--- loncom/interface/lonmodifycourse.pm	2016/11/09 14:04:41	1.88
+++ loncom/interface/lonmodifycourse.pm	2021/06/15 20:52:26	1.96
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # handler for DC-only modifiable course settings
 #
-# $Id: lonmodifycourse.pm,v 1.88 2016/11/09 14:04:41 raeburn Exp $
+# $Id: lonmodifycourse.pm,v 1.96 2021/06/15 20:52:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -39,6 +39,9 @@ use Apache::lonpickcourse;
 use lib '/home/httpd/lib/perl';
 use LONCAPA qw(:DEFAULT :match);
 
+my $registered_cleanup;
+my $modified_dom;
+
 sub get_dc_settable {
     my ($type,$cdom) = @_;
     if ($type eq 'Community') {
@@ -49,6 +52,10 @@ sub get_dc_settable {
         if (&showcredits($cdom)) {
             push(@items,'defaultcredits');
         }
+        my %passwdconf = &Apache::lonnet::get_passwdconf($cdom);
+        if (($passwdconf{'crsownerchg'}) && ($type ne 'Placement')) {
+            push(@items,'nopasswdchg');
+        }
         return @items;
     }
 }
@@ -101,6 +108,7 @@ sub get_enrollment_settings {
         @items = map { 'internal.'.$_; } (@{$internals});
         push(@items,@{$accessdates});
     }
+    push(@items,'internal.nopasswdchg');
     my %settings = &Apache::lonnet::get('environment',\@items,$cdom,$cnum);
     my %enrollvar;
     $enrollvar{'autharg'} = '';
@@ -126,7 +134,7 @@ sub get_enrollment_settings {
             } elsif ($type eq "authtype"
                      || $type eq "autharg"    || $type eq "coursecode"
                      || $type eq "crosslistings" || $type eq "selfenrollmgr"
-                     || $type eq "autodropfailsafe") {
+                     || $type eq "autodropfailsafe" || $type eq 'nopasswdchg') {
                 $enrollvar{$type} = $settings{$item};
             } elsif ($type eq 'defaultcredits') {
                 if (&showcredits($cdom)) {
@@ -203,28 +211,24 @@ sub print_course_search_page {
            $settingsoption = &mt('View or modify course settings which only a [_1] may modify.',$dctitle);
        }
     } elsif (&Apache::lonnet::allowed('rar',$dom)) {
-        my %adhocroles = &Apache::lonnet::userenvironment($env{'user.domain'},$env{'user.name'},
-                                                         'adhocroles.'.$dom);
-        if (keys(%adhocroles)) {
-            my @adhoc = split(',',$adhocroles{'adhocroles.'.$dom});
-            if (@adhoc > 1) {
+        my ($roles_by_num,$description,$accessref,$accessinfo) = &Apache::lonnet::get_all_adhocroles($dom);
+        if ((ref($roles_by_num) eq 'ARRAY') && (ref($description) eq 'HASH')) {
+            if (@{$roles_by_num} > 1) {
                 if ($type eq 'Community') {
-                    $roleoption = &mt('Enter the community with one of the available ad hoc roles: [_1].',
-                                  join(', ',@adhoc));
+                    $roleoption = &mt('Enter the community with one of the available ad hoc roles');
                 } elsif ($type eq 'Placement') {
-                    $roleoption = &mt('Enter the placement test with one of the available ad hoc roles: [_1].',
-                                  join(', ',@adhoc));
+                    $roleoption = &mt('Enter the placement test with one of the available ad hoc roles.');
                 } else {
-                    $roleoption = &mt('Enter the course with one of the available ad hoc roles: [_1].',
-                                  join(', ',@adhoc));
+                    $roleoption = &mt('Enter the course with one of the available ad hoc roles.');
                 }
             } else {
+                my $rolename = $description->{$roles_by_num->[0]};
                 if ($type eq 'Community') {
-                    $roleoption = &mt('Enter the community with the ad hoc role of: [_1]',$adhoc[0]);
+                    $roleoption = &mt('Enter the community with the ad hoc role of: [_1]',$rolename);
                 } elsif ($type eq 'Placement') {
-                    $roleoption = &mt('Enter the placement test with the ad hoc role of: [_1]',$adhoc[0]);
+                    $roleoption = &mt('Enter the placement test with the ad hoc role of: [_1]',$rolename);
