--- loncom/lonnet/perl/lonnet.pm	2024/08/19 00:27:52	1.1172.2.146.2.21
+++ loncom/lonnet/perl/lonnet.pm	2024/07/01 23:30:15	1.1172.2.148
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1172.2.146.2.21 2024/08/19 00:27:52 raeburn Exp $
+# $Id: lonnet.pm,v 1.1172.2.148 2024/07/01 23:30:15 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -127,7 +127,7 @@ our @EXPORT = qw(%env);
 	$logid ++;
         my $now = time();
 	my $id=$now.'00000'.$$.'00000'.$logid;
-        my $ip = &get_requestor_ip();
+        my $ip = &get_requestor_ip();  
         my $logentry = {
                          $id => {
                                   'exe_uname' => $env{'user.name'},
@@ -365,63 +365,6 @@ sub remote_devalidate_cache {
     return &reply('devalidatecache:'.&escape($cachestr),$lonhost);
 }
 
-sub sign_lti {
-    my ($cdom,$cnum,$crsdef,$type,$context,$url,$ltinum,$keynum,$paramsref,$inforef) = @_;
-    my $chome;
-    if (&domain($cdom) ne '') {
-        if ($crsdef) {
-            $chome = &homeserver($cnum,$cdom);
-        } else {
-            $chome = &domain($cdom,'primary');
-        }
-    }
-    if ($cdom && $chome && ($chome ne 'no_host')) {
-        if ((ref($paramsref) eq 'HASH') &&
-            (ref($inforef) eq 'HASH')) {
-            my $rep;
-            if (grep { $_ eq $chome } &current_machine_ids()) {
-                # domain information is hosted on this machine
-                $rep =
-                    &LONCAPA::Lond::sign_lti_payload($cdom,$cnum,$crsdef,$type,
-                                                     $context,$url,$ltinum,$keynum,
-                                                     $perlvar{'lonVersion'},
-                                                     $paramsref,$inforef);
-                if (ref($rep) eq 'HASH') {
-                    return ('ok',$rep);
-                }
-            } else {
-                my ($escurl,$params,$info);
-                $escurl = &escape($url);
-                if (ref($paramsref) eq 'HASH') {
-                    $params = &freeze_escape($paramsref);
-                }
-                if (ref($inforef) eq 'HASH') {
-                    $info = &freeze_escape($inforef);
-                }
-                $rep=&reply("encrypt:signlti:$cdom:$cnum:$crsdef:$type:$context:$escurl:$ltinum:$keynum:$params:$info",$chome);
-            }
-            if (($rep eq '') || ($rep =~ /^con_lost|error|no_such_host|unknown_cmd/i)) {
-                return ();
-            } elsif (($inforef->{'respfmt'} eq 'to_post_body') ||
-                     ($inforef->{'respfmt'} eq 'to_authorization_header')) {
-                return ('ok',$rep);
-            } else {
-                my %returnhash;
-                foreach my $item (split(/\&/,$rep)) {
-                    my ($name,$value)=split(/\=/,$item);
-                    $returnhash{&unescape($name)}=&thaw_unescape($value);
-                }
-                return('ok',\%returnhash);
-            }
-        } else {
-            return ();
-        }
-    } else {
-        return ();
-        &logthis("sign_lti failed - no homeserver and/or domain ($cdom) ($chome)");
-    }
-}
-
 # -------------------------------------------------- Non-critical communication
 sub subreply {
     my ($cmd,$server)=@_;
@@ -475,15 +418,14 @@ sub reply {
             my $subcmd = $1;
             if (($subcmd eq 'auth') || ($subcmd eq 'passwd') ||
                 ($subcmd eq 'changeuserauth') || ($subcmd eq 'makeuser') ||
-                ($subcmd eq 'putdom') || ($subcmd eq 'autoexportgrades') ||
-                ($subcmd eq 'put')) {
+                ($subcmd eq 'putdom') || ($subcmd eq 'autoexportgrades')) {
                 (undef,undef,my @rest) = split(/:/,$cmd);
                 if (($subcmd eq 'auth') || ($subcmd eq 'putdom')) {
                     splice(@rest,2,1,'Hidden');
                 } elsif ($subcmd eq 'passwd') {
                     splice(@rest,2,2,('Hidden','Hidden'));
                 } elsif (($subcmd eq 'changeuserauth') || ($subcmd eq 'makeuser') ||
-                         ($subcmd eq 'autoexportgrades') || ($subcmd eq 'put')) {
+                         ($subcmd eq 'autoexportgrades')) {
                     splice(@rest,3,1,'Hidden');
                 }
                 $logged = join(':',('encrypt:'.$subcmd,@rest));
@@ -752,11 +694,6 @@ sub check_for_valid_session {
         if ($disk_env{'request.role'}) {
             $userhashref->{'role'} = $disk_env{'request.role'};
         }
-        $userhashref->{'lti'} = $disk_env{'request.lti.login'};
-        if ($userhashref->{'lti'}) {
-            $userhashref->{'ltitarget'} = $disk_env{'request.lti.target'};
-            $userhashref->{'ltiuri'} = $disk_env{'request.lti.uri'};
-        }
     }
     untie(%disk_env);
 
