9 +1222,7 @@ sub print_paste_buffer {
                     if (($srcdom ne $coursedom) || ($srcnum ne $coursenum)) {
                         $othercourse = 1;
                         if ($env{"user.priv.cm./$srcdom/$srcnum"} =~ /\Q:mdc&F\E/) {
-                            if ($canpaste) {
-                                $othercrs = '<br />'.&mt('(from another course)');
-                            }
+                            $othercrs = '<br />'.&mt('(from another course)');
                         } else {
                             $canpaste = 0;
                             $nopaste = &mt('Paste from another course unavailable.'); 
@@ -1180,10 +1236,21 @@ sub print_paste_buffer {
                         }
                         $is_uploaded_map = 1;
                     }
+                } elsif (($url =~ m{^/res/lib/templates/\w+\.problem$}) ||
+                         ($url =~ m{^/adm/($match_domain)/($match_username)/\d+/(bulletinboard|smppg)$})) {
+                    if ($cid ne $env{'request.course.id'}) {
+                        my ($srcdom,$srcnum) = split(/_/,$cid);
+                        if ($env{"user.priv.cm./$srcdom/$srcnum"} =~ /\Q:mdc&F\E/) {
+                            $othercrs = '<br />'.&mt('(from another course)');
+                        } else {
+                            $canpaste = 0;
+                            $nopaste = &mt('Paste from another course unavailable.');
+                        }
+                    }
+                }
+                if ($canpaste) {
+                    push(@pasteable,$suffix);
                 }
-            }
-            if ($canpaste) {
-               push(@pasteable,$suffix);
             }
             my $buffer;
             if ($is_external) {
@@ -1469,10 +1536,12 @@ sub do_paste_from_buffer {
     }
 
     my (%msgs,%before,%after,@dopaste,%is_map,%notinsupp,%notincrs,%duplicate,
-        %prefixchg,%srcdom,%srcnum,%marktomove,$save_err,$lockerrors,$allresult);
+        %prefixchg,%srcdom,%srcnum,%srcmapidx,%marktomove,$save_err,$lockerrors,$allresult);
 
     foreach my $suffix (@topaste) {
         my $url=&LONCAPA::map::qtescape($env{'docs.markedcopy_url_'.$suffix});
+        my $cid=&LONCAPA::map::qtescape($env{'docs.markedcopy_crs_'.$suffix});
+        my $mapidx=&LONCAPA::map::qtescape($env{'docs.markedcopy_map_'.$suffix});  
 # Supplemental content may only include certain types of content
 # Early out if pasted content is not supported in Supplemental area
         if ($folder =~ /^supplemental/) {
@@ -1494,8 +1563,21 @@ sub do_paste_from_buffer {
             }
             $srcdom{$suffix} = $srcd;
             $srcnum{$suffix} = $srcn;
+        } elsif (($url =~ m{^/res/lib/templates/\w+\.problem$}) ||
+                 ($url =~ m{^/adm/$match_domain/$match_username/\d+/(bulletinboard|smppg)$})) {
+            my ($srcd,$srcn) = split(/_/,$cid);
+# When paste buffer was populated using an active role in a different course
+# check for mdc privilege in the course from which the resource was pasted
+            if (($srcd ne $coursedom) || ($srcn ne $coursenum)) {
+                unless ($env{"user.priv.cm./$srcd/$srcn"} =~ /\Q:mdc&F\E/) {
+                    $notincrs{$suffix} = 1;
+                    next;
+                }
+            }
+            $srcdom{$suffix} = $srcd;
+            $srcnum{$suffix} = $srcn;
         }
-
+        $srcmapidx{$suffix} = $mapidx; 
         push(@dopaste,$suffix);
         if ($url=~/\.(page|sequence)$/) {
             $is_map{$suffix} = 1; 
@@ -1505,7 +1587,7 @@ sub do_paste_from_buffer {
             my $oldprefix = $1;
 # When pasting content from Main Content to Supplemental Content and vice versa 
 # URLs will contain different paths (which depend on whether pasted item is
-# a folder/page or a document.   
+# a folder/page or a document).   
             if (($folder =~ /^supplemental/) && (($oldprefix =~ /^default/) || ($oldprefix eq 'docs'))) {
                 $prefixchg{$suffix} = 'docstosupp';
             } elsif (($folder =~ /^default/) && ($oldprefix =~ /^supplemental/)) {
@@ -1573,30 +1655,31 @@ sub do_paste_from_buffer {
 # Retrieve information about all course maps in main content area 
 
     my $allmaps = {};
-    if ($folder =~ /^default/) {
-        $allmaps =
-            &Apache::loncommon::allmaps_incourse($coursedom,$coursenum,
-                                                 $env{"course.$env{'request.course.id'}.home"},
-                                                 $env{'request.course.id'});
-    }
-
-    my (@toclear,%mapurls,%lockerrs,%msgerrs,%results);
+    my (@toclear,%mapurls,%lockerrs,%msgerrs,%results,$donechk);
 
 # Loop over the items to paste
     foreach my $suffix (@dopaste) {
 # Maps need to be copied first
         my (%removefrommap,%removeparam,%addedmaps,%rewrites,%retitles,%copies,
             %dbcopies,%zombies,%params,%docmoves,%mapmoves,%mapchanges,%newsubdir,
-            %newurls,%tomove);
+            %newurls,%tomove,%resdatacopy);
         if (ref($marktomove{$suffix}) eq 'ARRAY') {
             map { $tomove{$_} = 1; } @{$marktomove{$suffix}};
         }
         my $url=&LONCAPA::map::qtescape($env{'docs.markedcopy_url_'.$suffix});
         my $title=&LONCAPA::map::qtescape($env{'docs.markedcopy_title_'.$suffix});
+        my $cid=&LONCAPA::map::qtescape($env{'docs.markedcopy_crs_'.$suffix});
         my $oldurl = $url;
         if ($is_map{$suffix}) {
 # If pasting a map, check if map contains other maps
             my (%hierarchy,%titles);
+            if (($folder =~ /^default/) && (!$donechk)) {
+                $allmaps =
+                    &Apache::loncommon::allmaps_incourse($coursedom,$coursenum,
+                                                         $env{"course.$env{'request.course.id'}.home"},
+                                                         $env{'request.course.id'});
+                $donechk = 1; 
+            }
             &contained_map_check($url,$folder,\%removefrommap,\%removeparam,
                                  \%addedmaps,\%hierarchy,\%titles,$allmaps);
             if ($url=~ m{^/uploaded/}) {
@@ -1628,7 +1711,7 @@ sub do_paste_from_buffer {
                                               \%retitles,\%copies,\%dbcopies,
                                               \%zombies,\%params,\%mapmoves,
                                               \%mapchanges,\%tomove,\%newsubdir,
-                                              \%newurls)) {
+                                              \%newurls,\%resdatacopy)) {
                         $mapmoves{$url} = 1;
                     }
                     $url = $newurl;
@@ -1637,10 +1720,10 @@ sub do_paste_from_buffer {
                                       $coursenum,$srcdom{$suffix},$srcnum{$suffix},
                                       $allmaps,\%rewrites,\%retitles,\%copies,\%dbcopies,
                                       \%zombies,\%params,\%mapmoves,\%mapchanges,
-                                      \%tomove,\%newsubdir,\%newurls); 
+                                      \%tomove,\%newsubdir,\%newurls,\%resdatacopy); 
                 }
             } elsif ($url=~m {^/res/}) {
-# published map can only exists once, so remove from paste buffer when done
+# published map can only exist once, so remove from paste buffer when done
                 push(@toclear,$suffix);
 # if pasting published map (main content area only) check map not already in course
                 if ($folder =~ /^default/) {
@@ -1653,13 +1736,21 @@ sub do_paste_from_buffer {
         }
         if ($url=~ m{/(bulletinboard|smppg)$}) {
             my $prefix = $1;
+            my $fromothercrs;
             #need to copy the db contents to a new one, unless this is a move.
             my %info = (
                          src  => $url,
                          cdom => $coursedom,
                          cnum => $coursenum,
-            );
-            unless ($env{'form.docs.markedcopy_options_'.$suffix} eq 'move') {
+                       );
+            if (($srcdom{$suffix} =~ /^$match_domain$/) && ($srcnum{$suffix} =~ /^$match_courseid$/)) {
+                unless (($srcdom{$suffix} eq $coursedom) && ($srcnum{$suffix} eq $coursenum)) {
+                    $fromothercrs = 1;
+                    $info{'cdom'} = $srcdom{$suffix};
+                    $info{'cnum'} = $srcnum{$suffix};
+                }
+            }
+            unless (($env{'form.docs.markedcopy_options_'.$suffix} eq 'move') && (!$fromothercrs)) {
                 my (%lockerr,$msg); 
                 my ($newurl,$result,$errtext) =
                     &dbcopy(\%info,$coursedom,$coursenum,\%lockerr);
@@ -1735,6 +1826,12 @@ sub do_paste_from_buffer {
                         }
                     }
                 }
+            } elsif ($url =~ m{^/res/lib/templates/(\w+)\.problem$}) {
+                my $template = $1;
+                if ($newidx) {
+                    &copy_templated_files($url,$srcdom{$suffix},$srcnum{$suffix},$srcmapidx{$suffix},
+                                          $coursedom,$coursenum,$template,$newidx,"$folder.$container");
+                }
             }
             $LONCAPA::map::resources[$newidx]=$title.':'.&LONCAPA::map::qtunescape($url).
                                               ':'.$ext.':normal:res';
@@ -1748,7 +1845,8 @@ sub do_paste_from_buffer {
             }
         }
 
-# Apply any changes to maps, or copy dependencies for uploaded HTML pages 
+# Apply any changes to maps, or copy dependencies for uploaded HTML pages, or update 
+# resourcedata for simpleproblems copied from another course
         unless ($allresult eq 'fail') {
             my %updated = (
                             rewrites      => \%rewrites,
@@ -1756,6 +1854,7 @@ sub do_paste_from_buffer {
                             removefrommap => \%removefrommap,
                             removeparam   => \%removeparam,
                             dbcopies      => \%dbcopies,
+                            resdatacopy   => \%resdatacopy,
                             retitles      => \%retitles,
                           );
             my %info = (
@@ -1920,8 +2019,8 @@ sub get_newmap_url {
 sub dbcopy {
     my ($dbref,$coursedom,$coursenum,$lockerrorsref) = @_;
     my ($url,$result,$errtext);
-    $url = $dbref->{'src'};
     if (ref($dbref) eq 'HASH') {
+        $url = $dbref->{'src'};
         if ($url =~ m{/(smppg|bulletinboard)$}) {
             my $prefix = $1;
             if (($dbref->{'cdom'} =~ /^$match_domain$/) &&
@@ -2012,6 +2111,97 @@ sub dbcopy {
     return ($url,$result,$errtext);
 }
 