                 } else {
-                    $roleoption = &mt('Enter the course with the ad hoc role of: [_1]',$adhoc[0]);
+                    $roleoption = &mt('Enter the course with the ad hoc role of: [_1]',$rolename);
                 }
             }
         }
@@ -245,14 +249,133 @@ sub print_course_search_page {
 }
 
 sub print_course_selection_page {
-    my ($r,$dom,$domdesc) = @_;
+    my ($r,$dom,$domdesc,$permission) = @_;
     my $type = $env{'form.type'};
     if (!defined($type)) {
         $type = 'Course';
     }
     &print_header($r,$type);
 
-# Criteria for course search 
+    if ($permission->{'adhocrole'} eq 'custom') {
+        my %lt = &Apache::lonlocal::texthash(
+            title    => 'Ad hoc role selection',
+            preamble => 'Please choose an ad hoc role in the course.',
+            cancel   => 'Click "OK" to enter the course, or "Cancel" to choose a different course.',
+        );
+        my %jslt = &Apache::lonlocal::texthash (
+            none => 'You are not eligible to use an ad hoc role for the selected course',
+            ok   => 'OK',
+            exit => 'Cancel',
+        );
+        &js_escape(\%jslt);
+        $r->print(<<"END");
+<script type="text/javascript">
+// <![CDATA[
+\$(document).ready(function(){
+    \$( "#LC_adhocrole_chooser" ).dialog({ autoOpen: false });
+});
+
+function gochoose(cname,cdom,cdesc) {
+    document.courselist.pickedcourse.value = cdom+'_'+cname;
+    \$("#LC_choose_adhoc").empty();
+    var pickedaction = \$('input[name=phase]:checked', '#LCcoursepicker').val();
+    if (pickedaction == 'adhocrole') {
+        var http = new XMLHttpRequest();
+        var url = "/adm/pickcourse";
+        var params = "cid="+cdom+"_"+cname+"&context=adhoc";
+        http.open("POST", url, true);
+        http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+        http.onreadystatechange = function() {
+            if (http.readyState == 4 && http.status == 200) {
+                var data = \$.parseJSON(http.responseText);
+                var len = data.roles.length;
+                if (len == '' || len == null || len == 0) {
+                    alert('$jslt{none}');
+                } else {
+                    if (len == 1) {
+                        \$( '[name="adhocrole"]' )[0].value = data.roles[0].name;
+                        document.courselist.submit();
+                    } else {
+                        var str = '';
+                        \$("#LC_choose_adhoc").empty();
+                        for (var i=0; i<data.roles.length; i++) {
+                            \$("<label><input type='radio' value='"+data.roles[i].name+"' name='LC_get_role' id='LC_get_role_"+i+"' />"+data.roles[i].desc+"</label><span>&nbsp;&nbsp;</span>")
+                            .appendTo("#LC_choose_adhoc");
+                        }
+                        \$( "#LC_adhocrole_chooser" ).toggle( true );
+                        \$( "#LC_get_role_0").prop("checked", true);
+                        \$( "#LC_adhocrole_chooser" ).dialog({ autoOpen: false });
+                        \$( "#LC_adhocrole_chooser" ).dialog("open");
+                        \$( "#LC_adhocrole_chooser" ).dialog({
+                            height: 400,
+                            width: 500,
+                            modal: true,
+                            resizable: false,
+                            buttons: [
+                                  {
+                                   text: "$jslt{'ok'}",
+                                   click: function() {
+                                            var rolename = \$('input[name=LC_get_role]:checked', '#LChelpdeskpicker').val();
+                                            \$( '[name="adhocrole"]' )[0].value = rolename;
+                                            document.courselist.submit();
+                                        }
+                                  },
+                                  {
+                                   text: "$jslt{'exit'}",
+                                   click: function() {