@@ -1098,20 +1035,6 @@ sub find_existing_session {
     return;
 }
 
-sub delusersession {
-    my ($lonid,$udom,$uname) = @_;
-    my $uprimary_id = &domain($udom,'primary');
-    my $uintdom = &internet_dom($uprimary_id);
-    my $intdom = &internet_dom($lonid);
-    my $serverhomedom = &host_domain($lonid);
-    if (($uintdom ne '') && ($uintdom eq $intdom)) {
-        return &reply(join(':','delusersession',
-                            map {&escape($_)} ($udom,$uname)),$lonid);
-    }
-    return;
-}
-
-
 # check if user's browser sent load balancer cookie and server still has session
 # and is not overloaded.
 sub check_for_balancer_cookie {
@@ -1386,29 +1309,6 @@ sub authenticate {
     return 'no_host';
 }
 
-sub can_switchserver {
-    my ($udom,$home) = @_;
-    my ($canswitch,@intdoms);
-    my $internet_names = &get_internet_names($home);
-    if (ref($internet_names) eq 'ARRAY') {
-        @intdoms = @{$internet_names};
-    }
-    my $uint_dom = &internet_dom(&domain($udom,'primary'));
-    if ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) {
-        $canswitch = 1;
-    } else {
-         my $serverhomeID = &get_server_homeID(&hostname($home));
-         my $serverhomedom = &host_domain($serverhomeID);
-         my %defdomdefaults = &get_domain_defaults($serverhomedom);
-         my %udomdefaults = &get_domain_defaults($udom);
-         my $remoterev = &get_server_loncaparev('',$home);
-         $canswitch = &can_host_session($udom,$home,$remoterev,
-                                        $udomdefaults{'remotesessions'},
-                                        $defdomdefaults{'hostedsessions'});
-    }
-    return $canswitch;
-}
-
 sub can_host_session {
     my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;
     my $canhost = 1;
@@ -1982,7 +1882,7 @@ sub dump_dom {
 # ------------------------------------------ get items from domain db files   
 
 sub get_dom {
-    my ($namespace,$storearr,$udom,$uhome,$encrypt)=@_;
+    my ($namespace,$storearr,$udom,$uhome)=@_;
     return if ($udom eq 'public');
     my $items='';
     foreach my $item (@$storearr) {
@@ -2009,12 +1909,8 @@ sub get_dom {
         if (grep { $_ eq $uhome } &current_machine_ids()) {
             # domain information is hosted on this machine
             $rep = &LONCAPA::Lond::get_dom("getdom:$udom:$namespace:$items");
-        } else {
-            if ($encrypt) {
-                $rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
-            } else {
-                $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
-            }
+        } else {        
+            $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
         }
         my %returnhash;
         if ($rep eq '' || $rep =~ /^error: 2 /) {
@@ -2038,7 +1934,7 @@ sub get_dom {
 # -------------------------------------------- put items in domain db files 
 
 sub put_dom {
-    my ($namespace,$storehash,$udom,$uhome,$encrypt)=@_;
+    my ($namespace,$storehash,$udom,$uhome)=@_;
     if (!$udom) {
         $udom=$env{'user.domain'};
         if (defined(&domain($udom,'primary'))) {
@@ -2059,11 +1955,7 @@ sub put_dom {
             $items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
         }
         $items=~s/\&$//;
-        if ($encrypt) {
-            return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);
-        } else {
-            return &reply("putdom:$udom:$namespace:$items",$uhome);
-        }
+        return &reply("putdom:$udom:$namespace:$items",$uhome);
     } else {
         &logthis("put_dom failed - no homeserver and/or domain");
     }
@@ -2097,57 +1989,6 @@ sub del_dom {
     }
 }
 
