--- loncom/lonnet/perl/lonnet.pm	2006/07/21 19:42:25	1.766
+++ loncom/lonnet/perl/lonnet.pm	2006/09/05 20:42:15	1.778
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.766 2006/07/21 19:42:25 albertel Exp $
+# $Id: lonnet.pm,v 1.778 2006/09/05 20:42:15 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1176,7 +1176,7 @@ sub ssi_body {
     }
     my $output=($filelink=~/^http\:/?&externalssi($filelink):
                                      &ssi($filelink,%form));
-    $output=~s|//(\s*<!--)? BEGIN LON-CAPA Internal.+// END LON-CAPA Internal\s*(-->)?\s||gs;
+    $output=~s|//(\s*<!--)? BEGIN LON-CAPA Internal.+?// END LON-CAPA Internal\s*(-->)?\s||gs;
     $output=~s/^.*?\<body[^\>]*\>//si;
     $output=~s/(.*)\<\/body\s*\>.*?$/$1/si;
     return $output;
@@ -2845,7 +2845,7 @@ sub set_userprivs {
     if (keys(%{$allgroups}) > 0) {
         foreach my $role (keys %{$allroles}) {
             my ($trole,$area,$sec,$extendedarea);
-            if ($role =~ m|^(\w+)\.(/\w+/\w+)(/?\w*)|) {
+            if ($role =~ m-^(\w+|cr/\w+/\w+/\w+)\.(/\w+/\w+)(/?\w*)-) {
                 $trole = $1;
                 $area = $2;
                 $sec = $3;
@@ -3232,14 +3232,17 @@ sub portfolio_access {
 }
 
 sub get_portfolio_access {
-    my ($udom,$unum,$file_name,$group) = @_;
- 
-    my $current_perms = &get_portfile_permissions($udom,$unum);
-    my %access_controls = &get_access_controls($current_perms,$group,
-					       $file_name);
+    my ($udom,$unum,$file_name,$group,$access_hash) = @_;
+
+    if (!ref($access_hash)) {
+	my $current_perms = &get_portfile_permissions($udom,$unum);
+	my %access_controls = &get_access_controls($current_perms,$group,
+						   $file_name);
+	$access_hash = $access_controls{$file_name};
+    }
+
     my ($public,$guest,@domains,@users,@courses,@groups);
     my $now = time;
-    my $access_hash = $access_controls{$file_name};
     if (ref($access_hash) eq 'HASH') {
         foreach my $key (keys(%{$access_hash})) {
             my ($num,$scope,$end,$start) = ($key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
@@ -3471,8 +3474,9 @@ sub allowed {
     
     if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
 # Free bre access to adm and meta resources
-    if (((($uri=~/^adm\//) && ($uri !~ m|/bulletinboard$|)) 
-	 || ($uri=~/\.meta$/)) && ($priv eq 'bre')) {
+    if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard)$})) 
+	 || (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) )) 
+	&& ($priv eq 'bre')) {
 	return 'F';
     }
 