+                                        \$("#LC_adhocrole_chooser").dialog( "close" );
+                                       }
+                                  }
+                            ],
+                        });
+                        \$( "#LC_adhocrole_chooser" ).find( "form" ).on( "submit", function( event ) {
+                            event.preventDefault();
+                            var rolename = \$('input[name=LC_get_role]:checked', '#LChelpdeskpicker').val()
+                            \$( '[name="adhocrole"]' )[0].value = rolename;
+                            document.courselist.submit();
+                            \$("#LC_adhocrole_chooser").dialog( "close" );
+                        });
+                    }
+                }
+            }
+        }
+        http.send(params);
+    } else {
+        document.courselist.submit();
+    }
+    return;
+}
+// ]]>
+</script>
+
+<div id="LC_adhocrole_chooser" title="$lt{'title'}" style="display:none">
+  <p>$lt{'preamble'}</p>
+  <form name="LChelpdeskadhoc" id="LChelpdeskpicker" action="">
+    <div id="LC_choose_adhoc">
+    </div>
+    <input type="hidden" name="adhocrole" id="LCadhocrole" value="" />
+    <input type="submit" tabindex="-1" style="position:absolute; top:-1000px" />
+  </form>
+  <p>$lt{'cancel'}</p>
+</div>
+END
+    } elsif ($permission->{'adhocrole'} eq 'coord') {
+        $r->print(<<"END");
+<script type="text/javascript">
+// <![CDATA[
+
+function gochoose(cname,cdom,cdesc) {
+    document.courselist.pickedcourse.value = cdom+'_'+cname;
+    document.courselist.submit();
+    return;
+}
+
+// ]]>
+</script>
+END
+    }
+
+# Criteria for course search
     my ($filterlist,$filter) = &get_filters();
     my $action = '/adm/modifycourse';
     my $dctitle = &Apache::lonnet::plaintext('dc');
@@ -418,7 +541,7 @@ sub print_modification_menu {
                 linktitle => ''
             },
             {
-                linktext => $linktext{'selfenroll'},,
+                linktext => $linktext{'selfenroll'},
                 icon => 'self_enroll.png',
                 #help => 'Course_Self_Enrollment',
                 url => &phaseurl('selfenroll'),
@@ -497,29 +620,25 @@ sub print_modification_menu {
 }
 
 sub print_adhocrole_selected {
-    my ($r,$type) = @_;
+    my ($r,$type,$permission) = @_;
     &print_header($r,$type);
     my ($cdom,$cnum) = split(/_/,$env{'form.pickedcourse'});
     my ($newrole,$selectrole);
-    if (&Apache::lonnet::allowed('ccc',$cdom)) {
+    if ($permission->{'adhocrole'} eq 'coord') {
         if ($type eq 'Community') {
             $newrole = "co./$cdom/$cnum";
         } else {
             $newrole = "cc./$cdom/$cnum";
         }
         $selectrole = 1;
-    } elsif (&Apache::lonnet::allowed('rar',$cdom)) {
-        my %adhocroles = &Apache::lonnet::userenvironment($env{'user.domain'},$env{'user.name'},
-                                                         'adhocroles.'.$cdom);
-        if (keys(%adhocroles)) {
-            my $possrole = $env{'form.adhocrole'};
-            if ($possrole ne '') {
-                my @adhoc = split(',',$adhocroles{'adhocroles.'.$cdom});
-                if (grep(/^\Q$possrole\E$/,@adhoc)) {
-                    my $confname = &Apache::lonnet::get_domainconfiguser($cdom);
-                    $newrole = "cr/$cdom/$confname/$possrole./$cdom/$cnum";
-                    $selectrole = 1;
-                }
+    } elsif ($permission->{'adhocrole'} eq 'custom') {
+        my ($okroles,$description) = &Apache::lonnet::get_my_adhocroles($env{'form.pickedcourse'},1);      
+        if (ref($okroles) eq 'ARRAY') {
+            my $possrole = $env{'form.adhocrole'}; 
+            if (($possrole ne '') && (grep(/^\Q$possrole\E$/,@{$okroles}))) {
+                my $confname = &Apache::lonnet::get_domainconfiguser($cdom);
+                $newrole = "cr/$cdom/$confname/$possrole./$cdom/$cnum";
+                $selectrole = 1;
             }
         }
     }
@@ -565,9 +684,34 @@ sub print_settings_display {
                      "<th>$lt{'dcon'}</th>\n".