-sub store_dom {
-    my ($storehash,$id,$namespace,$dom,$home,$encrypt) = @_;
-    $$storehash{'ip'}=&get_requestor_ip();
-    $$storehash{'host'}=$perlvar{'lonHostID'};
-    my $namevalue='';
-    foreach my $key (keys(%{$storehash})) {
-        $namevalue.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';
-    }
-    $namevalue=~s/\&$//;
-    if (grep { $_ eq $home } current_machine_ids()) {
-        return LONCAPA::Lond::store_dom("storedom:$dom:$namespace:$id:$namevalue");
-    } else {
-        if ($namespace eq 'private') {
-            return 'refused';
-        } elsif ($encrypt) {
-            return reply("encrypt:storedom:$dom:$namespace:$id:$namevalue",$home);
-        } else {
-            return reply("storedom:$dom:$namespace:$id:$namevalue",$home);
-        }
-    }
-}
-
-sub restore_dom {
-    my ($id,$namespace,$dom,$home,$encrypt) = @_;
-    my $answer;
-    if (grep { $_ eq $home } current_machine_ids()) {
-        $answer = LONCAPA::Lond::restore_dom("restoredom:$dom:$namespace:$id");
-    } elsif ($namespace ne 'private') {
-        if ($encrypt) {
-            $answer=&reply("encrypt:restoredom:$dom:$namespace:$id",$home);
-        } else {
-            $answer=&reply("restoredom:$dom:$namespace:$id",$home);
-        }
-    }
-    my %returnhash=();
-    unless (($answer eq '') || ($answer eq 'con_lost') || ($answer eq 'refused') ||
-            ($answer eq 'unknown_cmd') || ($answer eq 'rejected')) {
-        foreach my $line (split(/\&/,$answer)) {
-            my ($name,$value)=split(/\=/,$line);
-            $returnhash{&unescape($name)}=&thaw_unescape($value);
-        }
-        my $version;
-        for ($version=1;$version<=$returnhash{'version'};$version++) {
-            foreach my $item (split(/\:/,$returnhash{$version.':keys'})) {
-                $returnhash{$item}=$returnhash{$version.':'.$item};
-            }
-        }
-    }
-    return %returnhash;
-}
-
 # ----------------------------------construct domainconfig user for a domain 
 sub get_domainconfiguser {
     my ($udom) = @_;
@@ -2426,14 +2267,14 @@ sub inst_rulecheck {
                     $response=&unescape(&reply('instidrulecheck:'.&escape($udom).
                                               ':'.&escape($id).':'.$rulestr,
                                               $homeserver));
-                } elsif ($item eq 'unamemap') {
-                    $response=&unescape(&reply('instunamemapcheck:'.
-                                               &escape($udom).':'.&escape($uname).
-                                              ':'.$rulestr,$homeserver));
                 } elsif ($item eq 'selfcreate') {
                     $response=&unescape(&reply('instselfcreatecheck:'.
                                                &escape($udom).':'.&escape($uname).
                                               ':'.$rulestr,$homeserver));
+                } elsif ($item eq 'unamemap') {
+                    $response=&unescape(&reply('instunamemapcheck:'.
+                                               &escape($udom).':'.&escape($uname).
+                                              ':'.$rulestr,$homeserver));
                 }
                 if ($response ne 'refused') {
                     my @pairs=split(/\&/,$response);
@@ -2510,11 +2351,9 @@ sub get_domain_defaults {
          &Apache::lonnet::get_dom('configuration',['defaults','quotas',
                                   'requestcourses','inststatus',
                                   'coursedefaults','usersessions',
-                                  'requestauthor','authordefaults',
-                                  'selfenrollment','coursecategories',
-                                  'autoenroll','helpsettings',
-                                  'wafproxy','ltisec','toolsec',
-                                  'domexttool','exttool'],$domain);
+                                  'requestauthor','selfenrollment',
+                                  'coursecategories','autoenroll',
+                                  'helpsettings','wafproxy'],$domain);
     my @coursetypes = ('official','unofficial','community','textbook');
     if (ref($domconfig{'defaults'}) eq 'HASH') {
         $domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'}; 
@@ -2523,8 +2362,6 @@ sub get_domain_defaults {
         $domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};
         $domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};
         $domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};
-        $domdefaults{'portal_def_email'} = $domconfig{'defaults'}{'portal_def_email'};
-        $domdefaults{'portal_def_web'} = $domconfig{'defaults'}{'portal_def_web'};
         $domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};
         $domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};
         $domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};
@@ -2555,17 +2392,6 @@ sub get_domain_defaults {
             $domdefaults{$item} = $domconfig{'requestcourses'}{$item};