+sub copy_templated_files {
+    my ($srcurl,$srcdom,$srcnum,$srcmapinfo,$coursedom,$coursenum,$template,$newidx,$newmapname) = @_;
+    my ($srcfolder,$srcid,$srcwaspage) = split(/:/,$srcmapinfo);
+    my $srccontainer = 'sequence';
+    if ($srcwaspage) {
+        $srccontainer = 'page';
+    }
+    my $srcsymb = "uploaded/$srcdom/$srcnum/$srcfolder.$srccontainer".
+                  '___'.$srcid.'___'.&Apache::lonnet::declutter($srcurl);
+    my $srcprefix = $srcdom.'_'.$srcnum.'.'.$srcsymb;
+    my %srcparms=&Apache::lonnet::dump('resourcedata',$srcdom,$srcnum,$srcprefix);
+    my $newsymb = "uploaded/$coursedom/$coursenum/$newmapname".'___'.$newidx.'___lib/templates/'.
+                  $template.'.problem';
+    my $newprefix = $coursedom.'_'.$coursenum.'.'.$newsymb;
+    if ($template eq 'simpleproblem') {
+        $srcprefix .= '.0.';
+        my $weightprefix = $newprefix;
+        $newprefix .= '.0.';
+        my @simpleprobqtypes = qw(radio option string essay numerical);
+        my $qtype=$srcparms{$srcprefix.'questiontype'};
+        if (grep(/^\Q$qtype\E$/,@simpleprobqtypes)) {
+            my %newdata = (
+                $newprefix.'questiontype' => $qtype,
+            );
+            foreach my $type (@simpleprobqtypes) {
+                if ($type eq $qtype) {
+                    $newdata{"$weightprefix.$type.weight"}=1;
+                } else {
+                    $newdata{"$weightprefix.$type.weight"}=0;
+                }
+            }
+            $newdata{$newprefix.'hiddenparts'} = '!'.$qtype;
+            $newdata{$newprefix.'questiontext'} = $srcparms{$srcprefix.'questiontext'};
+            $newdata{$newprefix.'hinttext'} = $srcparms{$srcprefix.'hinttext'};
+            if ($qtype eq 'numerical') {
+                $newdata{$newprefix.'numericalscript'} = $srcparms{$srcprefix.'numericalscript'};
+                $newdata{$newprefix.'numericalanswer'} = $srcparms{$srcprefix.'numericalanswer'};
+                $newdata{$newprefix.'numericaltolerance'} = $srcparms{$srcprefix.'numericaltolerance'};
+                $newdata{$newprefix.'numericalsigfigs'} = $srcparms{$srcprefix.'numericalsigfigs'};
+            } elsif (($qtype eq 'option') || ($qtype eq 'radio')) {
+                my $maxfoils=$srcparms{$srcprefix.'maxfoils'};
+                unless (defined($maxfoils)) { $maxfoils=10; }
+                    unless ($maxfoils=~/^\d+$/) { $maxfoils=10; }
+                        if ($maxfoils<=0) { $maxfoils=10; }
+                            my $randomize=$srcparms{$srcprefix.'randomize'};
+                            unless (defined($randomize)) { $randomize='yes'; }
+                            unless ($randomize eq 'no') { $randomize='yes'; }
+                            $newdata{$newprefix.'maxfoils'} = $maxfoils;
+                            $newdata{$newprefix.'randomize'} = $randomize;
+                            if ($qtype eq 'option') {
+                                $newdata{$newprefix.'options'} = $srcparms{$srcprefix.'options'};
+                            }
+                            for (my $i=1; $i<=10; $i++) {
+                                $newdata{$newprefix.'value'.$i} = $srcparms{$srcprefix.'value'.$i};
+                                $newdata{$newprefix.'position'.$i} = $srcparms{$srcprefix.'position'.$i};
+                                $newdata{$newprefix.'text'.$i} = $srcparms{$srcprefix.'text'.$i};
+                            }
+
+            } elsif (($qtype eq 'option') || ($qtype eq 'radio')) {
+                my $maxfoils=$srcparms{$srcprefix.'maxfoils'};
+                unless (defined($maxfoils)) { $maxfoils=10; }
+                unless ($maxfoils=~/^\d+$/) { $maxfoils=10; }
+                if ($maxfoils<=0) { $maxfoils=10; }
+                my $randomize=$srcparms{$srcprefix.'randomize'};
+                unless (defined($randomize)) { $randomize='yes'; }
+                unless ($randomize eq 'no') { $randomize='yes'; }
+                $newdata{$newprefix.'maxfoils'} = $maxfoils;
+                $newdata{$newprefix.'randomize'} = $randomize;
+                if ($qtype eq 'option') {
+                    $newdata{$newprefix.'options'} = $srcparms{$srcprefix.'options'};
+                }
+                for (my $i=1; $i<=10; $i++) {
+                    $newdata{$newprefix.'value'.$i} = $srcparms{$srcprefix.'value'.$i};
+                    $newdata{$newprefix.'position'.$i} = $srcparms{$srcprefix.'position'.$i};
+                    $newdata{$newprefix.'text'.$i} = $srcparms{$srcprefix.'text'.$i};
+                }
+            } elsif ($qtype eq 'string') {
+                $newdata{$newprefix.'stringanswer'} = $srcparms{$srcprefix.'stringanswer'};
+                $newdata{$newprefix.'stringtype'} = $srcparms{$srcprefix.'stringtype'};
+            }
+            if (keys(%newdata)) {
+                my $putres = &Apache::lonnet::cput('resourcedata',\%newdata,$coursedom,
+                                                   $coursenum);
+                if ($putres eq 'ok') {
+                    &Apache::lonnet::devalidatecourseresdata($coursenum,$coursedom);
+                }
+            }
+        }
+    }
+}
+
 sub uniqueness_check {
     my ($newurl) = @_;
     my $unique = 1;
@@ -2077,7 +2267,7 @@ sub contained_map_check {
 sub url_paste_fixups {
     my ($oldurl,$folder,$prefixchg,$cdom,$cnum,$fromcdom,$fromcnum,$allmaps,
         $rewrites,$retitles,$copies,$dbcopies,$zombies,$params,$mapmoves,
-        $mapchanges,$tomove,$newsubdir,$newurls) = @_;
+        $mapchanges,$tomove,$newsubdir,$newurls,$resdatacopy) = @_;
     my $checktitle;
     if (($prefixchg) &&
         ($oldurl =~ m{^/uploaded/$match_domain/$match_courseid/supplemental})) {
@@ -2126,7 +2316,7 @@ sub url_paste_fixups {
                                           $srcdom,$srcnum,$allmaps,$rewrites,
                                           $retitles,$copies,$dbcopies,$zombies,
                                           $params,$mapmoves,$mapchanges,$tomove,
-                                          $newsubdir,$newurls);
+                                          $newsubdir,$newurls,$resdatacopy);
                         next;
                     } else {
                         ($newurl,my $error) =
@@ -2150,7 +2340,7 @@ sub url_paste_fixups {
                                                   $cnum,$srcdom,$srcnum,$allmaps,
                                                   $rewrites,$retitles,$copies,$dbcopies,
                                                   $zombies,$params,$mapmoves,$mapchanges,
-                                                  $tomove,$newsubdir,$newurls)) {
+                                                  $tomove,$newsubdir,$newurls,$resdatacopy)) {
                             $mapmoves->{$ressrc} = 1;
                         }
                         $changed = 1;
@@ -2179,6 +2369,12 @@ sub url_paste_fixups {
                     $dbcopies->{$oldurl}{$id}{'cnum'} = $fromcnum;
                     $changed = 1;
                 }
+            } elsif ($ressrc eq '/res/lib/templates/simpleproblem.problem') {
+                if (($fromcdom ne $cdom) || ($fromcnum ne $cnum)) {
+                    $resdatacopy->{$oldurl}{$id}{'src'} = $ressrc;
+                    $resdatacopy->{$oldurl}{$id}{'cdom'} = $fromcdom;
+                    $resdatacopy->{$oldurl}{$id}{'cnum'} = $fromcnum;
+                }
             } elsif ($ressrc =~ m{^/public/($match_domain)/($match_courseid)/(.+)$}) {
                 next if ($skip);
                 my $srcdom = $1;
@@ -2210,7 +2406,7 @@ sub apply_fixups {
         $oldurl,$url,$caller) = @_;
     my (%rewrites,%zombies,%removefrommap,%removeparam,%dbcopies,%retitles,
         %params,%newsubdir,%before,%after,%copies,%docmoves,%mapmoves,@msgs,
-        %lockerrors,$lockmsg);
+        %resdatacopy,%lockerrors,$lockmsg);
     if (ref($updated) eq 'HASH') {
         if (ref($updated->{'rewrites'}) eq 'HASH') {
             %rewrites = %{$updated->{'rewrites'}};
@@ -2230,6 +2426,9 @@ sub apply_fixups {
         if (ref($updated->{'retitles'}) eq 'HASH') {
             %retitles = %{$updated->{'retitles'}};
         }
+        if (ref($updated->{'resdatacopy'}) eq 'HASH') {
+            %resdatacopy = %{$updated->{'resdatacopy'}};
+        }
     }
     if (ref($info) eq 'HASH') {
         if (ref($info->{'newsubdir'}) eq 'HASH') {
@@ -2380,6 +2579,36 @@ sub apply_fixups {
                     }
                 }
             }
+            if (ref($resdatacopy{$key}) eq 'HASH') {
+                my ($gotnewmapname,$newmapname,$srcfolder,$srccontainer);
+                foreach my $idx (keys(%{$resdatacopy{$key}})) {
+                    if (ref($resdatacopy{$key}{$idx}) eq 'HASH') {
+                        my $srcurl = $resdatacopy{$key}{$idx}{'src'};
+                        if ($srcurl =~ m{^/res/lib/templates/(\w+)\.problem$}) {
+                            my $template = $1;
+                            if (($resdatacopy{$key}{$idx}{'cdom'} =~ /^$match_domain$/) &&
+                                ($resdatacopy{$key}{$idx}{'cnum'} =~ /^$match_courseid$/)) {
+                                my $srcdom = $resdatacopy{$key}{$idx}{'cdom'};
+                                my $srcnum = $resdatacopy{$key}{$idx}{'cnum'};
+                                unless ($gotnewmapname) {
+                                    ($newmapname) = ($key =~ m{/([^/]+)$});
+                                    ($srcfolder,$srccontainer) = split(/\./,$newmapname);
+                                    if ($newsubdir{$key}) {
+                                        $newmapname =~ s/^((?:default|supplemental)_)(\d+)/$1$newsubdir{$key}/;
+                                    }
+                                    $gotnewmapname = 1;
+                                }
+                                my $srcmapinfo = $srcfolder.':'.$idx;
+                                if ($srccontainer eq 'page') {
+                                    $srcmapinfo .= ':1';
+                                }
+                                &copy_templated_files($srcurl,$srcdom,$srcnum,$srcmapinfo,$cdom,
+                                                      $cnum,$template,$idx,$newmapname);
+                            }
+                        }
+                    }
+                }
+            }
             if (ref($params{$key}) eq 'HASH') {
                 %currparam = %{$params{$key}};
             }
@@ -2395,7 +2624,8 @@ sub apply_fixups {
                     }
                 }
             }
-            for (my $i=0; $i<@LONCAPA::map::order; $i++) {
+            my $total = scalar(@LONCAPA::map::order) - 1;
+            for (my $i=$total; $i>=0; $i--) {
                 my $idx = $LONCAPA::map::order[$i];
                 if (defined($LONCAPA::map::resources[$idx])) {
                     my $changed;
@@ -2405,7 +2635,7 @@ sub apply_fixups {
                         splice(@LONCAPA::map::order,$i,1);
                         if (ref($currparam{$idx}) eq 'ARRAY') {
                             foreach my $name (@{$currparam{$idx}}) {
-                                &LONCAPA::map::delparameter($idx,'parameter_'.$name);
+                                &LONCAPA::map::delparameter($idx,$name);
                             }
                         }
                         next;
@@ -2447,7 +2677,7 @@ sub apply_fixups {
             foreach my $idx (keys(%remparam)) {
                 if (ref($remparam{$idx}) eq 'ARRAY') {
                     foreach my $name (@{$remparam{$idx}}) {   
-                        &LONCAPA::map::delparameter($idx,'parameter_'.$name);
+                        &LONCAPA::map::delparameter($idx,$name);
                     }
                 }
             }
@@ -2706,7 +2936,8 @@ sub handle_edit_cmd {
 
 sub editor {
     my ($r,$coursenum,$coursedom,$folder,$allowed,$upload_output,$crstype,
-        $supplementalflag,$orderhash,$iconpath,$pathitem)=@_;
+        $supplementalflag,$orderhash,$iconpath,$pathitem,$canedit,
+        $hostname,$navmapref,$hiddentop)=@_;
     my ($randompick,$ishidden,$isencrypted,$plain,$is_random_order,$container);
     if ($allowed) {
         (my $breadcrumbtrail,$randompick,$ishidden,$isencrypted,$plain,
@@ -2729,9 +2960,21 @@ sub editor {
         $randompick = -1;
     }
 
-    my ($errtext,$fatal) = &mapread($coursenum,$coursedom,
-				    $folder.'.'.$container);
-    return $errtext if ($fatal);
+    my ($errtext,$fatal);
+    if (($folder eq '') && (!$supplementalflag)) {
+        if (@LONCAPA::map::order) {
+            undef(@LONCAPA::map::order);
+            undef(@LONCAPA::map::resources);
+            undef(@LONCAPA::map::resparms);
+            undef(@LONCAPA::map::zombies);
+        }
+        $folder = 'default';
+        $container = 'sequence';
+    } else {
+        ($errtext,$fatal) = &mapread($coursenum,$coursedom,
+                                     $folder.'.'.$container);
+        return $errtext if ($fatal);
+    }
 
     if ($#LONCAPA::map::order<1) {
 	my $idx=&LONCAPA::map::getresidx();
@@ -2743,7 +2986,7 @@ sub editor {
 # ------------------------------------------------------------ Process commands
 
 # ---------------- if they are for this folder and user allowed to make changes
-    if (($allowed) && ($env{'form.folder'} eq $folder)) {
+    if (($allowed && $canedit) && ($env{'form.folder'} eq $folder)) {
 # set parameters and change order
 	&snapshotbefore();
 
@@ -3009,19 +3252,21 @@ sub editor {
         if ($url =~ m{/uploaded/.+\.(page|sequence)$}) {
             push(@allmapidx,$res);
         }
+
         $output .= &entryline($idx,$name,$url,$folder,$allowed,$res,
                               $coursenum,$coursedom,$crstype,
                               $pathitem,$supplementalflag,$container,
-                              \%filters,\%curr_groups);
+                              \%filters,\%curr_groups,$canedit,
+                              $isencrypted,$navmapref,$hostname);
         $idx++;
         $shown++;
     }
     &Apache::loncommon::end_data_table_count();
 
     my $need_save;
-    if (($allowed) || ($supplementalflag && $folder eq 'supplemental')) {
+    if ($allowed || ($supplementalflag && $folder eq 'supplemental')) {
         my $toolslink;
-        if ($allowed || &Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
+        if ($allowed) {
             $toolslink = '<table><tr><td>'
                        .&Apache::loncommon::help_open_menu('Navigation Screen',
                                                            'Navigation_Screen',undef,'RAT')
@@ -3068,12 +3313,12 @@ sub editor {
                                 &Apache::loncommon::continue_data_table_row().
                                 '<td colspan="2">&nbsp;</td>'.
                                 '<td>'.
-                                &multiple_check_form('actions',\%lists).
+                                &multiple_check_form('actions',\%lists,$canedit).
                                 '</td>'.
                                 '<td>&nbsp;</td>'.
                                 '<td>&nbsp;</td>'.
                                 '<td colspan="4">'.
-                                &multiple_check_form('settings',\%lists).
+                                &multiple_check_form('settings',\%lists,$canedit).
                                 '</td>'.
                                 &Apache::loncommon::end_data_table_row();
                              $need_save = 1;
@@ -3094,9 +3339,15 @@ sub editor {
             if (!$allowed) {
                 $to_show .= $toolslink;
             }
+            my $noresmsg;
+            if ($allowed && $hiddentop && !$supplementalflag) {
+                $noresmsg = &mt('Main Content Hidden');
+            } else {
+                $noresmsg = &mt('Currently empty');
+            }
             $to_show .= &Apache::loncommon::start_scrollbox('400px','380px','200px','contentscroll')
                        .'<div class="LC_info" id="contentlist">'
-                       .&mt('Currently empty')
+                       .$noresmsg
                        .'</div>'
                        .&Apache::loncommon::end_scrollbox();
         }
@@ -3120,8 +3371,10 @@ sub editor {
     if ($allowed) {
         my $readfile="/uploaded/$coursedom/$coursenum/$folder.$container";
         $r->print(&generate_edit_table($tid,$orderhash,$to_show,$iconpath,
-                                       $jumpto,$readfile,$need_save,"$folder.$container"));
-        &print_paste_buffer($r,$container,$folder,$coursedom,$coursenum);
+                                       $jumpto,$readfile,$need_save,"$folder.$container",$canedit));
+        if ($canedit) {
+            &print_paste_buffer($r,$container,$folder,$coursedom,$coursenum);
+        }
     } else {
         $r->print($to_show);
     }
@@ -3129,8 +3382,12 @@ sub editor {
 }
 