                      &Apache::loncommon::end_data_table_header_row()."\n";
     foreach my $item (@items) {
+        my $shown = $enrollvar{$item};
+        if ($item eq 'crosslistings') {
+            my (@xlists,@lcsecs);
+            foreach my $entry (split(/,/,$enrollvar{$item})) {
+                my ($xlist,$lc_sec) = split(/:/,$entry);
+                push(@xlists,$xlist);
+                push(@lcsecs,$lc_sec);
+            }
+            if (@xlists) {
+                my $crskey = $cnum.':'.$enrollvar{'coursecode'};
+                my %reformatted =
+                    &Apache::lonnet::auto_instsec_reformat($cdom,'declutter',
+                                                           {$crskey => \@xlists});
+                if (ref($reformatted{$crskey}) eq 'ARRAY') {
+                    my @show;
+                    my @xlcodes = @{$reformatted{$crskey}};
+                    for (my $i=0; $i<@xlcodes; $i++) {
+                        push(@show,$xlcodes[$i].':'.$lcsecs[$i]);
+                    }
+                    if (@show) {
+                        $shown = join(',',@show);
+                    }
+                }
+            }
+        }
         $disp_table .= &Apache::loncommon::start_data_table_row()."\n".
                        "<td><b>$longtype{$item}</b></td>\n".
-                       "<td>$enrollvar{$item}</td>\n";
+                       "<td>$shown</td>\n";
         if (grep(/^\Q$item\E$/,@modifiable_params)) {
             $disp_table .= '<td align="right">'.&mt('Yes').'</td>'."\n";
         } else {
@@ -770,7 +914,7 @@ sub print_postsubmit_config {
 $helpitem $lt{'disa'}: 
 <label><input type="radio" name="postsubmit" $checkedon onclick="togglePostsubmit('studentsubmission');" value="1" $disabled />
 $lt{'yes'}</label>&nbsp;&nbsp;
-<label><input type="radio" name="postsubmit" $checkedoff onclick="togglePostsubmit('studentsubmission');" value="0" $disabled/>
+<label><input type="radio" name="postsubmit" $checkedoff onclick="togglePostsubmit('studentsubmission');" value="0" $disabled />
 $lt{'no'}</label>
 <div id="studentsubmission" style="display: $display">
 $lt{'nums'} <input type="text" name="postsubtimeout" value="$postsubtimeout" $disabled /><br />
@@ -917,12 +1061,12 @@ sub print_course_modification_page {
     my %enrollvar = &get_enrollment_settings($cdom,$cnum);
     my %settings = &Apache::lonnet::get('environment',['internal.coursecode','internal.textbook',
                                                        'internal.selfenrollmgrdc','internal.selfenrollmgrcc',
-                                                       'internal.mysqltables'],
-                                        $cdom,$cnum);
+                                                       'internal.mysqltables'],$cdom,$cnum);
     my $type = &Apache::lonuserutils::get_extended_type($cdom,$cnum,$crstype,\%settings);
     my @specific_managebydc = split(/,/,$settings{'internal.selfenrollmgrdc'});
     my @specific_managebycc = split(/,/,$settings{'internal.selfenrollmgrcc'});
     my %domdefaults = &Apache::lonnet::get_domain_defaults($cdom);
+    my %passwdconf = &Apache::lonnet::get_passwdconf($cdom);
     my @default_managebydc = split(/,/,$domdefaults{$type.'selfenrolladmdc'});
     if ($crstype eq 'Community') {
         $ccrole = 'co';
@@ -997,17 +1141,18 @@ sub print_course_modification_page {
     if ($crstype eq 'Community') {
         $r->print(&Apache::lonhtmlcommon::row_title(
                   &Apache::loncommon::help_open_topic('Modify_Community_Owner').
-                  '&nbsp;'.&mt('Community Owner'))."\n");
+                  '&nbsp;'.&mt('Community Owner'))."\n".
