--- loncom/lonnet/perl/lonnet.pm	2009/11/05 16:04:22	1.1041
+++ loncom/lonnet/perl/lonnet.pm	2009/11/12 15:58:34	1.1043
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1041 2009/11/05 16:04:22 raeburn Exp $
+# $Id: lonnet.pm,v 1.1043 2009/11/12 15:58:34 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -3908,6 +3908,9 @@ sub custom_roleprivs {
         if (($rdummy ne 'con_lost') && ($roledef ne '')) {
             my ($syspriv,$dompriv,$coursepriv)=split(/\_/,$roledef);
             if (defined($syspriv)) {
+                if ($trest =~ /^$match_community$/) {
+                    $syspriv =~ s/bre\&S//; 
+                }
                 $$allroles{'cm./'}.=':'.$syspriv;
                 $$allroles{$spec.'./'}.=':'.$syspriv;
             }
@@ -5046,7 +5049,7 @@ sub allowed {
     my $courseprivid='';
 
     my $ownaccess;
-    # Community Coordinator browsing resource space.
+    # Community Coordinator or Assistant Co-author browsing resource space.
     if (($priv eq 'bro') && ($env{'user.author'})) {
         if ($uri eq '') {
             $ownaccess = 1;
@@ -5065,7 +5068,7 @@ sub allowed {
                     if ($uri =~ m{^([^/]+)/?$}) {
                         my $adom = $1;
                         foreach my $key (keys(%env)) {
-                            if ($key =~ m{^user\.role\.ca/\Q$adom\E}) {
+                            if ($key =~ m{^user\.role\.(ca|aa)/\Q$adom\E}) {
                                 my ($start,$end) = split('.',$env{$key});
                                 if (($now >= $start) && (!$end || $end < $now)) {
                                     $ownaccess = 1;
@@ -5076,11 +5079,14 @@ sub allowed {
                     } elsif ($uri =~ m{^([^/]+)/([^/]+)/?}) {
                         my $adom = $1;
                         my $aname = $2;
-                        if ($env{"user.role.ca./$adom/$aname"}) {
-                            my ($start,$end) =
-                                split('.',$env{"user.role.ca./$adom/$aname"});
-                            if (($now >= $start) && (!$end || $end < $now)) {
-                                $ownaccess = 1;
+                        foreach my $role ('ca','aa') { 
+                            if ($env{"user.role.$role./$adom/$aname"}) {
+                                my ($start,$end) =
+                                    split('.',$env{"user.role.$role./$adom/$aname"});
+                                if (($now >= $start) && (!$end || $end < $now)) {
+                                    $ownaccess = 1;
+                                    last;
+                                }
                             }
                         }
                     }
@@ -5092,7 +5098,7 @@ sub allowed {
 # Course
 
     if ($env{'user.priv.'.$env{'request.role'}.'./'}=~/\Q$priv\E\&([^\:]*)/) {
-        unless (($priv eq 'bro' && !$ownaccess)) {
+        unless (($priv eq 'bro') && (!$ownaccess)) {
             $thisallowed.=$1;
         }
     }
@@ -5101,7 +5107,7 @@ sub allowed {
 
     if ($env{'user.priv.'.$env{'request.role'}.'./'.(split(/\//,$uri))[0].'/'}
        =~/\Q$priv\E\&([^\:]*)/) {
-        unless (($priv eq 'bro' && !$ownaccess)) {
+        unless (($priv eq 'bro') && (!$ownaccess)) {
             $thisallowed.=$1;
         }
     }
@@ -5113,7 +5119,7 @@ sub allowed {
 
     if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseuri}
        =~/\Q$priv\E\&([^\:]*)/) {
-        unless (($priv eq 'bro' && !$ownaccess)) {
+        unless (($priv eq 'bro') && (!$ownaccess)) {
             $thisallowed.=$1;
         }
     }