--- loncom/interface/lonmenu.pm	2016/10/31 21:05:59	1.369.2.64
+++ loncom/interface/lonmenu.pm	2019/02/22 01:57:36	1.369.2.74
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Routines to control the menu
 #
-# $Id: lonmenu.pm,v 1.369.2.64 2016/10/31 21:05:59 raeburn Exp $
+# $Id: lonmenu.pm,v 1.369.2.74 2019/02/22 01:57:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -384,6 +384,7 @@ sub secondary_menu {
                                                ? "/$env{'request.course.sec'}"
                                                : '');
     my $canedit       = &Apache::lonnet::allowed('mdc', $env{'request.course.id'});
+    my $canvieweditor = &Apache::lonnet::allowed('cev', $env{'request.course.id'}); 
     my $canviewroster = $env{'course.'.$env{'request.course.id'}.'.student_classlist_view'};
     if ($canviewroster eq 'disabled') {
         undef($canviewroster);
@@ -402,7 +403,7 @@ sub secondary_menu {
     if ($env{'request.course.id'}) {
         $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
         $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
-        unless ($canedit) {
+        unless ($canedit || $canvieweditor) {
             unless (&Apache::lonnet::is_on_map("public/$cdom/$cnum/syllabus")) {
                 if (($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'}) ||
                     ($env{'course.'.$env{'request.course.id'}.'.uploadedsyllabus'}) ||
@@ -415,7 +416,7 @@ sub secondary_menu {
                 $showfeeds = 1;
             }
         }
-        unless (($canmgr) || ($canvgr)) {
+        unless ($canmgr || $canvgr) {
             my %slots = &Apache::lonnet::get_course_slots($cnum,$cdom);
             if (keys(%slots) > 0) {
                 $showresv = 1;
@@ -445,11 +446,11 @@ sub secondary_menu {
         next if    $$menuitem[4]   ne 'always'
                 && ($$menuitem[4]  ne 'author' && $$menuitem[4] ne 'cca')
                 && !$env{'request.course.id'};
-        next if    $$menuitem[4]   =~ /^mdc/
-                && !$canedit;
-        next if    $$menuitem[4]  eq 'mdcCourse'
+        next if    $$menuitem[4]   =~ /^crsedit/
+                && (!$canedit && !$canvieweditor);
+        next if    $$menuitem[4]  eq 'crseditCourse'
                 && ($crstype eq 'Community');
-        next if    $$menuitem[4]  eq 'mdcCommunity'
+        next if    $$menuitem[4]  eq 'crseditCommunity'
                 && ($crstype eq 'Course');
         next if    $$menuitem[4]  eq 'nvgr'
                 && $canvgr;
@@ -497,7 +498,10 @@ sub secondary_menu {
                         next if ($item->[2] eq 'viewusers' && !($canmodifyuser || $canviewusers));
                         next if ($item->[2] eq 'mgr' && !$canmgr);
                         next if ($item->[2] eq 'vcg' && !$canviewgrps);
-                        next if ($item->[2] eq 'mdc' && !$canedit);
+                        next if ($item->[2] eq 'crsedit' && !$canedit && !$canvieweditor);
+                        next if ($item->[2] eq 'params' && !$canmodpara && !$canviewpara);
+                        next if ($item->[2] eq 'author' && !$author);
+                        next if ($item->[2] eq 'cca' && !$canmodifycoauthor);
                         push(@scndsub,$item); 
                     }
                 }
@@ -527,6 +531,7 @@ sub secondary_menu {
                 } else {
                     $$menuitem[0] =~ s{\?register=1}{};
                 }
+                $$menuitem[0] = &HTML::Entities::encode($$menuitem[0],'&<>"');
             }
             $menu .= &prep_menuitem(\@$menuitem);
         }
@@ -545,7 +550,7 @@ sub secondary_menu {
             my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