+                  $ownertable."\n".&Apache::lonhtmlcommon::row_closure());
     } else {
         $r->print(&Apache::lonhtmlcommon::row_title(
                       &Apache::loncommon::help_open_topic('Modify_Course_Instcode').
                       '&nbsp;'.&mt('Course Code'))."\n".
-                  '<input type="text" size="15" name="coursecode" value="'.$enrollvar{'coursecode'}.'"'.$disabled.'/>'.
+                  '<input type="text" size="15" name="coursecode" value="'.$enrollvar{'coursecode'}.'"'.$disabled.' />'.
                   &Apache::lonhtmlcommon::row_closure());
         if (($crstype eq 'Course') && (&showcredits($cdom))) {
             $r->print(&Apache::lonhtmlcommon::row_title(
                           &Apache::loncommon::help_open_topic('Modify_Course_Credithours').
-                      '&nbsp;'.&mt('Credits (students)'))."\n".
+                          '&nbsp;'.&mt('Credits (students)'))."\n".
                       '<input type="text" size="3" name="defaultcredits" value="'.$enrollvar{'defaultcredits'}.'"'.$disabled.' />'.
                       &Apache::lonhtmlcommon::row_closure());
         }
@@ -1017,8 +1162,21 @@ sub print_course_modification_page {
                   $authenitems."\n".
                   &Apache::lonhtmlcommon::row_closure().
                   &Apache::lonhtmlcommon::row_title(
-                  &Apache::loncommon::help_open_topic('Modify_Course_Owner').
-                     '&nbsp;'.&mt('Course Owner'))."\n");
+                      &Apache::loncommon::help_open_topic('Modify_Course_Owner').
+                      '&nbsp;'.&mt('Course Owner'))."\n".
+                  $ownertable."\n".&Apache::lonhtmlcommon::row_closure());
+        if (($passwdconf{'crsownerchg'}) && ($type ne 'Placement')) {
+            my $checked;
+            if ($enrollvar{'nopasswdchg'}) {
+                $checked = ' checked="checked"';
+            }
+            $r->print(&Apache::lonhtmlcommon::row_title(
+                         &Apache::loncommon::help_open_topic('Modify_Course_Chgpasswd').
+                         '&nbsp;'.&mt('Changing passwords (internal)'))."\n".
+                         '<label><input type="checkbox" value="1" name="nopasswdchg"'.$checked.$disabled.' />'.
+                         &mt('Disable changing password for users with student role by course owner').'<label>'."\n".
+                         &Apache::lonhtmlcommon::row_closure());
+        }
     }
     my ($cctitle,$rolename,$currmanages,$ccchecked,$dcchecked,$defaultchecked);
     my ($selfenrollrows,$selfenrolltitles) = &Apache::lonuserutils::get_selfenroll_titles();
@@ -1028,8 +1186,7 @@ sub print_course_modification_page {
         $cctitle = &mt('Course personnel');
     }
 
-    $r->print($ownertable."\n".&Apache::lonhtmlcommon::row_closure().
-              &Apache::lonhtmlcommon::row_title(
+    $r->print(&Apache::lonhtmlcommon::row_title(
               &Apache::loncommon::help_open_topic('Modify_Course_Selfenrolladmin').
                   '&nbsp;'.&mt('Self-enrollment configuration')).
               &Apache::loncommon::start_data_table()."\n".