         }
     }
-    if (ref($domconfig{'authordefaults'}) eq 'HASH') {
-        foreach my $item ('nocodemirror','copyright','sourceavail','domcoordacc','editors') {
-            if ($item eq 'editors') {
-                if (ref($domconfig{'authordefaults'}{'editors'}) eq 'ARRAY') {
-                    $domdefaults{$item} = join(',',@{$domconfig{'authordefaults'}{'editors'}});
-                }
-            } else {
-                $domdefaults{$item} = $domconfig{'authordefaults'}{$item};
-            }
-        }
-    }
     if (ref($domconfig{'requestauthor'}) eq 'HASH') {
         $domdefaults{'requestauthor'} = $domconfig{'requestauthor'};
     }
@@ -2590,25 +2416,12 @@ sub get_domain_defaults {
             if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
                 $domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};
             }
-            if (ref($domconfig{'coursedefaults'}{'coursequota'}) eq 'HASH') {
-                $domdefaults{$type.'coursequota'} = $domconfig{'coursedefaults'}{'coursequota'}{$type};
-            }
             if ($domdefaults{'postsubmit'} eq 'on') {
                 if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
                     $domdefaults{$type.'postsubtimeout'} =
                         $domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
                 }
             }
-            if (ref($domconfig{'coursedefaults'}{'domexttool'}) eq 'HASH') {
-                $domdefaults{$type.'domexttool'} = $domconfig{'coursedefaults'}{'domexttool'}{$type};
-            } else {
-                $domdefaults{$type.'domexttool'} = 1;
-            }
-            if (ref($domconfig{'coursedefaults'}{'exttool'}) eq 'HASH') {
-                $domdefaults{$type.'exttool'} = $domconfig{'coursedefaults'}{'exttool'}{$type};
-            } else {
-                $domdefaults{$type.'exttool'} = 0;
-            }
         }
         if (ref($domconfig{'coursedefaults'}{'canclone'}) eq 'HASH') {
             if (ref($domconfig{'coursedefaults'}{'canclone'}{'instcode'}) eq 'ARRAY') {
@@ -2623,9 +2436,6 @@ sub get_domain_defaults {
         if ($domconfig{'coursedefaults'}{'texengine'}) {
             $domdefaults{'texengine'} = $domconfig{'coursedefaults'}{'texengine'};
         }
-        if (exists($domconfig{'coursedefaults'}{'ltiauth'})) {
-            $domdefaults{'crsltiauth'} = $domconfig{'coursedefaults'}{'ltiauth'};
-        }
     }
     if (ref($domconfig{'usersessions'}) eq 'HASH') {
         if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {
@@ -2696,40 +2506,6 @@ sub get_domain_defaults {
             }
         }
     }
-    if (ref($domconfig{'ltisec'}) eq 'HASH') {
-        if (ref($domconfig{'ltisec'}{'encrypt'}) eq 'HASH') {
-            $domdefaults{'linkprotenc_crs'} = $domconfig{'ltisec'}{'encrypt'}{'crs'};
-            $domdefaults{'linkprotenc_dom'} = $domconfig{'ltisec'}{'encrypt'}{'dom'};
-            $domdefaults{'ltienc_consumers'} = $domconfig{'ltisec'}{'encrypt'}{'consumers'};
-        }
-        if (ref($domconfig{'ltisec'}{'private'}) eq 'HASH') {
-            if (ref($domconfig{'ltisec'}{'private'}{'keys'}) eq 'ARRAY') {
-                $domdefaults{'ltiprivhosts'} = $domconfig{'ltisec'}{'private'}{'keys'};
-            }
-        }
-        if (ref($domconfig{'ltisec'}{'suggested'}) eq 'HASH') {
-            my %suggestions = %{$domconfig{'ltisec'}{'suggested'}};
-            foreach my $item (keys(%{$domconfig{'ltisec'}{'suggested'}})) {
-                unless (ref($domconfig{'ltisec'}{'suggested'}{$item}) eq 'HASH') {
-                    delete($suggestions{$item});
-                }
-            }
-            if (keys(%suggestions)) {
-                $domdefaults{'linkprotsuggested'} = \%suggestions;
-            }
-        }
-    }
-    if (ref($domconfig{'toolsec'}) eq 'HASH') {
-        if (ref($domconfig{'toolsec'}{'encrypt'}) eq 'HASH') {
-            $domdefaults{'toolenc_crs'} = $domconfig{'toolsec'}{'encrypt'}{'crs'};
-            $domdefaults{'toolenc_dom'} = $domconfig{'toolsec'}{'encrypt'}{'dom'};
-        }
-        if (ref($domconfig{'toolsec'}{'private'}) eq 'HASH') {
-            if (ref($domconfig{'toolsec'}{'private'}{'keys'}) eq 'ARRAY') {
-                $domdefaults{'toolprivhosts'} = $domconfig{'toolsec'}{'private'}{'keys'};
-            }
-        }
-    }
     &do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
     return %domdefaults;
 }
@@ -2766,7 +2542,6 @@ sub get_dom_instcats {
             if (&auto_instcode_format($caller,$dom,\%coursecodes,\%codes,
                                       \@codetitles,\%cat_titles,\%cat_order) eq 'ok') {
                 $instcats = {
-                                totcodes => $totcodes,
                                 codes => \%codes,
                                 codetitles => \@codetitles,
                                 cat_titles => \%cat_titles,
@@ -2817,44 +2592,6 @@ sub get_passwdconf {
     return %passwdconf;
 }
 