@@ -4070,7 +4074,7 @@ sub auto_run {
     my $response = &reply('autorun:'.$cdom,$homeserver);
     return $response;
 }
-                                                                                   
+
 sub auto_get_sections {
     my ($cnum,$cdom,$inst_coursecode) = @_;
     my $homeserver = &homeserver($cnum,$cdom);
@@ -4081,21 +4085,21 @@ sub auto_get_sections {
     }
     return @secs;
 }
-                                                                                   
+
 sub auto_new_course {
     my ($cnum,$cdom,$inst_course_id,$owner) = @_;
     my $homeserver = &homeserver($cnum,$cdom);
     my $response=&unescape(&reply('autonewcourse:'.$inst_course_id.':'.$owner.':'.$cdom,$homeserver));
     return $response;
 }
-                                                                                   
+
 sub auto_validate_courseID {
     my ($cnum,$cdom,$inst_course_id) = @_;
     my $homeserver = &homeserver($cnum,$cdom);
     my $response=&unescape(&reply('autovalidatecourse:'.$inst_course_id.':'.$cdom,$homeserver));
     return $response;
 }
-                                                                                   
+
 sub auto_create_password {
     my ($cnum,$cdom,$authparam) = @_;
     my $homeserver = &homeserver($cnum,$cdom); 
@@ -4189,33 +4193,49 @@ sub auto_photoupdate {
 sub auto_instcode_format {
     my ($caller,$codedom,$instcodes,$codes,$codetitles,$cat_titles,$cat_order) = @_;
     my $courses = '';
-    my $homeserver;
+    my @homeservers;
     if ($caller eq 'global') {
         foreach my $tryserver (keys %libserv) {
             if ($hostdom{$tryserver} eq $codedom) {
-                $homeserver = $tryserver;
-                last;
+                if (!grep/^\Q$tryserver\E$/,@homeservers) {
+                    push(@homeservers,$tryserver);
+                }
             }
         }
-        if (($env{'user.name'}) && ($env{'user.domain'} eq $codedom)) {
-            $homeserver = &homeserver($env{'user.name'},$codedom);
-        }
     } else {
-        $homeserver = &homeserver($caller,$codedom);
+        push(@homeservers,&homeserver($caller,$codedom));
     }
     foreach (keys %{$instcodes}) {
         $courses .= &escape($_).'='.&escape($$instcodes{$_}).'&';
     }
     chop($courses);
-    my $response=&reply('autoinstcodeformat:'.$codedom.':'.$courses,$homeserver);
-    unless ($response =~ /(con_lost|error|no_such_host|refused)/) {
-        my ($codes_str,$codetitles_str,$cat_titles_str,$cat_order_str) = split/:/,$response;
-        %{$codes} = &str2hash($codes_str);
-        @{$codetitles} = &str2array($codetitles_str);
-        %{$cat_titles} = &str2hash($cat_titles_str);
-        %{$cat_order} = &str2hash($cat_order_str);
+    my $ok_response = 0;
+    my $response;
+    while (@homeservers > 0 && $ok_response == 0) {
+        my $server = shift(@homeservers); 
+        $response=&reply('autoinstcodeformat:'.$codedom.':'.$courses,$server);
+        if ($response !~ /(con_lost|error|no_such_host|refused)/) {
+            my ($codes_str,$codetitles_str,$cat_titles_str,$cat_order_str) = 
+                                                            split/:/,$response;
+            %{$codes} = (%{$codes},&str2hash($codes_str));
+            push(@{$codetitles},&str2array($codetitles_str));
+            %{$cat_titles} = (%{$cat_titles},&str2hash($cat_titles_str));
+            %{$cat_order} = (%{$cat_order},&str2hash($cat_order_str));
+            $ok_response = 1;
+        }
+    }
+    if ($ok_response) {
         return 'ok';
+    } else {
+        return $response;
     }
+}
+
+sub auto_validate_class_sec {
+    my ($cdom,$cnum,$owner,$inst_class) = @_;
+    my $homeserver = &homeserver($cnum,$cdom);
+    my $response=&reply('autovalidateclass_sec:'.$inst_class.':'.
+                        &escape($owner).':'.$cdom,$homeserver);
     return $response;
 }
 
@@ -4911,11 +4931,13 @@ sub get_portfile_permissions {
 
 sub get_access_controls {
     my ($current_permissions,$group,$file) = @_;
-    my %access; 
+    my %access;
+    my $real_file = $file;
+    $file =~ s/\.meta$//;
     if (defined($file)) {
         if (ref($$current_permissions{$file."\0".'accesscontrol'}) eq 'HASH') {
             foreach my $control (keys(%{$$current_permissions{$file."\0".'accesscontrol'}})) {
-                $access{$file}{$control} = $$current_permissions{$file."\0".$control};
+                $access{$real_file}{$control} = $$current_permissions{$file."\0".$control};
             }
         }
     } else {
@@ -5731,6 +5753,9 @@ sub EXT {
 	if (($uname eq $env{'user.name'})&&($udom eq $env{'user.domain'})) {
 	    return $env{'environment.'.$spacequalifierrest};
 	} else {
+	    if ($uname eq 'anonymous' && $udom eq '') {
+		return '';
+	    }
 	    my %returnhash=&userenvironment($udom,$uname,
 					    $spacequalifierrest);
 	    return $returnhash{$spacequalifierrest};
@@ -5881,7 +5906,7 @@ sub metadata {
         my %metathesekeys=();
         unless ($filename=~/\.meta$/) { $filename.='.meta'; }
 	my $metastring;
-	if ($uri !~ m -^(uploaded|editupload)/-) {
+	if ($uri !~ m -^(editupload)/-) {
 	    my $file=&filelocation('',&clutter($filename));
 	    #push(@{$metaentry{$uri.'.file'}},$file);
 	    $metastring=&getfile($file);