@@ -1167,6 +1324,8 @@ sub gather_authenitems {
             $curr_authtype = 'int';
         } elsif ($enrollvar->{'authtype'} eq 'localauth' ) {
             $curr_authtype = 'loc';
+        } elsif ($enrollvar->{'authtype'} eq 'lti' ) {
+            $curr_authtype = 'lti';
         }
     }
     unless ($curr_authtype eq '') {
@@ -1187,7 +1346,8 @@ sub gather_authenitems {
     $authform{'krb'} = &Apache::loncommon::authform_kerberos(%param);
     $authform{'int'} = &Apache::loncommon::authform_internal(%param);
     $authform{'loc'} = &Apache::loncommon::authform_local(%param);
-    foreach my $item ('krb','int','loc') {
+    $authform{'lti'} = &Apache::loncommon::authform_lti(%param);
+    foreach my $item ('krb','int','loc','lti') {
         if ($authform{$item} ne '') {
             $authenitems .= $authform{$item}.'<br />';
         }
@@ -1208,6 +1368,10 @@ sub modify_course {
         if (&showcredits($cdom)) {  
             push(@items,'internal.defaultcredits');
         }
+        my %passwdconf = &Apache::lonnet::get_passwdconf($cdom);
+        if ($passwdconf{'crsownerchg'}) {
+            push(@items,'internal.nopasswdchg');
+        }
     }
     my %settings = &Apache::lonnet::get('environment',\@items,$cdom,$cnum);
     my $description = $settings{'description'};
@@ -1223,6 +1387,7 @@ sub modify_course {
     } else {
         %changed = ( code  => 0,
                      owner => 0,
+                     passwd => 0,
                    );
         $ccrole = 'cc';
         unless ($settings{'internal.sectionnums'} eq '') {
@@ -1253,6 +1418,8 @@ sub modify_course {
             if ((defined($env{'form.locarg'})) && ($env{'form.locarg'})) {
                 $newattr{'autharg'} = $env{'form.locarg'};
             }
+        } elsif ($env{'form.login'} eq 'lti') {
+            $newattr{'authtype'} = 'lti';
         }
         if ( $newattr{'authtype'}=~ /^krb/) {
             if ($newattr{'autharg'}  eq '') {
@@ -1275,9 +1442,21 @@ sub modify_course {
             $newattr{'mysqltables'} = $env{'form.mysqltables'};
             $newattr{'mysqltables'} =~ s/\D+//g;
         }
-        if (($type ne 'Placement') && (&showcredits($cdom) && exists($env{'form.defaultcredits'}))) {
-            $newattr{'defaultcredits'}=$env{'form.defaultcredits'};
-            $newattr{'defaultcredits'} =~ s/[^\d\.]//g;
+        if ($type ne 'Placement') {
+            if (&showcredits($cdom) && exists($env{'form.defaultcredits'})) {
+                $newattr{'defaultcredits'}=$env{'form.defaultcredits'};
+                $newattr{'defaultcredits'} =~ s/[^\d\.]//g;
+            }
+            if (grep(/^nopasswdchg$/,@modifiable_params)) {
+                if ($env{'form.nopasswdchg'}) {
+                    $newattr{'nopasswdchg'} = 1;
+                    unless ($currattr{'nopasswdchg'}) {
+                        $changed{'passwd'} = 1;
+                    }
+                } elsif ($currattr{'nopasswdchg'}) {
+                    $changed{'passwd'} = 1;
+                }
+            }
         }
     }
 
@@ -1312,7 +1491,7 @@ sub modify_course {
         } 
     }
 
-    if ($changed{'owner'} || $changed{'code'}) {
+    if ($changed{'owner'} || $changed{'code'} || $changed{'passwd'}) {
         my %crsinfo = &Apache::lonnet::courseiddump($cdom,'.',1,'.','.',$cnum,
                                                     undef,undef,'.');
         if (ref($crsinfo{$env{'form.pickedcourse'}}) eq 'HASH') {
@@ -1322,10 +1501,29 @@ sub modify_course {
             if ($changed{'owner'}) {
                 $crsinfo{$env{'form.pickedcourse'}}{'owner'} = $env{'form.courseowner'};
             }
+            if ($changed{'passwd'}) {
+                if ($env{'form.nopasswdchg'}) {
+                    $crsinfo{$env{'form.pickedcourse'}}{'nopasswdchg'} = 1;
+                } else {
+                    delete($crsinfo{'nopasswdchg'});
+                }
+            }
             my $chome = &Apache::lonnet::homeserver($cnum,$cdom);
             my $putres = &Apache::lonnet::courseidput($cdom,\%crsinfo,$chome,'notime');
-            if ($putres eq 'ok') {
+            if (($putres eq 'ok') && (($changed{'owner'} || $changed{'code'}))) {
                 &update_coowners($cdom,$cnum,$chome,\%settings,\%newattr);
+                if ($changed{'code'}) {
+                    &Apache::lonnet::devalidate_cache_new('instcats',$cdom);
+                    # Update cache of self-cataloging courses on institution's server(s).