 sub multiple_check_form {
-    my ($caller,$listsref) = @_;
+    my ($caller,$listsref,$canedit) = @_;
     return unless (ref($listsref) eq 'HASH');
+    my $disabled;
+    unless ($canedit) {
+        $disabled = 'disabled="disabled"';
+    }
     my $output =
     '<form action="/adm/coursedocs" method="post" name="togglemult'.$caller.'">'.
     '<span class="LC_nobreak" style="font-size:x-small;font-weight:bold;">'.
@@ -3143,15 +3400,15 @@ sub multiple_check_form {
             '<table><tr>'.
             '<td class="LC_docs_entry_parameter">'.
             '<span class="LC_nobreak"><label>'.
-            '<input type="checkbox" name="hiddenresourceall" id="hiddenresourceall" onclick="propagateState(this.form,'."'hiddenresource'".')" />'.&mt('Hidden').
+            '<input type="checkbox" name="hiddenresourceall" id="hiddenresourceall" onclick="propagateState(this.form,'."'hiddenresource'".')"'.$disabled.' />'.&mt('Hidden').
             '</label></span></td>'.
             '<td class="LC_docs_entry_parameter">'.
-            '<span class="LC_nobreak"><label><input type="checkbox" name="randompickall" id="randompickall" onclick="updatePick(this.form,'."'all','check'".');propagateState(this.form,'."'randompick'".');propagateState(this.form,'."'rpicknum'".');" />'.&mt('Randomly Pick').'</label><span id="rpicktextall"></span><input type="hidden" name="rpicknumall" id="rpicknumall" value="" />'.
+            '<span class="LC_nobreak"><label><input type="checkbox" name="randompickall" id="randompickall" onclick="updatePick(this.form,'."'all','check'".');propagateState(this.form,'."'randompick'".');propagateState(this.form,'."'rpicknum'".');"'.$disabled.' />'.&mt('Randomly Pick').'</label><span id="rpicktextall"></span><input type="hidden" name="rpicknumall" id="rpicknumall" value="" />'.
             '</span></td>'.
             '</tr>'."\n".
             '<tr>'.
             '<td class="LC_docs_entry_parameter">'.
-            '<span class="LC_nobreak"><label><input type="checkbox" name="encrypturlall" id="encrypturlall" onclick="propagateState(this.form,'."'encrypturl'".')" />'.&mt('URL hidden').'</label></span></td><td class="LC_docs_entry_parameter"><span class="LC_nobreak"><label><input type="checkbox" name="randomorderall" id="randomorderall" onclick="propagateState(this.form,'."'randomorder'".')" />'.&mt('Random Order').
+            '<span class="LC_nobreak"><label><input type="checkbox" name="encrypturlall" id="encrypturlall" onclick="propagateState(this.form,'."'encrypturl'".')"'.$disabled.' />'.&mt('URL hidden').'</label></span></td><td class="LC_docs_entry_parameter"><span class="LC_nobreak"><label><input type="checkbox" name="randomorderall" id="randomorderall" onclick="propagateState(this.form,'."'randomorder'".')"'.$disabled.' />'.&mt('Random Order').
             '</label></span>'.
             '</td></tr></table>'."\n";
     } else {
@@ -3159,15 +3416,15 @@ sub multiple_check_form {
             '<table><tr>'.
             '<td class="LC_docs_entry_parameter">'.
             '<span class="LC_nobreak LC_docs_remove">'.
-            '<label><input type="checkbox" name="removeall" id="removeall" onclick="propagateState(this.form,'."'remove'".')" />'.&mt('Remove').
+            '<label><input type="checkbox" name="removeall" id="removeall" onclick="propagateState(this.form,'."'remove'".')"'.$disabled.' />'.&mt('Remove').
             '</label></span></td>'.
             '<td class="LC_docs_entry_parameter">'.
             '<span class="LC_nobreak LC_docs_cut">'.
-            '<label><input type="checkbox" name="cut" id="cutall" onclick="propagateState(this.form,'."'cut'".');" />'.&mt('Cut').
+            '<label><input type="checkbox" name="cut" id="cutall" onclick="propagateState(this.form,'."'cut'".');"'.$disabled.' />'.&mt('Cut').
             '</label></span></td>'."\n".
             '<td class="LC_docs_entry_parameter">'.
             '<span class="LC_nobreak LC_docs_copy">'.
-            '<label><input type="checkbox" name="copyall" id="copyall" onclick="propagateState(this.form,'."'copy'".')" />'.&mt('Copy').
+            '<label><input type="checkbox" name="copyall" id="copyall" onclick="propagateState(this.form,'."'copy'".')"'.$disabled.' />'.&mt('Copy').
             '</label></span></td>'.
             '</tr></table>'."\n";
     }
@@ -3378,7 +3635,8 @@ sub is_supplemental_title {
 
 sub entryline {
     my ($index,$title,$url,$folder,$allowed,$residx,$coursenum,$coursedom,
-        $crstype,$pathitem,$supplementalflag,$container,$filtersref,$currgroups)=@_;
+        $crstype,$pathitem,$supplementalflag,$container,$filtersref,$currgroups,
+        $canedit,$isencrypted,$navmapref,$hostname)=@_;
     my ($foldertitle,$renametitle,$oldtitle);
     if (&is_supplemental_title($title)) {
 	($title,$foldertitle,$renametitle) = &Apache::loncommon::parse_supplemental_title($title);
@@ -3388,6 +3646,12 @@ sub entryline {
 	$foldertitle=$title;
     }
 
+    my ($disabled,$readonly,$js_lt);
+    unless ($canedit) {
+        $disabled = 'disabled="disabled"';
+        $readonly = 1;
+    }
+
     my $orderidx=$LONCAPA::map::order[$index];
 
     $renametitle=~s/\\/\\\\/g;
@@ -3451,7 +3715,7 @@ END
 	     ne '')) {
 	    $selectbox=
 		'<input type="hidden" name="currentpos" value="'.$incindex.'" />'.
-		'<select name="newpos" onchange="this.form.submit()">';
+		'<select name="newpos" onchange="this.form.submit()"'.$disabled.'>';
 	    for (my $i=1;$i<=$#LONCAPA::map::order+1;$i++) {
 		if ($i==$incindex) {
 		    $selectbox.='<option value="" selected="selected">('.$i.')</option>';
@@ -3473,7 +3737,8 @@ END
                 'pr' => 'Preview',
                 'sv' => 'Save',
                 'ul' => 'URL',
-                'ti' => 'Title', 
+                'ti' => 'Title',
+                'er' => 'Editing rights unavailable for your current role.',  
                 );
 	my %denied = &action_restrictions($coursenum,$coursedom,$url,
                                           $env{'form.folderpath'},
@@ -3506,7 +3771,7 @@ ENDCOPY
 	    $copylink=(<<ENDCOPY);
 <form name="$formname" method="post" action="/adm/coursedocs">
 $form_common
-<input type="checkbox" name="copy" id="copy_$orderidx" value="$orderidx" onclick="javascript:singleCheck(this,'$orderidx','copy');" class="LC_hidden" /><a href="$js" class="LC_docs_copy">$lt{'cp'}</a>
+<input type="checkbox" name="copy" id="copy_$orderidx" value="$orderidx" onclick="javascript:singleCheck(this,'$orderidx','copy');" class="LC_hidden" $disabled /><a href="$js" class="LC_docs_copy">$lt{'cp'}</a>
 $form_end
 ENDCOPY
             if (($ishash) && (ref($filtersref->{'cancopy'}) eq 'ARRAY')) {
@@ -3524,7 +3789,7 @@ ENDCUT
 <form name="$formname" method="post" action="/adm/coursedocs">
 $form_common
 <input type="hidden" name="skip_$orderidx" id="skip_cut_$orderidx" value="$skip_confirm" />
-<input type="checkbox" name="cut" id="cut_$orderidx" value="$orderidx" onclick="javascript:singleCheck(this,'$orderidx','cut');" class="LC_hidden" /><a href="$js" class="LC_docs_cut">$lt{'ct'}</a>
+<input type="checkbox" name="cut" id="cut_$orderidx" value="$orderidx" onclick="javascript:singleCheck(this,'$orderidx','cut');" class="LC_hidden" $disabled /><a href="$js" class="LC_docs_cut">$lt{'ct'}</a>
 $form_end
 ENDCUT
             if (($ishash) && (ref($filtersref->{'cancut'}) eq 'ARRAY')) {
@@ -3543,7 +3808,7 @@ ENDREM
 $form_common
 <input type="hidden" name="skip_$orderidx" id="skip_remove_$orderidx" value="$skip_confirm" />
 <input type="hidden" name="confirm_rem_$orderidx" id="confirm_removal_$orderidx" value="$confirm_removal" />
-<input type="checkbox" name="remove" id="remove_$orderidx" value="$orderidx" onclick="javascript:singleCheck(this,'$orderidx','remove');" class="LC_hidden" /><a href="$js" class="LC_docs_remove">$lt{'rm'}</a>
+<input type="checkbox" name="remove" id="remove_$orderidx" value="$orderidx" onclick="javascript:singleCheck(this,'$orderidx','remove');" class="LC_hidden" $disabled /><a href="$js" class="LC_docs_remove">$lt{'rm'}</a>
 $form_end
 ENDREM
             if (($ishash) && (ref($filtersref->{'canremove'}) eq 'ARRAY')) {
@@ -3553,15 +3818,23 @@ ENDREM
         $renamelink=(<<ENDREN);
 <a href='javascript:changename("$esc_path","$index","$oldtitle");' class="LC_docs_rename">$lt{'rn'}</a>
 ENDREN
+        my ($uplink,$downlink);
+        if ($canedit) {
+            $uplink = "/adm/coursedocs?cmd=up_$index&amp;folderpath=$esc_path&amp;symb=$symb";
+            $downlink = "/adm/coursedocs?cmd=down_$index&amp;folderpath=$esc_path&amp;symb=$symb";
+        } else {
+            $uplink = "javascript:alert('".&js_escape($lt{'er'})."');";
+            $downlink = $uplink;
+        }
 	$line.=(<<END);
 <td>
 <div class="LC_docs_entry_move">
-  <a href='/adm/coursedocs?cmd=up_$index&amp;folderpath=$esc_path&amp;symb=$symb'>
+  <a href="$uplink">
     <img src="${iconpath}move_up.gif" alt="$lt{'up'}" class="LC_icon" />
   </a>
 </div>
 <div class="LC_docs_entry_move">
-  <a href='/adm/coursedocs?cmd=down_$index&amp;folderpath=$esc_path&amp;symb=$symb'>
+  <a href="$downlink">
     <img src="${iconpath}move_down.gif" alt="$lt{'dw'}" class="LC_icon" />
   </a>
 </div>
@@ -3587,6 +3860,7 @@ END
     my $isfolder;
     my $ispage;
     my $containerarg;
+    my $folderurl;
     if ($uploaded) {
         if (($extension eq 'sequence') || ($extension eq 'page')) {
             $url=~/\Q$coursenum\E\/([\/\w]+)\.\Q$extension\E$/;
@@ -3598,6 +3872,7 @@ END
                 $icon=$iconpath.'page.gif';
                 $ispage=1;
             }
+            $folderurl = &Apache::lonnet::declutter($url);
             if ($allowed) {
                 $url='/adm/coursedocs?';
             } else {
@@ -3608,14 +3883,22 @@ END
 	}
     }
 