-sub course_portal_url {
-    my ($cnum,$cdom,$r) = @_;
-    my $chome = &homeserver($cnum,$cdom);
-    my $hostname = &hostname($chome);
-    my $protocol = $protocol{$chome};
-    $protocol = 'http' if ($protocol ne 'https');
-    my %domdefaults = &get_domain_defaults($cdom);
-    my $firsturl;
-    if ($domdefaults{'portal_def'}) {
-        $firsturl = $domdefaults{'portal_def'};
-    } else {
-        my $alias = &Apache::lonnet::use_proxy_alias($r,$chome);
-        $hostname = $alias if ($alias ne '');
-        $firsturl = $protocol.'://'.$hostname;
-    }
-    return $firsturl;
-}
-
-sub url_prefix {
-    my ($r,$dom,$home,$context) = @_;
-    my $prefix;
-    my %domdefs = &get_domain_defaults($dom);
-    if ($domdefs{'portal_def'} && $domdefs{'portal_def_'.$context}) {
-        if ($domdefs{'portal_def'} =~ m{^(https?://[^/]+)}) {
-            $prefix = $1;
-        }
-    }
-    if ($prefix eq '') {
-        my $hostname = &hostname($home);
-        my $protocol = $protocol{$home};
-        $protocol = 'http' if ($protocol{$home} ne 'https');
-        my $alias = &use_proxy_alias($r,$home);
-        $hostname = $alias if ($alias ne '');
-        $prefix = $protocol.'://'.$hostname;
-    }
-    return $prefix;
-}
-
 # --------------------------------------------------- Assign a key to a student
 