+                    if (&Apache::lonnet::shared_institution($cdom)) {
+                        unless ($registered_cleanup) {
+                            my $handlers = $r->get_handlers('PerlCleanupHandler');
+                            $r->set_handlers('PerlCleanupHandler' => [\&devalidate_remote_instcats,@{$handlers}]);
+                            $registered_cleanup=1;
+                            $modified_dom = $cdom;
+                        }
+                    }
+                }
             }
         }
     }
@@ -1371,6 +1569,12 @@ sub modify_course {
                         $shown = &mt('None');
                     } elsif (($attr eq 'mysqltables') && ($shown eq '')) {
                         $shown = &mt('domain default');
+                    } elsif ($attr eq 'nopasswdchg') {
+                        if ($shown) {
+                            $shown = &mt('Yes');
+                        } else {
+                            $shown = &mt('No');
+                        }
                     }
                     $chgresponse .= '<li>'.&mt('[_1] now set to: [_2]',$longtype{$attr},$shown).'</li>';
                 } else {
@@ -1383,6 +1587,12 @@ sub modify_course {
                         $shown = &mt('None');
                     } elsif (($attr eq 'mysqltables') && ($shown eq '')) {
                         $shown = &mt('domain default');
+                    } elsif ($attr eq 'nopasswdchg') {
+                        if ($shown) {
+                            $shown = &mt('Yes');
+                        } else {
+                            $shown = &mt('No');
+                        }
                     }
                     $nochgresponse .= '<li>'.&mt('[_1] still set to: [_2]',$longtype{$attr},$shown).'</li>';
                 }
@@ -2068,13 +2278,7 @@ function changePage(formname,newphase) {
     if ($phase eq 'setparms') {
 	$js .= $javascript_validations;
     } elsif ($phase eq 'courselist') {
-        $js .= qq|
-
-function gochoose(cname,cdom,cdesc) {
-    document.courselist.pickedcourse.value = cdom+'_'+cname;
-    document.courselist.submit();
-}
-
+        $js .= <<"ENDJS";
 function hide_searching() {
     if (document.getElementById('searching')) {
         document.getElementById('searching').style.display = 'none';
@@ -2082,7 +2286,7 @@ function hide_searching() {
     return;
 }
 
-|;
+ENDJS
     } elsif ($phase eq 'setquota') {
         my $invalid = &mt('The quota you entered contained invalid characters.');
         my $alert = &mt('You must enter a number');
@@ -2305,6 +2509,7 @@ sub course_settings_descrip {
                       'selfenrollmgrdc'  => "Course-specific self-enrollment configuration by Domain Coordinator",
                       'selfenrollmgrcc'  => "Course-specific self-enrollment configuration by Course personnel",
                       'mysqltables'      => '"Temporary" student performance tables lifetime (seconds)',
+                      'nopasswdchg' => 'Disable changing password for users with student role by course owner',
          );
     }
     return %longtype;
@@ -2317,7 +2522,8 @@ sub hidden_form_elements {
           'locarg','krbarg','krbver','counter','hidefromcat','usecategory',
           'threshold','postsubmit','postsubtimeout','defaultcredits','uploadquota',
           'selfenrollmgrdc','selfenrollmgrcc','action','state','currsec_st',
-          'sections','newsec','mysqltables'],['^selfenrollmgr_','^selfenroll_'])."\n".
+          'sections','newsec','mysqltables','nopasswdchg'],
+          ['^selfenrollmgr_','^selfenroll_'])."\n".