-    my ($editlink,$extresform);
+    my ($editlink,$extresform,$anchor,$hiddenres,$nomodal);
     my $orig_url = $url;
     $orig_url=~s{http(&colon;|:)//https(&colon;|:)//}{https$2//};
-    $url=~s{^http(|s)(&colon;|:)//}{/adm/wrapper/ext/};
+    if ($container eq 'page') {
+        $url=~s{^http(|s)(&colon;|:)//}{/ext/};
+    } else {
+        $url=~s{^http(|s)(&colon;|:)//}{/adm/wrapper/ext/};
+    }
     if (!$supplementalflag && $residx && $symb) {
         if ((!$isfolder) && (!$ispage)) {
 	    (undef,undef,$url)=&Apache::lonnet::decode_symb($symb);
-	    $url=&Apache::lonnet::clutter($url);
+            if (($url =~ m{^ext/}) && ($container eq 'page')) {
+                $url=&Apache::lonnet::clutter_with_no_wrapper($url);
+            } else {
+                $url=&Apache::lonnet::clutter($url);
+            }
 	    if ($url=~/^\/*uploaded\//) {
 	        $url=~/\.(\w+)$/;
 	        my $embstyle=&Apache::loncommon::fileembstyle($1);
@@ -3626,17 +3909,107 @@ END
 	        } elsif ($url!~/\.(sequence|page)$/) {
 		    $url='/adm/coursedocs/showdoc'.$url;
 	        }
-	    } elsif ($url=~m|^/ext/|) {
-	        $url='/adm/wrapper'.$url;
+            } elsif ($url=~m{^(|/adm/wrapper)/ext/([^#]+)}) {
+                my $wrapped = $1;
+                my $exturl = $2;
+                if (($wrapped eq '') && ($container ne 'page')) {
+                    $url='/adm/wrapper'.$url;
+                }
+                if (($ENV{'SERVER_PORT'} == 443) && ($exturl !~ /^https:/)) {
+                    $nomodal = 1;
+                }
+            } elsif ($url eq "/public/$coursedom/$coursenum/syllabus") {
+                if (($ENV{'SERVER_PORT'} == 443) &&
+                    ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
+                    unless (&Apache::lonnet::uses_sts()) {
+                        $url .= '?usehttp=1';
+                    }
+                    $nomodal = 1;
+                }
 	    }
             if (&Apache::lonnet::symbverify($symb,$url)) {
-	        $url.=(($url=~/\?/)?'&':'?').'symb='.&escape($symb);
+                my $shownsymb = $symb;
+                if ($isexternal) {
+                    $url =~ s/\#[^#]+$//;
+                    if ($container eq 'page') {
+                        $url = &Apache::lonnet::clutter($url);
+                    }
+                }
+                unless ($env{'request.role.adv'}) {
+                    if ((&LONCAPA::map::getparameter($orderidx,'parameter_hiddenresource'))[0]=~/^yes$/i) {
+                        $url = '';
+                    }
+                    if (&Apache::lonnet::EXT('resource.0.hiddenresource',$symb) =~ /^yes$/i) {
+                        $url = '';
+                        $hiddenres = 1;
+                    }
+                }
+                if ($url ne '') {
+                    $url.=(($url=~/\?/)?'&':'?').'symb='.&escape($shownsymb);
+                }
+            } elsif (!$env{'request.role.adv'}) {
+                my $checkencrypt;
+                if (((&LONCAPA::map::getparameter($orderidx,'parameter_encrypturl'))[0]=~/^yes$/i) ||
+                      $isencrypted || (&Apache::lonnet::EXT('resource.0.encrypturl',$symb) =~ /^yes$/i)) {
+                    $checkencrypt = 1;
+                } elsif (ref($navmapref)) {
+                    unless (ref($$navmapref)) {
+                        $$navmapref = Apache::lonnavmaps::navmap->new();
+                    }
+                    if (ref($$navmapref)) {
+                        if (lc($$navmapref->get_mapparam($symb,undef,"0.encrypturl")) eq 'yes') {
+                            $checkencrypt = 1;
+                        }
+                    }
+                }
+                if ($checkencrypt) {
+                    my $shownsymb = &Apache::lonenc::encrypted($symb);
+                    my $shownurl = &Apache::lonenc::encrypted($url);
+                    if (&Apache::lonnet::symbverify($shownsymb,$shownurl)) {
+                        $url = $shownurl.(($shownurl=~/\?/)?'&':'?').'symb='.&escape($shownsymb);
+                        if ($env{'request.enc'} ne '') {
+                            delete($env{'request.enc'});
+                        }
+                    } else {
+                        $url='';
+                    }
+                } else {
+                    $url='';
+                }
             } else {
                 $url='';
             }
 	}
+    } elsif ($supplementalflag) {
+        if ($isexternal) {
+            if ($url =~ /^([^#]+)#([^#]+)$/) {
+                $url = $1;
+                $anchor = $2;
+                if (($url =~ m{^(|/adm/wrapper)/ext/(?!https:)}) && ($ENV{'SERVER_PORT'} == 443)) {
+                    unless (&Apache::lonnet::uses_sts()) {
+                        if ($hostname ne '') {
+                            $url = 'http://'.$hostname.$url;
+                        }
+                        $url .= (($url =~ /\?/) ? '&amp;':'?').'usehttp=1';
+                    }
+                    $nomodal = 1;
+                }
+            }
+        } elsif ($url =~ m{^\Q/public/$coursedom/$coursenum/syllabus\E}) {
+            if (($ENV{'SERVER_PORT'} == 443) &&
+                ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
+                unless (&Apache::lonnet::uses_sts()) {
+                    if ($hostname ne '') {
+                        $url = 'http://'.$hostname.$url;
+                    }
+                    $url .= (($url =~ /\?/) ? '&amp;':'?').'usehttp=1';
+                }
+                $nomodal = 1;
+            }
+        }
     }
-    my ($rand_pick_text,$rand_order_text);
+    my ($rand_pick_text,$rand_order_text,$hiddenfolder);
+    my $filterFunc = sub { my $res = shift; return (!$res->randomout() && !$res->is_map()) };
     if ($isfolder || $ispage || $extension eq 'sequence' || $extension eq 'page') {
 	my $foldername=&escape($foldertitle);
 	my $folderpath=$env{'form.folderpath'};
@@ -3645,21 +4018,48 @@ END
             $folderpath.=$containerarg.'&'.$foldername;
             $url.='folderpath='.&escape($folderpath);
         } else {
-# Append randompick number, hidden, and encrypted with ":" to foldername,
-# so it gets transferred between levels
-	    $folderpath.=$containerarg.'&'.$foldername.
-                                              ':'.(&LONCAPA::map::getparameter($orderidx,
-                                              'parameter_randompick'))[0]
-                                               .':'.((&LONCAPA::map::getparameter($orderidx,
-                                              'parameter_hiddenresource'))[0]=~/^yes$/i)
-                                               .':'.((&LONCAPA::map::getparameter($orderidx,
-                                              'parameter_encrypturl'))[0]=~/^yes$/i)
-                                               .':'.((&LONCAPA::map::getparameter($orderidx,
-                                              'parameter_randomorder'))[0]=~/^yes$/i)
-                                               .':'.$ispage;
-	    $url.='folderpath='.&escape($folderpath);
             my $rpicknum = (&LONCAPA::map::getparameter($orderidx,
                                                         'parameter_randompick'))[0];
+            my $randorder = ((&LONCAPA::map::getparameter($orderidx,
+                                              'parameter_randomorder'))[0]=~/^yes$/i);
+            my $hiddenmap = ((&LONCAPA::map::getparameter($orderidx,
+                                              'parameter_hiddenresource'))[0]=~/^yes$/i);
+            my $encryptmap = ((&LONCAPA::map::getparameter($orderidx,
+                                              'parameter_encrypturl'))[0]=~/^yes$/i);
+            unless ($hiddenmap) {
+                if (ref($navmapref)) {
+                    unless (ref($$navmapref)) {
+                        $$navmapref = Apache::lonnavmaps::navmap->new();
+                    }
+                    if (ref($$navmapref)) {
+                        if (lc($$navmapref->get_mapparam(undef,$folderurl,"0.hiddenresource")) eq 'yes') {
+                            my @resources = $$navmapref->retrieveResources($folderurl,$filterFunc,1,1);
+                            unless (@resources) {
+                                $hiddenmap = 1;
+                                unless ($env{'request.role.adv'}) {
+                                    $url = '';
+                                    $hiddenfolder = 1;
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            unless ($encryptmap) {
+                if ((ref($navmapref)) && (ref($$navmapref))) {
+                    if (lc($$navmapref->get_mapparam(undef,$folderurl,"0.encrypturl")) eq 'yes') {
+                        $encryptmap = 1;
+                    }
+                }
+            }
+
+# Append randompick number, hidden, and encrypted with ":" to foldername,
+# so it gets transferred between levels
+            $folderpath.=$containerarg.'&'.$foldername.
+                         ':'.$rpicknum.':'.$hiddenmap.':'.$encryptmap.':'.$randorder.':'.$ispage;
+            unless ($url eq '') {
+                $url.='folderpath='.&escape($folderpath);
+            }
             my $rpckchk;
             if ($rpicknum) {
                 $rpckchk = ' checked="checked"';
@@ -3672,14 +4072,14 @@ END
 '<form action="/adm/coursedocs" method="post" name="'.$formname.'">'."\n".
 $form_param."\n".
 $form_common."\n".
-'<span class="LC_nobreak"><label><input type="checkbox" name="randompick_'.$orderidx.'" id="randompick_'.$orderidx.'" onclick="'."updatePick(this.form,'$orderidx','check');".'"'.$rpckchk.' /> '.&mt('Randomly Pick').'</label><input type="hidden" name="rpicknum_'.$orderidx.'" id="rpicknum_'.$orderidx.'" value="'.$rpicknum.'" /><span id="randompicknum_'.$orderidx.'">';
+'<span class="LC_nobreak"><label><input type="checkbox" name="randompick_'.$orderidx.'" id="randompick_'.$orderidx.'" onclick="'."updatePick(this.form,'$orderidx','check');".'"'.$rpckchk.$disabled.' /> '.&mt('Randomly Pick').'</label><input type="hidden" name="rpicknum_'.$orderidx.'" id="rpicknum_'.$orderidx.'" value="'.$rpicknum.'" /><span id="randompicknum_'.$orderidx.'">';
             if ($rpicknum ne '') {
                 $rand_pick_text .= ':&nbsp;<a href="javascript:updatePick('."document.$formname,'$orderidx','link'".')">'.$rpicknum.'</a>';
             }
             $rand_pick_text .= '</span></span>'.
                                $form_end;
             my $ro_set;
-            if ((&LONCAPA::map::getparameter($orderidx,'parameter_randomorder'))[0]=~/^yes$/i) {
+            if ($randorder) {
                 $ro_set = 'checked="checked"';
                 if (($ishash) && (ref($filtersref->{'randomorder'}) eq 'ARRAY')) {
                     push(@{$filtersref->{'randomorder'}},$orderidx);
@@ -3690,7 +4090,7 @@ $form_common."\n".
 '<form action="/adm/coursedocs" method="post" name="'.$formname.'">'."\n".
 $form_param."\n".
 $form_common."\n".
-'<span class="LC_nobreak"><label><input type="checkbox" name="randomorder_'.$orderidx.'" id="randomorder_'.$orderidx.'" onclick="checkForSubmit(this.form,'."'randomorder','settings'".');" '.$ro_set.' /> '.&mt('Random Order').' </label></span>'.
+'<span class="LC_nobreak"><label><input type="checkbox" name="randomorder_'.$orderidx.'" id="randomorder_'.$orderidx.'" onclick="checkForSubmit(this.form,'."'randomorder','settings'".');" '.$ro_set.$disabled.' /> '.&mt('Random Order').' </label></span>'.
 $form_end;
         }
     } elsif ($supplementalflag && !$allowed) {
@@ -3702,6 +4102,9 @@ $form_end;
         if ($isexternal && $orderidx) {
             $url .= '&amp;idx='.$orderidx;
         }
+        if ($anchor ne '') {
+            $url .= '&amp;anchor='.&HTML::Entities::encode($anchor,'"<>&');
+        }
     }
     my ($tdalign,$tdwidth);
     if ($allowed) {
@@ -3709,18 +4112,24 @@ $form_end;
             &Apache::lonnet::declutter(&Apache::lonnet::filelocation('',$orig_url));
         if ($isexternal) {
             ($editlink,$extresform) = 
-                &Apache::lonextresedit::extedit_form(0,$residx,$orig_url,$title,$pathitem);
+                &Apache::lonextresedit::extedit_form(0,$residx,$orig_url,$title,$pathitem,
+                                                     undef,undef,undef,$disabled);
         } elsif (!$isfolder && !$ispage) {
             my ($cfile,$home,$switchserver,$forceedit,$forceview) = 
                 &Apache::lonnet::can_edit_resource($fileloc,$coursenum,$coursedom,$orig_url);
             if (($cfile ne '') && ($symb ne '' || $supplementalflag)) {
+                my $suppanchor;
+                if ($supplementalflag) {
+                    $suppanchor = $anchor;
+                }
                 my $jscall = 
                     &Apache::lonhtmlcommon::jump_to_editres($cfile,$home,
                                                             $switchserver,
                                                             $forceedit,
                                                             undef,$symb,
                                                             &escape($env{'form.folderpath'}),
-                                                            $renametitle,'','',1);
+                                                            $renametitle,$hostname,
+                                                            '','',1,$suppanchor);
                 if ($jscall) {
                     $editlink = '<a class="LC_docs_ext_edit" href="javascript:'.
                                 $jscall.'" >'.&mt('Edit').'</a>&nbsp;'."\n";
@@ -3737,11 +4146,31 @@ $form_end;
         $reinit = &mt('(re-initialize course to access)');
     }
     $line.='<td class="LC_docs_entry_commands"'.$tdalign.'><span class="LC_nobreak">'.$editlink.$renamelink;
+    my $link;
     if (($url=~m{/adm/(coursedocs|supplemental)}) || (!$allowed && $url)) {
        $line.='<a href="'.$url.'"><img src="'.$icon.'" alt="" class="LC_icon" /></a>';
     } elsif ($url) {
-       $line.=&Apache::loncommon::modal_link($url.(($url=~/\?/)?'&amp;':'?').'inhibitmenu=yes',
-                                             '<img src="'.$icon.'" alt="" class="LC_icon" />',600,500);
+       if ($anchor ne '') {
+           if ($supplementalflag) {
+               $anchor = '&amp;anchor='.&HTML::Entities::encode($anchor,'"<>&');
+           } else {
+               $anchor = '#'.&HTML::Entities::encode($anchor,'"<>&');
+           }
+       }
+
+       if ((!$supplementalflag) && ($nomodal) && ($hostname ne '')) {
+           $link = 'http://'.$hostname.$url;
+       } else {
+           $link = $url;
+       }
+       $link = &js_escape($link.(($url=~/\?/)?'&amp;':'?').'inhibitmenu=yes'.$anchor);
+       if ($nomodal) {
+           $line.='<a href="#" onclick="javascript:window.open('."'$link','syllabuspreview','height=400,width=500,scrollbars=1,resizable=1,menubar=0,location=1')".'; return false;" />'.
+                  '<img src="'.$icon.'" alt="" class="LC_icon" border="0" /></a>';
+       } else {
+           $line.=&Apache::loncommon::modal_link($link,
+                                                 '<img src="'.$icon.'" alt="" class="LC_icon" />',600,500);
+       }
     } else {
        $line.='<img src="'.$icon.'" alt="" class="LC_icon" />';
     }
@@ -3749,8 +4178,14 @@ $form_end;
     if (($url=~m{/adm/(coursedocs|supplemental)}) || (!$allowed && $url)) {
        $line.='<a href="'.$url.'">'.$title.'</a>';
     } elsif ($url) {
-       $line.=&Apache::loncommon::modal_link($url.(($url=~/\?/)?'&amp;':'?').'inhibitmenu=yes',
-                                             $title,600,500);
+       if ($nomodal) {
+           $line.='<a href="#" onclick="javascript:window.open('."'$link','syllabuspreview','height=400,width=500,scrollbars=1,resizable=1,menubar=0,location=1')".'; return false;" />'.
+                  $title.'</a>';
+       } else {
+           $line.=&Apache::loncommon::modal_link($link,$title,600,500);
+       }
+    } elsif (($hiddenfolder) || ($hiddenres)) {
+       $line.=$title.' <span class="LC_warning LC_docs_reinit_warn">('.&mt('Hidden').')</span>';
     } else {
        $line.=$title.' <span class="LC_docs_reinit_warn">'.$reinit.'</span>';
     }
@@ -3781,13 +4216,13 @@ $form_end;
     <form action="/adm/coursedocs" method="post" name="$formhidden">
     $form_param
     $form_common
-    <label><input type="checkbox" name="hiddenresource_$orderidx" id="hiddenresource_$orderidx" onclick="checkForSubmit(this.form,'hiddenresource','settings');" $hidtext /> $lt{'hd'}</label>
+    <label><input type="checkbox" name="hiddenresource_$orderidx" id="hiddenresource_$orderidx" onclick="checkForSubmit(this.form,'hiddenresource','settings');" $hidtext $disabled /> $lt{'hd'}</label>
     $form_end
     <br />
     <form action="/adm/coursedocs" method="post" name="$formurlhidden">
     $form_param
     $form_common
-    <label><input type="checkbox" name="encrypturl_$orderidx" id="encrypturl_$orderidx" onclick="checkForSubmit(this.form,'encrypturl','settings');" $enctext /> $lt{'ec'}</label>
+    <label><input type="checkbox" name="encrypturl_$orderidx" id="encrypturl_$orderidx" onclick="checkForSubmit(this.form,'encrypturl','settings');" $enctext $disabled /> $lt{'ec'}</label>
     $form_end
   </td>
   <td class="LC_docs_entry_parameter">$rand_pick_text<br />
@@ -3808,9 +4243,11 @@ sub action_restrictions {
     if ($url=~ m{^/res/.+\.(page|sequence)$}) {
         # no copy for published maps
         $denied{'copy'} = 1;
-    } elsif ($url=~m{^/res/lib/templates/}) {
-       $denied{'copy'} = 1;
-       $denied{'cut'} = 1;
+    } elsif ($url=~m{^/res/lib/templates/([^/]+)\.problem$}) {
+        unless ($1 eq 'simpleproblem') {
+            $denied{'copy'} = 1;
+        }
+        $denied{'cut'} = 1;
     } elsif ($url eq "/uploaded/$cdom/$cnum/group_allfolders.sequence") {
         if ($folderpath =~ /^default&[^\&]+$/) {
             if ((ref($currgroups) eq 'HASH') && (keys(%{$currgroups}) > 0)) {
@@ -3965,7 +4402,7 @@ sub untiehash {
 