             ($escurl = $env{'request.filename'}) =~ s{^\Q$londocroot\E}{};
             $escurl  = &escape($escurl);
-        }    
+        }
         $menu =~ s/\[url\]/$escurl/g;
         $menu =~ s/\[symb\]/$escsymb/g;
     }
@@ -634,6 +639,20 @@ sub build_submenu {
                     next unless (($env{'user.name'} ne '') && ($env{'user.domain'} ne ''));
                     $href =~ s/\[domain\]/$env{'user.domain'}/g;
                     $href =~ s/\[user\]/$env{'user.name'}/g;
+                } elsif (($href =~ m{^/adm/preferences\?}) && ($href =~ /\[returnurl\]/)) {
+                    my $returnurl = $ENV{'REQUEST_URI'};
+                    if ($ENV{'REQUEST_URI'} =~ m{/adm/preferences\?action=(?:changedomcoord|authorsettings)\&returnurl=([^\&]+)$}) {
+                        $returnurl = $1;
+                    }
+                    if (($returnurl =~ m{^/adm/createuser($|\?action=)}) ||
+                        ($returnurl =~ m{^/priv/$match_domain/$match_username}) ||
+                        ($returnurl =~ m{^/res(/?$|/$match_domain/$match_username)})) {
+                        $returnurl =~ s{\?.*$}{};
+                        $returnurl = '&amp;returnurl='.&HTML::Entities::encode($returnurl,'"<>&\'');
+                    } else {
+                        undef($returnurl);
+                    }
+                    $href =~ s/\[returnurl\]/$returnurl/;
                 }
                 unless (($href eq '') || ($href =~ /^\#/)) {
                     $target = ' target="_top"';
@@ -823,6 +842,7 @@ sub innerregister {
             $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
             $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
             $perms{'mdc'} = &Apache::lonnet::allowed('mdc',$env{'request.course.id'});
+            $perms{'cev'} = &Apache::lonnet::allowed('cev',$env{'request.course.id'});
             my @privs;
             if ($env{'request.symb'} ne '') {
                 if ($env{'request.filename'}=~/$LONCAPA::assess_re/) {
@@ -864,7 +884,7 @@ sub innerregister {
 #
 # This applies to items inside a folder/page modifiable in the course.
 #
-            if (($env{'request.symb'}=~/^uploaded/) && ($perms{'mdc'})) {
+            if (($env{'request.symb'}=~/^uploaded/) && (($perms{'mdc'}) || ($perms{'cev'}))) {
                 my $text = 'Edit Folder';
                 if (($mapurl =~ /\.page$/) ||
                     ($env{'request.symb'}=~
@@ -1401,9 +1421,9 @@ sub get_editbutton {
     my ($cfile,$home,$switchserver,$forceedit,$forceview,$forcereg) = @_;
     my $jscall;
     if (($forceview) && ($env{'form.todocs'})) {
-        my ($folderpath,$command);
+        my ($folderpath,$command,$navmap);
         if ($env{'request.symb'}) {
-            $folderpath = &Apache::loncommon::symb_to_docspath($env{'request.symb'});
+            $folderpath = &Apache::loncommon::symb_to_docspath($env{'request.symb'},\$navmap);
         } elsif ($env{'form.folderpath'} =~ /^supplemental/) {
             $folderpath = $env{'form.folderpath'};
             $command = '&forcesupplement=1';
@@ -1467,8 +1487,9 @@ sub prepare_functions {
     }
 
     my $editbutton = '';
+    my $viewsrcbutton = '';
 #
-# Determine whether or not to display 'Edit' icon/button
+# Determine whether or not to display 'Edit' or 'View Source' icon/button
 #
     if ($resurl =~ m{^/?adm/($match_domain)/($match_username)/aboutme$}) {
         my $file=&Apache::lonnet::declutter($env{'request.filename'});
@@ -1499,9 +1520,13 @@ sub prepare_functions {
 # This applies in course context
 #
         if (($perms{'mdc'}) &&
-            (($resurl eq "/public/$cdom/$cnum/syllabus") ||
-            ($resurl =~ m{^/uploaded/$cdom/$cnum/portfolio/syllabus/}))) {
-            $cfile = $resurl;