           '<input type="hidden" name="prevphase" value="'.$env{'form.phase'}.'" />';
     return $hidden_elements;
 }
@@ -2333,6 +2539,7 @@ sub showcredits {
 sub get_permission {
     my ($dom) = @_;
     my ($allowed,%permission);
+    my %passwdconf = &Apache::lonnet::get_passwdconf($dom);
     if (&Apache::lonnet::allowed('ccc',$dom)) {
         $allowed = 1;
         %permission = (
@@ -2348,7 +2555,11 @@ sub get_permission {
             catsettings       => 'edit',
             processcat        => 'edit',
             selfenroll        => 'edit',
+            adhocrole         => 'coord',
         );
+        if ($passwdconf{'crsownerchg'}) {
+            $permission{passwdchg} = 'edit';
+        }
     } elsif (&Apache::lonnet::allowed('rar',$dom)) {
         $allowed = 1;
         %permission = (
@@ -2359,11 +2570,31 @@ sub get_permission {
             setparms      => 'view',
             catsettings   => 'view',
             selfenroll    => 'view',
+            adhocrole     => 'custom',
         );
+        if ($passwdconf{'crsownerchg'}) {
+            $permission{passwdchg} = 'view';
+        }
     }
     return ($allowed,\%permission);
 }
 
+sub devalidate_remote_instcats {
+    if ($modified_dom ne '') {
+        my %servers = &Apache::lonnet::internet_dom_servers($modified_dom);
+        my %thismachine;
+        map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
+        if (keys(%servers)) {
+            foreach my $server (keys(%servers)) {
+                next if ($thismachine{$server});
+                &Apache::lonnet::remote_devalidate_cache($server,['instcats:'.$modified_dom]);
+            }
+        }
+        $modified_dom = '';
+    }
+    return;
+}
+
 sub handler {
     my $r = shift;
     if ($r->header_only) {
@@ -2372,6 +2603,9 @@ sub handler {
         return OK;
     }
 
+    $registered_cleanup=0;
+    $modified_dom = '';
+
     my $dom = $env{'request.role.domain'};
     my $domdesc = &Apache::lonnet::domain($dom,'description');
     my ($allowed,$permission) = &get_permission($dom);
@@ -2413,7 +2647,7 @@ sub handler {
               {href=>"javascript:changePage(document.$phase,'courselist')",
               text=>$choose_text});
             if ($phase eq 'courselist') {
-                &print_course_selection_page($r,$dom,$domdesc);
+                &print_course_selection_page($r,$dom,$domdesc,$permission);
             } else {
                 my ($checked,$cdesc,$coursehash) = &check_course($dom,$domdesc);
                 if ($checked eq 'ok') {
@@ -2436,7 +2670,7 @@ sub handler {
                         &Apache::lonhtmlcommon::add_breadcrumb
                          ({href=>"javascript:changePage(document.$phase,'adhocrole')",
                            text=>$enter_text});
-                        &print_adhocrole_selected($r,$type);
+                        &print_adhocrole_selected($r,$type,$permission);
                     } else {
                         &Apache::lonhtmlcommon::add_breadcrumb
                         ({href=>"javascript:changePage(document.$phase,'menu')",
@@ -2454,7 +2688,7 @@ sub handler {
                             }
                             &Apache::lonhtmlcommon::add_breadcrumb
                             ({href=>"javascript:changePage(document.$phase,'$phase')",
-                              text=>"$linktext"});
+                              text=>$linktext});
                             &print_setquota($r,$cdom,$cnum,$cdesc,$type,$readonly);
                         } elsif (($phase eq 'processquota') && ($permission->{'processquota'})) { 
                             &Apache::lonhtmlcommon::add_breadcrumb
@@ -2485,7 +2719,7 @@ sub handler {
                             }
                             &Apache::lonhtmlcommon::add_breadcrumb
                             ({href=>"javascript:changePage(document.$phase,'$phase')",
-                              text=>"Configure submit button behavior post-submission"});
+                              text=>$linktext});
                             &print_postsubmit_config($r,$cdom,$cnum,$cdesc,$type,$readonly);
                         } elsif (($phase eq 'processpostsubmit') && ($permission->{'processpostsubmit'})) {
                             &Apache::lonhtmlcommon::add_breadcrumb
@@ -2505,7 +2739,7 @@ sub handler {
                             }
                             &Apache::lonhtmlcommon::add_breadcrumb
                             ({href=>"javascript:changePage(document.$phase,'$phase')",
-                              text=>"$linktext"});
+                              text=>$linktext});
                             &print_course_modification_page($r,$cdom,$cnum,$cdesc,$type,$readonly);
                         } elsif (($phase eq 'processparms') && ($permission->{'processparms'})) {
                             &Apache::lonhtmlcommon::add_breadcrumb