 
 sub checkonthis {
-    my ($r,$url,$level,$title)=@_;
+    my ($r,$url,$level,$title,$checkstale)=@_;
     $url=&unescape($url);
     $alreadyseen{$url}=1;
     $r->rflush();
@@ -3980,10 +4417,22 @@ sub checkonthis {
        $r->print('<a href="'.$url.'" target="cat">'.
 		 ($title?$title:$url).'</a> ');
        if ($url=~/^\/res\//) {
+          my $updated;
+          if (($checkstale) && ($url !~ m{^/res/lib/templates/}) &&
+              ($url !~ /\.\d+\.\w+$/)) {
+              $updated = &Apache::lonnet::remove_stale_resfile($url);
+          }
 	  my $result=&Apache::lonnet::repcopy(
                               &Apache::lonnet::filelocation('',$url));
           if ($result eq 'ok') {
              $r->print('<span class="LC_success">'.&mt('ok').'</span>');
+             if ($updated) {
+                 $r->print('<br />');
+                 for (my $i=0;$i<=$level*5;$i++) {
+                     $r->print('&nbsp;');
+                 }
+                 $r->print('- '.&mt('Outdated copy removed'));
+             }
              $r->rflush();
              &Apache::lonnet::countacc($url);
              $url=~/\.(\w+)$/;
@@ -4017,7 +4466,7 @@ sub checkonthis {
                 &Apache::lonnet::metadata($url,'dependencies');
              foreach my $dep (split(/\,/,$dependencies)) {
 		 if (($dep=~/^\/res\//) && (!$alreadyseen{$dep})) {
-                    &checkonthis($r,$dep,$level+1);
+                    &checkonthis($r,$dep,$level+1,'',$checkstale);
                  }
              }
           } elsif ($result eq 'unavailable') {
@@ -4031,6 +4480,9 @@ sub checkonthis {
           } else {
              $r->print('<span class="LC_error">'.&mt('access denied').'</span>');
           }
+          if (($updated) && ($result ne 'ok')) {
+              $r->print('<br />'.&mt('Outdated copy removed'));
+          }
        }
     }
 }
@@ -4083,9 +4535,29 @@ sub list_symbs {
     $r->print(&endContentScreen());
 }
 
+sub contentverifyform {
+    my ($r) = @_;
+    my $crstype = &Apache::loncommon::course_type();
+    $r->print(&Apache::loncommon::start_page('Verify '.$crstype.' Content'));
+    $r->print(&Apache::lonhtmlcommon::breadcrumbs('Verify '.$crstype.' Content'));
+    $r->print(&startContentScreen('tools'));
+    $r->print('<h4 class="LC_info">'.&mt($crstype.' content verification').'</h4>');
+    $r->print('<form method="post" action="/adm/coursedocs"><p>'.
+              &mt('Include a check if files copied from elsewhere are up to date (will increase verification time)?').
+              '&nbsp;<span class="LC_nobreak">'.
+              '<label><input type="radio" name="checkstale" value="0" checked="checked" />'.
+              &mt('No').'</label>'.('&nbsp;'x2).
+              '<label><input type="radio" name="checkstale" value="1" />'.
+              &mt('Yes').'</label></span></p><p>'.
+              '<input type="submit" value="'.&mt('Verify Content').' "/>'.
+              '<input type="hidden" value="1" name="tools" />'.
+              '<input type="hidden" value="1" name="verify" /></p></form>');
+    $r->print(&endContentScreen());
+    return;
+}
 
 sub verifycontent {
-    my ($r) = @_;
+    my ($r,$checkstale) = @_;
     my $crstype = &Apache::loncommon::course_type();
     $r->print(&Apache::loncommon::start_page('Verify '.$crstype.' Content'));
     $r->print(&Apache::lonhtmlcommon::breadcrumbs('Verify '.$crstype.' Content'));
@@ -4106,7 +4578,7 @@ sub verifycontent {
 	   }
        }
        if (($key=~/^src\_(.+)$/) && (!$alreadyseen{&unescape($hash{$key})})) {
-           &checkonthis($r,$hash{$key},0,$hash{'title_'.$1});
+           &checkonthis($r,$hash{$key},0,$hash{'title_'.$1},$checkstale);
        }
    }
    &untiehash();
@@ -4122,7 +4594,7 @@ sub devalidateversioncache {
 }
 
 sub checkversions {
-    my ($r) = @_;
+    my ($r,$canedit) = @_;
     my $crstype = &Apache::loncommon::course_type();
     $r->print(&Apache::loncommon::start_page("Check $crstype Resource Versions"));
     $r->print(&Apache::lonhtmlcommon::breadcrumbs("Check $crstype Resource Versions"));
@@ -4143,51 +4615,53 @@ sub checkversions {
 
     $hashtied=0;
     &tiehash();
-    my %newsetversions=();
-    if ($env{'form.setmostrecent'}) {
-	$haschanged=1;
-	foreach my $key (keys(%hash)) {
-	    if ($key=~/^ids\_(\/res\/.+)$/) {
-		$newsetversions{$1}='mostrecent';
-                &devalidateversioncache($1);
+    if ($canedit) {
+        my %newsetversions=();
+        if ($env{'form.setmostrecent'}) {
+	    $haschanged=1;
+	    foreach my $key (keys(%hash)) {
+	        if ($key=~/^ids\_(\/res\/.+)$/) {
+		    $newsetversions{$1}='mostrecent';
+                    &devalidateversioncache($1);
+	        }
 	    }
-	}
-    } elsif ($env{'form.setcurrent'}) {
-	$haschanged=1;
-	foreach my $key (keys(%hash)) {
-	    if ($key=~/^ids\_(\/res\/.+)$/) {
-		my $getvers=&Apache::lonnet::getversion($1);
-		if ($getvers>0) {
-		    $newsetversions{$1}=$getvers;
-		    &devalidateversioncache($1);
-		}
+        } elsif ($env{'form.setcurrent'}) {
+	    $haschanged=1;
+	    foreach my $key (keys(%hash)) {
+	        if ($key=~/^ids\_(\/res\/.+)$/) {
+		    my $getvers=&Apache::lonnet::getversion($1);
+		    if ($getvers>0) {
+		        $newsetversions{$1}=$getvers;
+		        &devalidateversioncache($1);
+		    }
+	        }
 	    }
-	}
-    } elsif ($env{'form.setversions'}) {
-	$haschanged=1;
-	foreach my $key (keys(%env)) {
-	    if ($key=~/^form\.set_version_(.+)$/) {
-		my $src=$1;
-		if (($env{$key}) && ($env{$key} ne $setversions{$src})) {
-		    $newsetversions{$src}=$env{$key};
-		    &devalidateversioncache($src);
-		}
+        } elsif ($env{'form.setversions'}) {
+	    $haschanged=1;
+	    foreach my $key (keys(%env)) {
+	        if ($key=~/^form\.set_version_(.+)$/) {
+		    my $src=$1;
+		    if (($env{$key}) && ($env{$key} ne $setversions{$src})) {
+		        $newsetversions{$src}=$env{$key};
+		        &devalidateversioncache($src);
+		    }
+	        }
 	    }
-	}
-    }
-    if ($haschanged) {
-        if (&Apache::lonnet::put('resourceversions',\%newsetversions,
-			  $env{'course.'.$env{'request.course.id'}.'.domain'},
-			  $env{'course.'.$env{'request.course.id'}.'.num'}) eq 'ok') {
-	    $r->print(&Apache::loncommon::confirmwrapper(
-                &Apache::lonhtmlcommon::confirm_success(&mt('Your Version Settings have been Saved'))));
-	} else {
-	    $r->print(&Apache::loncommon::confirmwrapper(
-                &Apache::lonhtmlcommon::confirm_success(&mt('An Error Occured while Attempting to Save your Version Settings'),1)));
-	}
-	&mark_hash_old();
+        }
+        if ($haschanged) {
+            if (&Apache::lonnet::put('resourceversions',\%newsetversions,
+			      $env{'course.'.$env{'request.course.id'}.'.domain'},
+			      $env{'course.'.$env{'request.course.id'}.'.num'}) eq 'ok') {
+	        $r->print(&Apache::loncommon::confirmwrapper(
+                    &Apache::lonhtmlcommon::confirm_success(&mt('Your Version Settings have been Saved'))));
+	    } else {
+	        $r->print(&Apache::loncommon::confirmwrapper(
+                    &Apache::lonhtmlcommon::confirm_success(&mt('An Error Occured while Attempting to Save your Version Settings'),1)));
+	    }
+	    &mark_hash_old();
+        }
+        &changewarning($r,'');
     }
-    &changewarning($r,'');
     if ($env{'form.timerange'} eq 'all') {
 # show all documents
 	$header=&mt('All content in '.$crstype);
@@ -4254,6 +4728,11 @@ sub checkversions {
 	       'save' => 'Save changes',
                'vers' => 'Version choice(s) for specific resources', 
 	       'act' => 'Actions');
+    my ($disabled,$readonly);
+    unless ($canedit) {
+        $disabled = 'disabled="disabled"';
+        $readonly = 1;
+    }
     $r->print(<<ENDHEADERS);
 <h4 class="LC_info">$header</h4>
 <form action="/adm/coursedocs" method="post">
@@ -4274,8 +4753,8 @@ sub checkversions {
 <div class="LC_left_float">
 <fieldset>
 <legend>$lt{'act'}</legend>
-$lt{'sm'}: <input type="submit" name="setmostrecent" value="Go" /><br />
-$lt{'sc'}: <input type="submit" name="setcurrent" value="Go" />
+$lt{'sm'}: <input type="submit" name="setmostrecent" value="Go" $disabled /><br />
+$lt{'sc'}: <input type="submit" name="setcurrent" value="Go" $disabled />
 </fieldset>
 </div>
 <br clear="all" />
@@ -4304,7 +4783,7 @@ ENDHEADERS
         return;
     }
     $r->print(
-        '<input type="submit" name="setversions" value="'.$lt{'save'}.'" />'.
+        '<input type="submit" name="setversions" value="'.$lt{'save'}.'"'.$disabled.' />'.
         &Apache::loncommon::start_data_table().
         &Apache::loncommon::start_data_table_header_row().
         '<th>'.&mt('Resources').'</th>'.
@@ -4349,7 +4828,7 @@ ENDHEADERS
                       {'select_form_order' => ['',1..$currentversion,'mostrecent'],
                        '' => '',
                        'mostrecent' => &mt('most recent'),
-                       map {$_,$_} (1..$currentversion)}));
+                       map {$_,$_} (1..$currentversion)},'',$readonly));
             my $lastold=1;
             for (my $prevvers=1;$prevvers<$currentversion;$prevvers++) {
                 my $url=$root.'.'.$prevvers.'.'.$extension;
@@ -4383,7 +4862,7 @@ ENDHEADERS
     }
     $r->print(
         &Apache::loncommon::end_data_table().
-        '<input type="submit" name="setversions" value="'.$lt{'save'}.'" />'.
+        '<input type="submit" name="setversions" value="'.$lt{'save'}.'"'.$disabled.' />'.
         '</form>'
     );
 
@@ -4549,17 +5028,42 @@ sub handler {
     $help{'Group Portfolio'} = &Apache::loncommon::help_open_topic('Docs_About_Group_Files');
     $help{'Caching'} = &Apache::loncommon::help_open_topic('Caching');
  
-    my $allowed;
+    my ($allowed,$canedit,$canview,$disabled);
 # URI is /adm/supplemental when viewing supplemental docs in non-edit mode.
     unless ($r->uri eq '/adm/supplemental') {
         # does this user have privileges to modify content.  
-        $allowed = &Apache::lonnet::allowed('mdc',$env{'request.course.id'});
+        if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
+            $allowed = 1;
+            $canedit = 1;
+            $canview = 1;
+        } elsif (&Apache::lonnet::allowed('cev',$env{'request.course.id'})) {
+            $allowed = 1;
+            $canview = 1;
+        }
+    }
+    unless ($canedit) {
+        $disabled = ' disabled="disabled"';
     }
-
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['inhibitmenu']);
+    if ($env{'form.inhibitmenu'}) {
+        unless ($env{'form.inhibitmenu'} eq 'yes') {
+            delete($env{'form.inhibitmenu'});
+        }
+    }
+
   if ($allowed && $env{'form.verify'}) {
       &init_breadcrumbs('verify','Verify Content','Docs_Verify_Content');
-      &verifycontent($r);
+      if (!$canedit) {
+          &verifycontent($r);
+      } elsif (($env{'form.checkstale'} ne '') && ($env{'form.checkstale'} =~ /^\d$/)) {
+          &Apache::lonhtmlcommon::add_breadcrumb({href=>"/adm/coursedocs?tools=1&verify=1&checkstale=$env{'form.checkstale'}",
+                                                  text=>'Results',
+                                                  faq=>273,
+                                                  bug=>'Instructor Interface'});
+          &verifycontent($r,$env{'form.checkstale'});
+      } else {
+          &contentverifyform($r);
+      }
   } elsif ($allowed && $env{'form.listsymbs'}) {
       &init_breadcrumbs('listsymbs','List Content IDs');
       &list_symbs($r);
@@ -4569,11 +5073,11 @@ sub handler {
       if ($folder eq '') {
           $folder='default';
       }
-      &docs_change_log($r,$coursenum,$coursedom,$folder,$allowed,$crstype,$iconpath);
+      &docs_change_log($r,$coursenum,$coursedom,$folder,$allowed,$crstype,$iconpath,$canedit);
   } elsif ($allowed && $env{'form.versions'}) {
       &init_breadcrumbs('versions','Check/Set Resource Versions','Docs_Check_Resource_Versions');
-      &checkversions($r);
-  } elsif ($allowed && $env{'form.dumpcourse'}) {
+      &checkversions($r,$canedit);
+  } elsif ($canedit && $env{'form.dumpcourse'}) {
       &init_breadcrumbs('dumpcourse','Copy '.&Apache::loncommon::course_type().' Content to Authoring Space');
       &dumpcourse($r);
   } elsif ($allowed && $env{'form.exportcourse'}) {
@@ -4590,6 +5094,26 @@ sub handler {
                                              'forcesupplement','forcestandard',
                                              'tools','symb','command','supppath']);
 