 sub assign_access_key {
@@ -3766,14 +3503,6 @@ sub can_edit_resource {
                             $cfile =  '/adm/wrapper'.$resurl;
                         }
                     }
-                } elsif ($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) {
-                    $incourse = 1;
-                    if ($env{'form.forceedit'}) {
-                        $forceview = 1;
-                    } else {
-                        $forceedit = 1;
-                    }
-                    $cfile = $resurl;
                 } elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
                     $incourse = 1;
                     if ($env{'form.forceedit'}) {
@@ -3798,14 +3527,6 @@ sub can_edit_resource {
                     $forceedit = 1;
                 }
                 $cfile = $resurl;
-            } elsif (($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
-                $incourse = 1;
-                if ($env{'form.forceedit'}) {
-                    $forceview = 1;
-                } else {
-                    $forceedit = 1;
-                }
-                $cfile = $resurl;
             } elsif (($resurl eq '/adm/extresedit') && ($symb || $env{'form.folderpath'})) {
                 $incourse = 1;
                 $forceview = 1;
@@ -3815,13 +3536,8 @@ sub can_edit_resource {
                     $cfile = &clutter($res);
                 } else {
                     $cfile = $env{'form.suppurl'};
-                    my $escfile = &unescape($cfile);
-                    if ($escfile =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
-                        $cfile = '/adm/wrapper'.$escfile;
-                    } else {
-                        $escfile =~ s{^http://}{};
-                        $cfile = &escape("/adm/wrapper/ext/$escfile");
-                    }
+                    $cfile =~ s{^http://}{};
+                    $cfile = '/adm/wrapper/ext/'.$cfile;
                 }
             } elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
                 if ($env{'form.forceedit'}) {
@@ -4117,7 +3833,7 @@ sub resizeImage {
 # input: $formname - the contents of the file are in $env{"form.$formname"}
 #                    the desired filename is in $env{"form.$formname.filename"}
 #        $context - possible values: coursedoc, existingfile, overwrite, 
-#                                    canceloverwrite, scantron, toollogo or ''. 
+#                                    canceloverwrite, scantron or ''. 
 #                   if 'coursedoc': upload to the current course
 #                   if 'existingfile': write file to tmp/overwrites directory 
 #                   if 'canceloverwrite': delete file written to tmp/overwrites directory
@@ -4129,8 +3845,8 @@ sub resizeImage {
 #                          Section => 4, CODE => 5, FirstQuestion => 9 }).
 #        $allfiles - reference to hash for embedded objects
 #        $codebase - reference to hash for codebase of java objects
-#        $destuname - username for permanent storage of uploaded file
-#        $destudom - domain for permanaent storage of uploaded file
+#        $desuname - username for permanent storage of uploaded file
+#        $dsetudom - domain for permanaent storage of uploaded file
 #        $thumbwidth - width (pixels) of thumbnail to make for uploaded image 
 #        $thumbheight - height (pixels) of thumbnail to make for uploaded image
 #        $resizewidth - width (pixels) to which to resize uploaded image
@@ -4340,24 +4056,11 @@ sub finishuserfileupload {
     if (($thumbwidth =~ /^\d+$/) && ($thumbheight =~ /^\d+$/)) {
         my $input = $filepath.'/'.$file;
         my $output = $filepath.'/'.'tn-'.$file;
-        my $makethumb;
         my $thumbsize = $thumbwidth.'x'.$thumbheight;
-        if ($context eq 'toollogo') {
-            my ($fullwidth,$fullheight) = &check_dimensions($input);
-            if ($fullwidth ne '' && $fullheight ne '') {
-                if ($fullwidth > $thumbwidth && $fullheight > $thumbheight) {
-                    $makethumb = 1;
-                }
-            }
-        } else {
-            $makethumb = 1;
-        }
-        if ($makethumb) {
-            my @args = ('convert','-sample',$thumbsize,$input,$output);
-            system({$args[0]} @args);
-            if (-e $filepath.'/'.'tn-'.$file) {
-                $fetchthumb  = 1;
-            }
+        my @args = ('convert','-sample',$thumbsize,$input,$output);
+        system({$args[0]} @args);
+        if (-e $filepath.'/'.'tn-'.$file) {
+            $fetchthumb  = 1; 
         }
     }
  