+            (($resurl =~ m{^/?public/$cdom/$cnum/syllabus}) ||
+            ($resurl =~ m{^/?uploaded/$cdom/$cnum/portfolio/syllabus/}))) {
+            if ($resurl =~ m{^/}) {
+                $cfile = $resurl;
+            } else {
+                $cfile = "/$resurl";
+            }
             $home = &Apache::lonnet::homeserver($cnum,$cdom);
             if ($env{'form.forceedit'}) {
                 $forceview = 1;
@@ -1538,6 +1563,29 @@ sub prepare_functions {
                     $editbutton = &get_editbutton($cfile,$home,$switchserver,
                                                   $forceedit,$forceview,$forcereg);
                 }
+                if ((($cfile eq '') || (!$editbutton)) &&
+                    ($resurl =~ /$LONCAPA::assess_re/)) {
+                    my $showurl = &Apache::lonnet::clutter($resurl);
+                    if ((&Apache::lonnet::allowed('cre','/')) &&
+                        (&Apache::lonnet::metadata($resurl,'sourceavail') eq 'open')) {
+                        $viewsrcbutton = 1;
+                    } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+                        if ($showurl =~ m{^\Q/res/$cdom/\E($match_username)/}) {
+                            my $auname = $1;
+                            if (($env{'request.course.adhocsrcaccess'} ne '') &&
+                                (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
+                                $viewsrcbutton = 1;
+                            } elsif ((&Apache::lonnet::metadata($resurl,'sourceavail') eq 'open') &&
+                                     (&Apache::lonnet::allowed('bre','/'))) {
+                                $viewsrcbutton = 1;
+                            }
+                        }
+                    }
+                    if ($viewsrcbutton) {
+                        &switch('','',6,1,'pcstr.png','View Source','resource[_2]','open_source()',
+                                'View source code');
+                    }
+                }
             }
         }
     }
@@ -2154,15 +2202,6 @@ return (<<ENDUTILITY)
 
 $dc_popup_cid
 
-function go(url) {
-   if (url!='' && url!= null) {
-       currentURL = null;
-       currentSymb= null;
-       var lcHostname = setLCHost();
-       window.location.href=lcHostname+url;
-   }
-}
-
 $jumptores
 
 function gopost(url,postdata) {
@@ -2358,7 +2397,7 @@ sub roles_selector {
     my ($cdom,$cnum,$httphost) = @_;
     my $crstype = &Apache::loncommon::course_type();
     my $now = time;
-    my (%courseroles,%seccount,%courseprivs);
+    my (%courseroles,%seccount,%courseprivs,%roledesc);
     my $is_cc;
     my ($js,$form,$switcher);
     my $ccrole;
@@ -2408,7 +2447,7 @@ sub roles_selector {
     if ($is_cc) {
         &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount,\%courseprivs);
     } elsif ($env{'request.role'} =~ m{^\Qcr/$cdom/$cdom-domainconfig/\E(\w+)\.\Q/$cdom/$cnum\E}) {
-        &get_customadhoc_roles($cdom,$cnum,\%courseroles,\%seccount,\%courseprivs,$privref);
+        &get_customadhoc_roles($cdom,$cnum,\%courseroles,\%seccount,\%courseprivs,\%roledesc,$privref);
     } else {
         my %gotnosection;
         foreach my $item (keys(%env)) {
@@ -2462,7 +2501,7 @@ sub roles_selector {
     }
     if ((keys(%seccount) > 1) || ($numdiffsec > 1)) {
         my @submenu;
-        $js = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles,\%courseprivs,$privref);
+        $js = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles,\%courseprivs,\%roledesc,$privref);
         $form = 
             '<form name="rolechooser" method="post" action="'.$httphost.'/adm/roles">'."\n".
             '  <input type="hidden" name="destinationurl" value="'.