+    foreach my $item ('forcesupplement','forcestandard','tools') {
+        next if ($env{'form.'.$item} eq '');
+        unless ($env{'form.'.$item} eq '1') {
+            delete($env{'form.'.$item});
+        }
+    }
+
+    if ($env{'form.command'}) {
+        unless ($env{'form.command'} =~ /^(direct|directnav|editdocs|editsupp|contents|home)$/) {
+            delete($env{'form.command'});
+        }
+    }
+
+    if ($env{'form.symb'}) {
+        my ($mapurl,$id,$resurl) = &Apache::lonnet::decode_symb($env{'form.symb'});
+        unless (($id =~ /^\d+$/) && (&Apache::lonnet::is_on_map($resurl))) {
+            delete($env{'form.symb'});
+        }
+    }
+
 # standard=1: this is a "new-style" course with an uploaded map as top level
 # standard=2: this is a "old-style" course, and there is nothing we can do
 
@@ -4612,19 +5136,53 @@ sub handler {
     my $toolsflag=0;
     if ($env{'form.tools'}) { $toolsflag=1; }
 
+    if ($env{'form.folderpath'} ne '') {
+        my @items = split(/\&/,$env{'form.folderpath'});
+        my $badpath;
+        for (my $i=0; $i<@items; $i++) {
+            my $odd = $i%2;
+            if (($odd) && (!$supplementalflag) && ($items[$i] !~ /^[^:]*:(|\d+):(|1):(|1):(|1):(|1)$/)) {
+                $badpath = 1;
+            } elsif ((!$odd) && ($items[$i] !~ /^(default|supplemental)(|_\d+)$/)) {
+                $badpath = 1;
+            }
+            last if ($badpath);
+        }
+        if ($badpath) {
+            delete($env{'form.folderpath'});
+        }
+    }
+
+    if ($env{'form.supppath'} ne '') {
+        my @items = split(/\&/,$env{'form.supppath'});
+        my $badpath;
+        for (my $i=0; $i<@items; $i++) {
+            my $odd = $i%2;
+            if ((!$odd) && ($items[$i] !~ /^supplemental(|_\d+)$/)) {
+                $badpath = 1;
+            }
+            last if ($badpath);
+        }
+        if ($badpath) {
+            delete($env{'form.supppath'});
+        }
+    }
+
     my $script='';
     my $showdoc=0;
     my $addentries = {};
     my $container;
     my $containertag;
     my $pathitem;
+    my $hiddentop;
+    my $navmap;
+    my $filterFunc = sub { my $res = shift; return (!$res->randomout() && !$res->is_map()) };
 
 # Do we directly jump somewhere?
-
    if (($env{'form.command'} eq 'direct') || ($env{'form.command'} eq 'directnav')) {
        if ($env{'form.symb'} ne '') {
            $env{'form.folderpath'}=
-               &Apache::loncommon::symb_to_docspath($env{'form.symb'});
+               &Apache::loncommon::symb_to_docspath($env{'form.symb'},\$navmap);
            &Apache::lonnet::appenv({'docs.exit.'.$env{'request.course.id'} =>
                $env{'form.command'}.'_'.$env{'form.symb'}});
        } elsif ($env{'form.supppath'} ne '') {
@@ -4633,12 +5191,10 @@ sub handler {
                $env{'form.command'}.'_'.$env{'form.supppath'}});
        }
    } elsif ($env{'form.command'} eq 'editdocs') {
-       $env{'form.folderpath'} = 'default&'.
-                                 &escape(&mt('Main Content').':::::');
+       $env{'form.folderpath'} = &default_folderpath($coursenum,$coursedom,\$navmap);
        &Apache::lonnet::appenv({'docs.exit.'.$env{'request.course.id'} => $env{'form.command'}});
    } elsif ($env{'form.command'} eq 'editsupp') {
-       $env{'form.folderpath'} = 'supplemental&'.
-                                  &escape('Supplemental Content');
+       $env{'form.folderpath'} = &supplemental_base();
        &Apache::lonnet::appenv({'docs.exit.'.$env{'request.course.id'} => '/adm/supplemental'});
    } elsif ($env{'form.command'} eq 'contents') {
        &Apache::lonnet::appenv({'docs.exit.'.$env{'request.course.id'} => '/adm/navmaps'});
@@ -4657,7 +5213,14 @@ sub handler {
     if ((!$env{'form.folderpath'}) && $allowed) {
         &Apache::loncommon::restore_course_settings($stored_folderpath,
                                           {'folderpath' => 'scalar'});
-        unless (&unescape($env{'form.folderpath'}) =~ m{^(default|supplemental)&}) {
+
+        if (&unescape($env{'form.folderpath'}) =~ m{^(default|supplemental)&}) {
+            if ($supplementalflag) {
+                undef($env{'form.folderpath'}) if ($1 eq 'default');
+            } else {
+                undef($env{'form.folderpath'}) if ($1 eq 'supplemental');
+            }
+        } else {
             undef($env{'form.folderpath'});
         }
     }
@@ -4674,19 +5237,48 @@ sub handler {
                                   .'&'.
                                   $env{'form.folderpath'};
     }
+# If allowed and user's role is not advanced check folderpath is not hidden
+    if (($allowed) && (!$env{'request.role.adv'}) &&
+        ($env{'form.folderpath'} ne '') && (!$supplementalflag)) {
+        my $folderurl;
+        my @pathitems = split(/\&/,$env{'form.folderpath'});
+        my $folder = $pathitems[-2];
+        if ($folder eq '') {
+            undef($env{'form.folderpath'});
+        } else {
+            $folderurl = "uploaded/$coursedom/$coursenum/$folder";
+            if ((split(/\:/,$pathitems[-1]))[5]) {
+                $folderurl .= '.page';
+            } else {
+                $folderurl .= '.sequence';
+            }
+            unless (ref($navmap)) {
+                $navmap = Apache::lonnavmaps::navmap->new();
+            }
+            if (ref($navmap)) {
+                if (lc($navmap->get_mapparam(undef,$folderurl,"0.hiddenresource")) eq 'yes') {
+                    my @resources = $navmap->retrieveResources($folderurl,$filterFunc,1,1);
+                    unless (@resources) {
+                        undef($env{'form.folderpath'});
+                    }
+                }
+            }
+        }
+    }
+
+
 # If after all of this, we still don't have any paths, make them
     unless ($env{'form.folderpath'}) {
        if ($supplementalflag) {
           $env{'form.folderpath'}=&supplemental_base();
-       } else {
-          $env{'form.folderpath'}='default&'.&escape(&mt('Main Content').
-                                  ':::::');
+       } elsif ($allowed) {
+          ($env{'form.folderpath'},$hiddentop) = &default_folderpath($coursenum,$coursedom,\$navmap);
        }
     }
 
 # Store this
     unless ($toolsflag) {
-        if ($allowed) {
+        if (($allowed) && ($env{'form.folderpath'} ne '')) {
             &Apache::loncommon::store_course_settings($stored_folderpath,
                                                       {'folderpath' => 'scalar'});
         }
@@ -4704,8 +5296,12 @@ sub handler {
         } else {
             if ($env{'form.folder'} eq '' ||
                 $env{'form.folder'} eq 'supplemental') {
-                $folderpath='default&'.
-                            &escape(&mt('Main Content').':::::');
+                if ($env{'form.folder'} eq 'supplemental') {
+                    $folderpath=&supplemental_base();
+                } elsif (!$hiddentop) {
+                    $folderpath='default&'.
+                                 &escape(&mt('Main Content').':::::');
+                }
             }
         }
         $containertag = '<input type="hidden" name="folderpath" value="" />';
@@ -4716,7 +5312,7 @@ sub handler {
         if ($showdoc) { # got called in sequence from course
 	    $allowed=0; 
         } else {
-            if ($allowed) {
+            if ($canedit) {
                 &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['cmd']);
                 $script=&Apache::lonratedt::editscript('simple');
             }
@@ -4755,7 +5351,9 @@ sub handler {
                 }
             }
             my $tabidstr = join("','",@tabids);
-	    $script .= &editing_js($udom,$uname,$supplementalflag).
+            my $hostname = $r->hostname();
+	    $script .= &editing_js($udom,$uname,$supplementalflag,$coursedom,$coursenum,
+                                   $canedit,$hostname,\$navmap).
                        &history_tab_js().
                        &inject_data_js().
                        &Apache::lonhtmlcommon::resize_scrollbox_js('docs',$tabidstr,$tid).
@@ -4775,7 +5373,8 @@ sub handler {
               .'// <![CDATA['."\n"
               .$script."\n"
               .'// ]]>'."\n"
-              .'</script>'."\n";
+              .'</script>'."\n"
+              .'<script type="text/javascript" src="/res/adm/includes/file_upload.js"></script>'."\n";
 
     # Breadcrumbs
     &Apache::lonhtmlcommon::clear_breadcrumbs();
@@ -4784,34 +5383,52 @@ sub handler {
         $r->print(&Apache::loncommon::start_page("$crstype documents",undef,
                                                 {'force_register' => $showdoc,}));
     } elsif ($toolsflag) {
+        my ($breadtext,$breadtitle);
+        $breadtext = "$crstype Editor";
+        if ($canedit) {
+            $breadtitle = 'Editing '.$crstype.' Contents';
+        } else {
+            $breadtext .= ' (View-only mode)';
+            $breadtitle = 'Viewing '.$crstype.' Contents';
+        }
         &Apache::lonhtmlcommon::add_breadcrumb({
-            href=>"/adm/coursedocs",text=>"$crstype Contents"});
+            href=>"/adm/coursedocs",text=>$breadtext});
         $r->print(&Apache::loncommon::start_page("$crstype Contents", $script)
                  .&Apache::loncommon::help_open_menu('','',273,'RAT')
                  .&Apache::lonhtmlcommon::breadcrumbs(
-                     'Editing Course Contents')
+                     $breadtitle)
                  );
     } elsif ($r->uri eq '/adm/supplemental') {
         my $brcrum = &Apache::lonhtmlcommon::docs_breadcrumbs(undef,$crstype);
         $r->print(&Apache::loncommon::start_page("Supplemental $crstype Content",undef,
                                                 {'bread_crumbs' => $brcrum,}));
     } else {
+        my ($breadtext,$breadtitle,$helpitem);
+        $breadtext = "$crstype Editor";
+        if ($canedit) {
+            $breadtitle = 'Editing '.$crstype.' Contents';
+            $helpitem = 'Docs_Adding_Course_Doc';
+        } else {
+            $breadtext .= ' (View-only mode)';
+            $breadtitle = 'Viewing '.$crstype.' Contents';
+            $helpitem = 'Docs_Viewing_Course_Doc';
+        }
         &Apache::lonhtmlcommon::add_breadcrumb({
-            href=>"/adm/coursedocs",text=>"$crstype Contents"});
+            href=>"/adm/coursedocs",text=>$breadtext});
         $r->print(&Apache::loncommon::start_page("$crstype Contents", $script,
                                                  {'add_entries'    => $addentries}
                                                 )
                  .&Apache::loncommon::help_open_menu('','',273,'RAT')
                  .&Apache::lonhtmlcommon::breadcrumbs(
-                     'Editing '.$crstype.' Contents',
-                     'Docs_Adding_Course_Doc')
+                     $breadtitle,
+                     $helpitem)
         );
     }
 
   my %allfiles = ();
   my %codebase = ();
   my ($upload_result,$upload_output,$uploadphase);
-  if ($allowed) {
+  if ($canedit) {
       if (($env{'form.uploaddoc.filename'}) &&
 	  ($env{'form.cmd'}=~/^upload_(\w+)/)) {
           my $context = $1; 
@@ -4819,6 +5436,7 @@ sub handler {
 	  undef($hadchanges);
           $uploadphase = &process_file_upload(\$upload_output,$coursenum,$coursedom,
                                               \%allfiles,\%codebase,$context,$crstype);
+          undef($navmap);
 	  if ($hadchanges) {
 	      &mark_hash_old();
 	  }
@@ -4863,7 +5481,7 @@ sub handler {
 
   if ($allowed && $toolsflag) {
       $r->print(&startContentScreen('tools'));
-      $r->print(&generate_admin_menu($crstype));
+      $r->print(&generate_admin_menu($crstype,$canedit));
       $r->print(&endContentScreen());
   } elsif ((!$showdoc) && (!$uploadphase)) {
 # -----------------------------------------------------------------------------
@@ -4903,9 +5521,11 @@ sub handler {
                 'bb6'      => 'Blackboard 6',
                 'angel5'   => 'ANGEL 5.5',
                 'webctce4' => 'WebCT 4 Campus Edition',
+                'er' => 'Editing rights unavailable for your current role.',
         );
 # -----------------------------------------------------------------------------
-    # Calculate free quota space for a user or course.
+    # Calculate free quota space for a user or course. A javascript function checks
+    # file size to determine if upload should be allowed.
     my $quotatype = 'unofficial';
     if ($crstype eq 'Community') {
         $quotatype = 'community';
@@ -4928,7 +5548,7 @@ sub handler {
     if ($disk_quota == 0) {
         $percent = 100.0;
     } else {
-        $percent = 100*($current_disk_usage/$disk_quota);
+        $percent = 100*($usage/$disk_quota);
     }
     $usage = sprintf("%.2f",$usage);
     $quota = sprintf("%.2f",$quota);
@@ -4939,7 +5559,8 @@ sub handler {
 	my $fileupload=(<<FIUP);
         $quotainfo
 	$lt{'file'}:<br />
-	<input type="file" name="uploaddoc" size="40" />
+	<input type="file" name="uploaddoc" class="LC_flUpload" size="40" $disabled />
+        <input type="hidden" id="LC_free_space" value="$free_space" />
 FIUP
 
 	my $checkbox=(<<CHBO);
@@ -4947,7 +5568,7 @@ FIUP
 	<input type="checkbox" name="parserflag" />
 	</label> -->
 	<label>
-	<input type="checkbox" name="parserflag" checked="checked" /> $lt{'parse'}
+	<input type="checkbox" name="parserflag" checked="checked" $disabled /> $lt{'parse'}
 	</label>
 CHBO
         my $imsfolder = $env{'form.folder'};
@@ -4964,7 +5585,7 @@ CHBO
         <br />
         <p>
         $lt{'cms'}:&nbsp; 
-        <select name="source">
+        <select name="source" $disabled>
         <option value="-1" selected="selected">$lt{'se'}</option>
         <option value="bb5">$lt{'bb5'}</option>
         <option value="bb6">$lt{'bb6'}</option>
@@ -4974,7 +5595,7 @@ CHBO
         <input type="hidden" name="folder" value="$imsfolder" />
         </p>
         <input type="hidden" name="phase" value="one" />
-        <input type="button" value="$lt{'imsl'}" onclick="makeims(this.form);" />
+        <input type="button" value="$lt{'imsl'}" onclick="makeims(this.form);" $disabled />
         </fieldset>
         </form>
 IMSFORM
@@ -4989,7 +5610,7 @@ IMSFORM
 	$fileupload
 	<br />
 	$lt{'title'}:<br />
-	<input type="text" size="60" name="comment" />
+	<input type="text" size="60" name="comment" $disabled />
 	$pathitem
 	<input type="hidden" name="cmd" value="upload_default" />
 	<br />
@@ -4997,11 +5618,17 @@ IMSFORM
 	$checkbox
 	</span>
         <br clear="all" />
-        <input type="submit" value="$lt{'upld'}" />
+        <input type="submit" value="$lt{'upld'}" $disabled />
         </fieldset>
         </form>
 FUFORM
 
+        my $mapimportjs;
+        if ($canedit) {
+            $mapimportjs = "javascript:openbrowser('mapimportform','importmap','sequence,page','');";
+        } else {
+            $mapimportjs = "javascript:alert('".&js_escape($lt{'er'})."');";
+        }
 	my $importpubform=(<<SEDFFORM);
         <a class="LC_menubuttons_link" href="javascript:toggleMap('map');">
         $lt{'impm'}</a>$help{'Load_Map'}
@@ -5012,31 +5639,42 @@ FUFORM
         $lt{'copm'}<br />
         <span class="LC_nobreak">
         <input type="text" name="importmap" size="40" value="" 
-        onfocus="this.blur();openbrowser('mapimportform','importmap','sequence,page','');" />
-        &nbsp;<a href="javascript:openbrowser('mapimportform','importmap','sequence,page','');">$lt{'selm'}</a></span><br />
-        <input type="submit" name="loadmap" value="$lt{'load'}" />
+        onfocus="this.blur();$mapimportjs" $disabled />
+        &nbsp;<a href="$mapimportjs">$lt{'selm'}</a></span><br />
+        <input type="submit" name="loadmap" value="$lt{'load'}" $disabled />
         </fieldset>
         </form>
 
 SEDFFORM
+
+        my $fromstoredjs;
+        if ($canedit) {
+            $fromstoredjs = 'open_StoredLinks_Import()';
+        } else {
+            $fromstoredjs = "alert('".&js_escape($lt{'er'})."')";
+        }
+
 	my @importpubforma = (
 	{ '<img class="LC_noBorder LC_middle" src="/res/adm/pages/src.png" alt="'.$lt{srch}.'"  onclick="javascript:groupsearch()" />' => $pathitem."<a class='LC_menubuttons_link' href='javascript:groupsearch()'>$lt{'srch'}</a>" },
 	{ '<img class="LC_noBorder LC_middle" src="/res/adm/pages/res.png" alt="'.$lt{impo}.'"  onclick="javascript:groupimport();"/>' => "<a class='LC_menubuttons_link' href='javascript:groupimport();'>$lt{'impo'}</a>$help{'Importing_LON-CAPA_Resource'}" },
-	{ '<img class="LC_noBorder LC_middle" src="/res/adm/pages/wishlist.png" alt="'.$lt{lnks}.'" onclick="javascript:open_StoredLinks_Import();" />' => "<a class='LC_menubuttons_link' href='javascript:open_StoredLinks_Import();'>$lt{'lnks'}</a>" },
+	{ '<img class="LC_noBorder LC_middle" src="/res/adm/pages/wishlist.png" alt="'.$lt{lnks}.'" onclick="javascript:'.$fromstoredjs.';" />' => '<a class="LC_menubuttons_link" href="javascript:'.$fromstoredjs.';">'.$lt{'lnks'}.'</a>' },
         { '<img class="LC_noBorder LC_middle" src="/res/adm/pages/sequence.png" alt="'.$lt{impm}.'" onclick="javascript:toggleMap(\'map\');" />' => $importpubform }
 	);
 	$importpubform = &create_form_ul(&create_list_elements(@importpubforma));
         my $extresourcesform =
             &Apache::lonextresedit::extedit_form(0,0,undef,undef,$pathitem,
-                                                 $help{'Adding_External_Resource'});
+                                                 $help{'Adding_External_Resource'},
+                                                 undef,undef,$disabled);
     if ($allowed) {
         my $folder = $env{'form.folder'};
         if ($folder eq '') {
             $folder='default';
         }
-	my $output = &update_paste_buffer($coursenum,$coursedom,$folder);
-        if ($output) {
-            $r->print($output);
+        if ($canedit) {
+	    my $output = &update_paste_buffer($coursenum,$coursedom,$folder);
+            if ($output) {
+                $r->print($output);
+            }
         }
 	$r->print(<<HIDDENFORM);
 	<form name="renameform" method="post" action="/adm/coursedocs">
@@ -5070,10 +5708,11 @@ HIDDENFORM
 #
 
     my $savefolderpath;
+    my $hostname = $r->hostname();
 
     if ($allowed) {
        my $folder=$env{'form.folder'};
-       if ($folder eq '' || $supplementalflag) {
+       if ((($folder eq '') && (!$hiddentop)) || ($supplementalflag)) {
            $folder='default';
 	   $savefolderpath = $env{'form.folderpath'};
 	   $env{'form.folderpath'}='default&'.&escape(&mt('Main Content'));
@@ -5101,7 +5740,7 @@ HIDDENFORM
 	$pathitem
 	<input type="hidden" name="importdetail" 
 	value="$lt{'navc'}=/adm/navmaps" />
-	<a class="LC_menubuttons_link" href="javascript:document.newnav.submit()">$lt{'navc'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.newnav);">$lt{'navc'}</a>
 	$help{'Navigate_Content'}
 	</form>
 NNFORM
@@ -5162,7 +5801,7 @@ NBFORM
 	$pathitem
 	<input type="hidden" name="importdetail" 
 	value="$plainname=/adm/$udom/$uname/aboutme" />
-	<a class="LC_menubuttons_link" href="javascript:document.newaboutme.submit()">$lt{'mypi'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.newaboutme);">$lt{'mypi'}</a>
 	$help{'My Personal Information Page'}
 	</form>
 NAMFORM
@@ -5182,7 +5821,7 @@ NASOFORM
 	$pathitem
 	<input type="hidden" name="importdetail" 
 	value="$lt{'rost'}=/adm/viewclasslist" />
-	<a class="LC_menubuttons_link" href="javascript:document.newroster.submit()">$lt{'rost'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.newroster);">$lt{'rost'}</a>
 	$help{'Course_Roster'}
 	</form>
 NROSTFORM
@@ -5245,7 +5884,7 @@ NFFORM
 	$pathitem
 	<input type="hidden" name="importdetail" 
 	value="$lt{'syll'}=/public/$coursedom/$coursenum/syllabus" />
-	<a class="LC_menubuttons_link" href="javascript:document.newsyl.submit()">$lt{'syll'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.newsyl);">$lt{'syll'}</a>
 	$help{'Syllabus'}
 
 	</form>
@@ -5257,17 +5896,23 @@ NSYLFORM
 	$pathitem
 	<input type="hidden" name="importdetail"
 	value="$lt{'grpo'}=/adm/$coursedom/$coursenum/aboutme" />
-	<a class="LC_menubuttons_link" href="javascript:document.newgroupfiles.submit()">$lt{'grpo'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.newgroupfiles);">$lt{'grpo'}</a>
 	$help{'Group Portfolio'}
 	</form>
 NGFFORM
-	@specialdocumentsforma=(
+        if ($container eq 'page') {
+            @specialdocumentsforma=(
+        {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/webpage.png" alt="'.$lt{webp}.'" onclick="javascript:makewebpage();" />'=>$newwebpageform},
+            );
+        } else {
+	    @specialdocumentsforma=(
 	{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/page.png" alt="'.$lt{newp}.'"  onclick="javascript:makenewpage(document.newpage,\''.$pageseq.'\');" />'=>$newpageform},
-	{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/syllabus.png" alt="'.$lt{syll}.'" onclick="document.newsyl.submit()" />'=>$newsylform},
-	{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/navigation.png" alt="'.$lt{navc}.'" onclick="document.newnav.submit()" />'=>$newnavform},
+	{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/syllabus.png" alt="'.$lt{syll}.'" onclick="javascript:makenew(document.newsyl);" />'=>$newsylform},
+	{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/navigation.png" alt="'.$lt{navc}.'" onclick="javascript:makenew(document.newnav);" />'=>$newnavform},
         {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/simple.png" alt="'.$lt{sipa}.'" onclick="javascript:makesmppage();" />'=>$newsmppageform},
         {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/webpage.png" alt="'.$lt{webp}.'" onclick="javascript:makewebpage();" />'=>$newwebpageform},
-        );
+            );
+        }
         $specialdocumentsform = &create_form_ul(&create_list_elements(@specialdocumentsforma));
 
 
@@ -5296,8 +5941,8 @@ NGFFORM
        {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/bchat.png" alt="'.$lt{bull}.'" onclick="javascript:makebulboard();" />'=>$newbulform},
         {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/myaboutme.png" alt="'.$lt{mypi}.'" onclick="javascript:makebulboard();" />'=>$newaboutmeform},
         {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/aboutme.png" alt="'.$lt{abou}.'" onclick="javascript:makeabout();" />'=>$newaboutsomeoneform},
-        {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/clst.png" alt="'.$lt{rost}.'" onclick="document.newroster.submit()" />'=>$newrosterform},
-        {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/groupportfolio.png" alt="'.$lt{grpo}.'" onclick="document.newgroupfiles.submit()" />'=>$newgroupfileform},
+        {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/clst.png" alt="'.$lt{rost}.'" onclick="javascript:makenew(document.newroster);" />'=>$newrosterform},
+        {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/groupportfolio.png" alt="'.$lt{grpo}.'" onclick="javascript:makenew(document.newgroupfiles);" />'=>$newgroupfileform},
         );
         $communityform = &create_form_ul(&create_list_elements(@communityforma));
 
@@ -5305,22 +5950,26 @@ my %orderhash = (
                 'aa' => ['Upload',$fileuploadform],
                 'bb' => ['Import',$importpubform],
                 'cc' => ['Grading',$gradingform],
+                'ee' => ['Other',$specialdocumentsform],
                 );
 unless ($container eq 'page') {
     $orderhash{'00'} = ['Newfolder',$newfolderform];
     $orderhash{'dd'} = ['Collaboration',$communityform];
-    $orderhash{'ee'} = ['Other',$specialdocumentsform];
 }
 
  $hadchanges=0;
        unless (($supplementalflag || $toolsflag)) {
           my $error = &editor($r,$coursenum,$coursedom,$folder,$allowed,'',$crstype,
-                              $supplementalflag,\%orderhash,$iconpath,$pathitem);
+                              $supplementalflag,\%orderhash,$iconpath,$pathitem,
+                              $canedit,$hostname,\$navmap,$hiddentop);
+          undef($navmap);
           if ($error) {
              $r->print('<p><span class="LC_error">'.$error.'</span></p>');
           }
           if ($hadchanges) {
-             &mark_hash_old();
+             unless (&is_hash_old()) {
+                 &mark_hash_old();
+             }
           }
 
           &changewarning($r,'');
@@ -5380,7 +6029,8 @@ SNFFORM
 	
         my $supextform =
             &Apache::lonextresedit::extedit_form(1,0,undef,undef,$pathitem,
-                                                 $help{'Adding_External_Resource'});
+                                                 $help{'Adding_External_Resource'},
+                                                 undef,undef,$disabled);
 
 	my $supnewsylform=(<<SNSFORM);
 	<form action="/adm/coursedocs" method="post" name="supnewsyl">
@@ -5388,7 +6038,7 @@ SNFFORM
         $pathitem
 	<input type="hidden" name="importdetail" 
 	value="Syllabus=/public/$coursedom/$coursenum/syllabus" />
-	<a class="LC_menubuttons_link" href="javascript:document.supnewsyl.submit()">$lt{'syll'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.supnewsyl);">$lt{'syll'}</a>
 	$help{'Syllabus'}
 	</form>
 SNSFORM
@@ -5399,7 +6049,7 @@ SNSFORM
         $pathitem
 	<input type="hidden" name="importdetail" 
 	value="$plainname=/adm/$udom/$uname/aboutme" />
-	<a class="LC_menubuttons_link" href="javascript:document.supnewaboutme.submit()">$lt{'mypi'}</a>
+	<a class="LC_menubuttons_link" href="javascript:makenew(document.supnewaboutme);">$lt{'mypi'}</a>
 	$help{'My Personal Information Page'}
 	</form>
 SNAMFORM
@@ -5426,9 +6076,9 @@ SWEBFORM
 
 
 my @specialdocs = (
-		{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/syllabus.png" alt="'.$lt{syll}.'" onclick="document.supnewsyl.submit()" />'
+		{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/syllabus.png" alt="'.$lt{syll}.'" onclick="javascript:makenew(document.supnewsyl);" />'
             =>$supnewsylform},
-		{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/myaboutme.png" alt="'.$lt{mypi}.'" onclick="document.supnewaboutme.submit()" />'
+		{'<img class="LC_noBorder LC_middle" src="/res/adm/pages/myaboutme.png" alt="'.$lt{mypi}.'" onclick="javascript:makenew(document.supnewaboutme);" />'
             =>$supnewaboutmeform},
                 {'<img class="LC_noBorder LC_middle" src="/res/adm/pages/webpage.png" alt="'.$lt{webp}.'" onclick="javascript:makewebpage('."'supp'".');" />'=>$supwebpageform},
 