@@ -2502,8 +2541,17 @@ sub roles_selector {
                     $include = 1;
                 }
                 if ($include) {
+                    my $rolename;
+                    if ($role =~ m{^cr/$cdom/$cdom\-domainconfig/(\w+)(?:/\w+|$)}) {
+                        $rolename = $roledesc{$role};
+                        if ($rolename eq '') {
+                            $rolename = &mt('Helpdesk [_1]',$1);
+                        }
+                    } else {
+                        $rolename = &Apache::lonnet::plaintext($role);
+                    }
                     push(@submenu,['javascript:adhocRole('."'$role'".')',
-                                   &Apache::lonnet::plaintext($role)]);
+                                   $rolename]);
                 }
             }
         }
@@ -2585,73 +2633,91 @@ sub get_all_courseroles {
 }
 
 sub get_customadhoc_roles {
-    my ($cdom,$cnum,$courseroles,$seccount,$courseprivs,$privref) = @_;
+    my ($cdom,$cnum,$courseroles,$seccount,$courseprivs,$roledesc,$privref) = @_;
     unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH') &&
-            (ref($courseprivs) eq 'HASH')) {
+            (ref($courseprivs) eq 'HASH') && (ref($roledesc) eq 'HASH')) {
         return;
     }
-    if ($env{'environment.adhocroles.'.$cdom} ne '') {
-        my @customroles = split(/,/,$env{'environment.adhocroles.'.$cdom});
-        if (@customroles > 1) {
-            if ($env{"user.role.dh./$cdom/"}) {
-                my ($start,$end)=split(/\./,$env{"user.role.dh./$cdom/"});
-                my $now = time;
-                if (!($start && ($now<$start)) & !($end && ($now>$end))) {
-                    my $numsec = 1;
-                    my @sections;
-                    my ($allseclist,$cached) =
-                        &Apache::lonnet::is_cached_new('courseseclist',$cdom.'_'.$cnum);
-                    if (defined($cached)) {
-                        if ($allseclist ne '') {
-                            @sections = split(/,/,$allseclist);
-                            $numsec += scalar(@sections);
-                        }
-                    } else {
-                        my %sections_count = &Apache::loncommon::get_sections($cdom,$cnum);
-                        $numsec += scalar(keys(%sections_count));
-                        $allseclist = join(',',sort(keys(%sections_count)));
-                        &Apache::lonnet::do_cache_new('courseseclist',$cdom.'_'.$cnum,$allseclist);
-                    }
-                    my (%adhoc,$gotprivs);
-                    my $prefix = "cr/$cdom/$cdom".'-domainconfig';
-                    foreach my $role (@customroles) {
-                        next if (($role eq '') || ($role =~ /\W/));
-                        $seccount->{"$prefix/$role"} = $numsec;
-                        $courseroles->{"$prefix/$role"} = \@sections;
-                        if ((ref($privref) eq 'ARRAY') && (@{$privref} > 0)) {
-                            if (exists($env{"user.priv.$prefix/$role./$cdom/$cnum./"})) {
-                                $courseprivs->{"$prefix/$role./$cdom/$cnum./"} =
-                                    $env{"user.priv.$prefix/$role./$cdom/$cnum./"};
-                                $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/"} =
-                                    $env{"user.priv.$prefix/$role./$cdom/$cnum./$cdom/"};
-                                $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/$cnum"} =
-                                    $env{"user.priv.$prefix/$role./$cdom/$cnum./$cdom/$cnum"};
-                            } else {
-                                unless ($gotprivs) {
-                                    my ($adhocroles,$privscached) =
-                                        &Apache::lonnet::is_cached_new('adhocroles',$cdom);
-                                    if ((defined($privscached)) && (ref($adhocroles) eq 'HASH')) {
-                                        %adhoc = %{$adhocroles};
-                                    } else {
-                                        my $confname = &Apache::lonnet::get_domainconfiguser($cdom);
-                                        my %roledefs = &Apache::lonnet::dump('roles',$cdom,$confname,'rolesdef_');
-                                        foreach my $key (keys(%roledefs)) {
-                                            (undef,my $rolename) = split(/_/,$key);
-                                            if ($rolename ne '') {
-                                                $adhoc{$rolename} = $roledefs{$key};
-                                            }
+    my $is_helpdesk = 0;
+    my $now = time;
+    foreach my $role ('dh','da') {
+        if ($env{"user.role.$role./$cdom/"}) {
+            my ($start,$end)=split(/\./,$env{"user.role.$role./$cdom/"});
+            if (!($start && ($now<$start)) && !($end && ($now>$end))) {
+                $is_helpdesk = 1;
+                last;
+            }
+        }
+    }
+    if ($is_helpdesk) {
+        my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($cdom.'_'.$cnum);
+        my %available;
+        if (ref($possroles) eq 'ARRAY') {
+            map { $available{$_} = 1; } @{$possroles};
+        }
+        my %domdefaults = &Apache::lonnet::get_domain_defaults($cdom);