@@ -5448,7 +6098,8 @@ my %suporderhash = (
                 );
         if ($supplementalflag) {
            my $error = &editor($r,$coursenum,$coursedom,$folder,$allowed,'',$crstype,
-                               $supplementalflag,\%suporderhash,$iconpath,$pathitem);
+                               $supplementalflag,\%suporderhash,$iconpath,$pathitem,
+                               $canedit,$hostname);
            if ($error) {
               $r->print('<p><span class="LC_error">'.$error.'</span></p>');
            } else {
@@ -5468,7 +6119,7 @@ my %suporderhash = (
         }
     } elsif ($supplementalflag) {
         my $error = &editor($r,$coursenum,$coursedom,$folder,$allowed,'',$crstype,
-                            $supplementalflag,'',$iconpath,$pathitem);
+                            $supplementalflag,'',$iconpath,$pathitem,'',$hostname);
         if ($error) {
             $r->print('<p><span class="LC_error">'.$error.'</span></p>');
         }
@@ -5502,6 +6153,7 @@ my %suporderhash = (
 sub embedded_form_elems {
     my ($phase,$primaryurl,$newidx) = @_;
     my $folderpath = &HTML::Entities::encode($env{'form.folderpath'},'<>&"');
+    $newidx =~s /\D+//g;
     return <<STATE;
     <input type="hidden" name="folderpath" value="$folderpath" />
     <input type="hidden" name="cmd" value="upload_embedded" />
@@ -5522,7 +6174,11 @@ sub embedded_destination {
     } elsif ($folder =~ /^(default|supplemental)_(\d+)$/) {
         $destination .=  $2.'/';
     }
-    $destination .= $env{'form.newidx'};
+    my $newidx = $env{'form.newidx'};
+    $newidx =~s /\D+//g;
+    if ($newidx) {
+        $destination .= $newidx;
+    }
     my $dir_root = '/userfiles';
     return ($destination,$dir_root);
 }
@@ -5548,6 +6204,9 @@ sub decompression_info {
     }
     unshift(@hiddens,$pathitem);
     foreach my $item (@hiddens) {
+        if ($item eq 'newidx') {
+            next if ($env{'form.'.$item} =~ /\D/);
+        }
         if ($env{'form.'.$item}) {
             $hiddenelem .= '<input type="hidden" name="'.$item.'" value="'.
                            &HTML::Entities::encode($env{'form.'.$item},'<>&"').'" />'."\n";
@@ -5653,7 +6312,7 @@ sub remove_archive {
 }
 
 sub generate_admin_menu {
-    my ($crstype) = @_;
+    my ($crstype,$canedit) = @_;
     my $lc_crstype = lc($crstype);
     my ($home,$other,%outhash)=&authorhosts();
     my %lt= ( # do not translate here
@@ -5711,7 +6370,9 @@ sub generate_admin_menu {
                     linktitle  => "List the unique identifier used for each resource instance in your $lc_crstype"
                 },
                 ]
-        },
+        });
+    if ($canedit) {
+        push(@menu,
         {   categorytitle=>'Export',
             items =>[
                 {   linktext   => $lt{'imse'},
@@ -5730,6 +6391,7 @@ sub generate_admin_menu {
                 },
                 ]
         });
+    }
     return '<form action="/adm/coursedocs" method="post" name="courseverify">'."\n".
            '<input type="hidden" id="dummy" />'."\n".
            &Apache::lonhtmlcommon::generate_menu(@menu)."\n".
@@ -5738,15 +6400,16 @@ sub generate_admin_menu {
 
 sub generate_edit_table {
     my ($tid,$orderhash_ref,$to_show,$iconpath,$jumpto,$readfile,
-        $need_save,$copyfolder) = @_;
+        $need_save,$copyfolder,$canedit) = @_;
     return unless(ref($orderhash_ref) eq 'HASH');
     my %orderhash = %{$orderhash_ref};
-    my $form;
-    my $activetab;
-    my $active;
+    my ($form, $activetab, $active, $disabled);
     if (($env{'form.active'} ne '') && ($env{'form.active'} ne '00')) {
         $activetab = $env{'form.active'};
     }
+    unless ($canedit) {
+        $disabled = ' disabled="disabled"';
+    }
     my $backicon = $iconpath.'clickhere.gif';
     my $backtext = &mt('Exit Editor');
     $form = '<div class="LC_Box" style="margin:0;">'.
@@ -5810,7 +6473,7 @@ sub generate_edit_table {
 <input type="hidden" name="multicopy" value="" />
 <input type="hidden" name="multichange" value="" />
 <input type="hidden" name="copyfolder" value="$copyfolder" />
-<input type="submit" name="savemultiples" value="$button" />
+<input type="submit" name="savemultiples" value="$button" $disabled />
 </form>
 </div>
 END
@@ -5836,7 +6499,8 @@ END
 }
 
 sub editing_js {
-    my ($udom,$uname,$supplementalflag) = @_;
+    my ($udom,$uname,$supplementalflag,$coursedom,$coursenum,
+        $canedit,$hostname,$navmapref) = @_;
     my %js_lt = &Apache::lonlocal::texthash(
                                           p_mnf => 'Name of New Folder',
                                           t_mnf => 'New Folder',
@@ -5876,6 +6540,7 @@ sub editing_js {
                                           noor    => 'No actions selected or changes to settings specified.',
                                           noch    => 'No changes to settings specified.',
                                           noac    => 'No actions selected.',
+                                          edri    => 'Editing rights unavailable for your current role.',
                                         );
 
     &js_escape(\%js_lt);
@@ -5885,11 +6550,10 @@ sub editing_js {
     if (&HTML::Entities::decode($env{'environment.internal.'.$env{'request.course.id'}.'.docs_folderpath.folderpath'}) =~ /\:1$/) {
         $main_container_page = 1;
     }
-    my $toplevelmain = 
-        &escape(&mt('Main Content').':::::');
+    my $backtourl;
+    my $toplevelmain = &escape(&default_folderpath($coursenum,$coursedom,$navmapref));
     my $toplevelsupp = &supplemental_base();
 
-    my $backtourl;
     if ($env{'docs.exit.'.$env{'request.course.id'}} =~ /^direct_(.+)$/) {
         my $caller = $1;
         if ($caller =~ /^supplemental/) {
@@ -5898,8 +6562,46 @@ sub editing_js {
             my ($map,$id,$res)=&Apache::lonnet::decode_symb($caller);
             $res = &Apache::lonnet::clutter($res);
             if (&Apache::lonnet::is_on_map($res)) {
-                $backtourl = &HTML::Entities::encode(&Apache::lonnet::clutter($res),'<>&"').'?symb='.
-                             &HTML::Entities::encode($caller,'<>&"');
+                my ($url,$anchor);
+                if ($res =~ /^([^#]+)#([^#]+)$/) {
+                    $url = $1;
+                    $anchor = $2;
+                    if (($caller =~ m{^([^#]+)\Q#$anchor\E$})) {
+                        $caller = $1.&escape('#').$anchor;
+                    }
+                } else {
+                    $url = $res;
+                }
+                $backtourl = &HTML::Entities::encode(&Apache::lonnet::clutter($url),'<>&"');
+                if ($backtourl =~ m{^\Q/uploaded/$coursedom/$coursenum/\Edefault_\d+\.sequence$}) {
+                    $backtourl .= '?navmap=1';
+                } else {
+                    $backtourl .= '?symb='.
+                                  &HTML::Entities::encode($caller,'<>&"');
+                }
+                if ($backtourl =~ m{^\Q/public/$coursedom/$coursenum/syllabus\E}) {
+                    if (($ENV{'SERVER_PORT'} == 443) &&
+                        ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
+                        unless (&Apache::lonnet::uses_sts()) {
+                            if ($hostname ne '') {
+                                $backtourl = 'http://'.$hostname.$backtourl;
+                            }
+                            $backtourl .= (($backtourl =~ /\?/) ? '&amp;':'?').'usehttp=1';
+                        }
+                    }
+                } elsif ($backtourl =~ m{^/adm/wrapper/ext/(?!https:)}) {
+                    if (($ENV{'SERVER_PORT'} == 443) && ($hostname ne '')) {
+                        unless (&Apache::lonnet::uses_sts()) {
+                            if ($hostname ne '') {
+                                $backtourl = 'http://'.$hostname.$backtourl;
+                            }
+                            $backtourl .= (($backtourl =~ /\?/) ? '&amp;':'?').'usehttp=1';
+                        }
+                    }
+                }
+                if ($anchor ne '') {
+                    $backtourl .= '#'.&HTML::Entities::encode($anchor,'<>&"');
+                }
                 $backtourl = &Apache::loncommon::escape_single($backtourl); 
             } else {
                 $backtourl = '/adm/navmaps';
@@ -5921,7 +6623,9 @@ sub editing_js {
         $fieldsets = "'suppext','suppdoc'";
     }
 
-    return <<ENDNEWSCRIPT;
+    my $jsmakefunctions;
+    if ($canedit) {
+        $jsmakefunctions = <<ENDNEWSCRIPT;
 function makenewfolder(targetform,folderseq) {
     var foldername=prompt('$js_lt{"p_mnf"}','$js_lt{"t_mnf"}');
     if (foldername) {
@@ -6007,16 +6711,101 @@ function makeabout() {
 	   if ((comp[0]) && (comp[1])) {
 	       this.document.forms.newaboutsomeone.importdetail.value=
 		   '$js_lt{"p_mab2"}'+escape(user)+'=/adm/'+comp[1]+'/'+comp[0]+'/aboutme';
-       this.document.forms.newaboutsomeone.submit();
-   } else {
-       alert("$js_lt{'p_mab_alrt1'}");
-   }
-} else {
-   alert("$js_lt{'p_mab_alrt2'}");
+               this.document.forms.newaboutsomeone.submit();
+           } else {
+               alert("$js_lt{'p_mab_alrt1'}");
+           }
+       } else {
+           alert("$js_lt{'p_mab_alrt2'}");
+       }
+    }
+}
+
+function makenew(targetform) {
+    targetform.submit();
+}
+
+function changename(folderpath,index,oldtitle) {
+    var title=prompt('$js_lt{"p_chn"}',oldtitle);
+    if (title) {
+        this.document.forms.renameform.markcopy.value='';
+        this.document.forms.renameform.title.value=title;
+        this.document.forms.renameform.cmd.value='rename_'+index;
+        this.document.forms.renameform.folderpath.value=folderpath;
+        this.document.forms.renameform.submit();
+    }
+}
+
+ENDNEWSCRIPT
+    } else {
+        $jsmakefunctions = <<ENDNEWSCRIPT;
+
+function makenewfolder() {
+    alert("$js_lt{'edri'}");
+}
+
+function makenewpage() {
+    alert("$js_lt{'edri'}");
+}
+
+function makeexamupload() {
+    alert("$js_lt{'edri'}");
 }
+
+function makesmppage() {
+    alert("$js_lt{'edri'}");
 }
+
+function makewebpage(type) {
+    alert("$js_lt{'edri'}");
 }
 
+function makesmpproblem() {
+    alert("$js_lt{'edri'}");
+}
+
+function makedropbox() {
+    alert("$js_lt{'edri'}");
+}
+
+function makebulboard() {
+    alert("$js_lt{'edri'}");
+}
+
+function makeabout() {
+    alert("$js_lt{'edri'}");
+}
+
+function changename() {
+    alert("$js_lt{'edri'}");
+}
+
+function makenew() {
+    alert("$js_lt{'edri'}");
+}
+
+function groupimport() {
+    alert("$js_lt{'edri'}");
+}
+
+function groupsearch() {
+    alert("$js_lt{'edri'}");
+}
+
+function groupopen(url,recover) {
+   var options="scrollbars=1,resizable=1,menubar=0";
+   idxflag=1;
+   idx=open("/adm/groupsort?inhibitmenu=yes&mode=simple&recover="+recover+"&readfile="+url,"idxout",options);
+   idx.focus();
+}
+
+ENDNEWSCRIPT
+
+    }
+    return <<ENDSCRIPT;
+
+$jsmakefunctions
+
 function toggleUpload(caller) {
     var blocks = Array($fieldsets);
     for (var i=0; i<blocks.length; i++) {
@@ -6061,17 +6850,6 @@ function makeims(imsform) {
     imsform.submit();
 }
 
-function changename(folderpath,index,oldtitle) {
-var title=prompt('$js_lt{"p_chn"}',oldtitle);
-if (title) {
-this.document.forms.renameform.markcopy.value='';
-this.document.forms.renameform.title.value=title;
-this.document.forms.renameform.cmd.value='rename_'+index;
-this.document.forms.renameform.folderpath.value=folderpath;
-this.document.forms.renameform.submit();
-}
-}
-
 function updatePick(targetform,index,caller) {
     var pickitem;
     var picknumitem;
@@ -6237,6 +7015,11 @@ function propagateState(form,param) {
 }
 
 function checkForSubmit(targetform,param,context,idx,folderpath,index,oldtitle,skip_confirm,container,folder,confirm_removal) {
+    var canedit = '$canedit';
+    if (canedit == '') {
+        alert("$js_lt{'edri'}");
+        return;
+    }
     var dosettings;
     var doaction;
     var control = document.togglemultsettings;
@@ -6782,7 +7565,7 @@ function setBoxes(value) {
     return;
 }
 
-ENDNEWSCRIPT
+ENDSCRIPT
 }
 
 sub history_tab_js {
@@ -7011,7 +7794,9 @@ check on this
 
 Verify Content
 
-=item devalidateversioncache() & checkversions()
+=item devalidateversioncache()
+
+=item checkversions()
 
 Check Versions