+        if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
+            if (keys(%{$domdefaults{'adhocroles'}})) {
+                my $numsec = 1;
+                my @sections;
+                my ($allseclist,$cached) =
+                    &Apache::lonnet::is_cached_new('courseseclist',$cdom.'_'.$cnum);
+                if (defined($cached)) {
+                    if ($allseclist ne '') {
+                        @sections = split(/,/,$allseclist);
+                        $numsec += scalar(@sections);
+                    }
+                } else {
+                    my %sections_count = &Apache::loncommon::get_sections($cdom,$cnum);
+                    @sections = sort(keys(%sections_count));
+                    $numsec += scalar(@sections);
+                    $allseclist = join(',',@sections);
+                    &Apache::lonnet::do_cache_new('courseseclist',$cdom.'_'.$cnum,$allseclist);
+                }
+                my (%adhoc,$gotprivs);
+                my $prefix = "cr/$cdom/$cdom".'-domainconfig';
+                foreach my $role (keys(%{$domdefaults{'adhocroles'}})) {
+                    next if (($role eq '') || ($role =~ /\W/));
+                    $seccount->{"$prefix/$role"} = $numsec;
+                    $roledesc->{"$prefix/$role"} = $description->{$role};  
+                    if ((ref($privref) eq 'ARRAY') && (@{$privref} > 0)) {
+                        if (exists($env{"user.priv.$prefix/$role./$cdom/$cnum./"})) {
+                            $courseprivs->{"$prefix/$role./$cdom/$cnum./"} =
+                                $env{"user.priv.$prefix/$role./$cdom/$cnum./"};
+                            $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/"} =
+                                $env{"user.priv.$prefix/$role./$cdom/$cnum./$cdom/"};
+                            $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/$cnum"} =
+                                $env{"user.priv.$prefix/$role./$cdom/$cnum./$cdom/$cnum"};
+                        } else {
+                            unless ($gotprivs) {
+                                my ($adhocroles,$privscached) =
+                                    &Apache::lonnet::is_cached_new('adhocroles',$cdom);
+                                if ((defined($privscached)) && (ref($adhocroles) eq 'HASH')) {
+                                    %adhoc = %{$adhocroles};
+                                } else {
+                                    my $confname = &Apache::lonnet::get_domainconfiguser($cdom);
+                                    my %roledefs = &Apache::lonnet::dump('roles',$cdom,$confname,'rolesdef_');
+                                    foreach my $key (keys(%roledefs)) {
+                                        (undef,my $rolename) = split(/_/,$key);
+                                        if ($rolename ne '') {
+                                            my ($systempriv,$domainpriv,$coursepriv) = split(/\_/,$roledefs{$key});
+                                            $coursepriv = &Apache::lonnet::course_adhocrole_privs($rolename,$cdom,$cnum,$coursepriv);
+                                            $adhoc{$rolename} = join('_',($systempriv,$domainpriv,$coursepriv));
                                         }
-                                        &Apache::lonnet::do_cache_new('adhocroles',$cdom,\%adhoc);
                                     }
-                                    $gotprivs = 1;
+                                    &Apache::lonnet::do_cache_new('adhocroles',$cdom,\%adhoc);
                                 }
-                                ($courseprivs->{"$prefix/$role./$cdom/$cnum./"},
-                                 $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/"},
-                                 $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/$cnum"}) =
-                                     split(/\_/,$adhoc{$role});
+                                $gotprivs = 1;
                             }
+                            ($courseprivs->{"$prefix/$role./$cdom/$cnum./"},
+                             $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/"},
+                             $courseprivs->{"$prefix/$role./$cdom/$cnum./$cdom/$cnum"}) =
+                                 split(/\_/,$adhoc{$role});
                         }
                     }
+                    if ($available{$role}) {
+                        $courseroles->{"$prefix/$role"} = \@sections;
+                    }
                 }
             }
         }
@@ -2660,7 +2726,7 @@ sub get_customadhoc_roles {
 }
 
 sub jump_to_role {
-    my ($cdom,$cnum,$seccount,$courseroles,$courseprivs,$privref) = @_;
+    my ($cdom,$cnum,$seccount,$courseroles,$courseprivs,$roledesc,$privref) = @_;
     my %lt = &Apache::lonlocal::texthash(
                 this => 'This role has section(s) associated with it.',
                 ente => 'Enter a specific section.',
@@ -2813,7 +2879,7 @@ sub required_privs {
              '/adm/parmset'      => 'opa,vpa',
              '/adm/courseprefs'  => 'opa,vpa',
              '/adm/whatsnew'     => 'whn',
-             '/adm/populate'     => 'cst',
+             '/adm/populate'     => 'cst,vpa,vcl',
              '/adm/trackstudent' => 'vsa',
              '/adm/statistics'   => 'mgr,vgr',
              '/adm/setblock'     => 'dcm,vcb',