@@ -4589,30 +4292,6 @@ sub embedded_dependency {
     return;
 }
 
-sub check_dimensions {
-    my ($inputfile) = @_;
-    my ($fullwidth,$fullheight);
-    if (($inputfile =~ m|^[/\w.\-]+$|) && (-e $inputfile)) {
-        my $mm = new File::MMagic;
-        my $mime_type = $mm->checktype_filename($inputfile);
-        if ($mime_type =~ m{^image/}) {
-            if (open(PIPE,"identify $inputfile 2>&1 |")) {
-                my $imageinfo = <PIPE>;
-                if (!close(PIPE)) {
-                    &Apache::lonnet::logthis("Failed to close PIPE opened to retrieve image information for $inputfile");
-                }
-                chomp($imageinfo);
-                my ($fullsize) =
-                    ($imageinfo =~ /^\Q$inputfile\E\s+\w+\s+(\d+x\d+)/);
-                if ($fullsize) {
-                    ($fullwidth,$fullheight) = split(/x/,$fullsize);
-                }
-            }
-        }
-    }
-    return ($fullwidth,$fullheight);
-}
-
 sub bubblesheet_converter {
     my ($cdom,$fullpath,$config,$format) = @_;
     if ((&domain($cdom) ne '') &&
@@ -4849,7 +4528,6 @@ sub get_scantronformat_file {
                 close($fh);
             }
         }
-        chomp(@lines);
     }
     return @lines;
 }
@@ -4976,7 +4654,7 @@ sub flushcourselogs {
 # Typo in rev. 1.458 (2003/12/09)??
 # These should likely by $env{'course.'.$cid.'.domain'} and $env{'course.'.$cid.'.num'}
 #
-# While these remain as $env{'request.'.$cid.'.domain'} and $env{'request.'.$cid.'.num'}
+# While these ramain as  $env{'request.'.$cid.'.domain'} and $env{'request.'.$cid.'.num'}
 # $dom and $name will always be null, so the &inc() call will default to storing this data
 # in a nohist_accesscount.db file for the user rather than the course.
 #
@@ -5205,36 +4883,6 @@ sub courserolelog {
             $storehash{'group'} = $sec;
         } else {
             $storehash{'section'} = $sec;
-            my ($curruserdomstr,$newuserdomstr);
-            if (exists($env{'course.'.$cdom.'_'.$cnum.'.internal.userdomains'})) {
-                $curruserdomstr = $env{'course.'.$env{'request.course.id'}.'.internal.userdomains'};
-            } else {
-                my %courseinfo = &coursedescription($cdom.'/'.$cnum);
-                $curruserdomstr = $courseinfo{'internal.userdomains'};
-            }
-            if ($curruserdomstr ne '') {
-                my @udoms = split(/,/,$curruserdomstr);
-                unless (grep(/^\Q$domain\E/,@udoms)) {
-                    push(@udoms,$domain);
-                    $newuserdomstr = join(',',sort(@udoms));
-                }
-            } else {
-                $newuserdomstr = $domain;
-            }
-            if ($newuserdomstr ne '') {
-                my $putresult = &put('environment',{ 'internal.userdomains' => $newuserdomstr },
-                                     $cdom,$cnum);
-                if ($putresult eq 'ok') {
-                    unless (($selfenroll) || ($context eq 'selfenroll')) {
-                        if (($context eq 'createcourse') || ($context eq 'requestcourses') ||
-                            ($context eq 'automated') || ($context eq 'domain')) {
-                            $env{'course.'.$cdom.'_'.$cnum.'.internal.userdomains'} = $newuserdomstr;
-                        } elsif ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
-                            &appenv({'course.'.$cdom.'_'.$cnum.'.internal.userdomains' => $newuserdomstr});
-                        }
-                    }
-                }
-            }
         }
         &write_log('course',$namespace,\%storehash,$delflag,$username,
                    $domain,$cnum,$cdom);
@@ -5893,10 +5541,9 @@ my %cachedtimes=();
 my $cachedtime='';
 
 sub load_all_first_access {
-    my ($uname,$udom,$ignorecache)=@_;
+    my ($uname,$udom)=@_;
     if (($cachedkey eq $uname.':'.$udom) &&
-        (abs($cachedtime-time)<5) && (!$env{'form.markaccess'}) &&
-        (!$ignorecache)) {
+        (abs($cachedtime-time)<5) && (!$env{'form.markaccess'})) {
         return;
     }
     $cachedtime=time;
@@ -5905,7 +5552,7 @@ sub load_all_first_access {
 }
 
 sub get_first_access {
-    my ($type,$argsymb,$argmap,$ignorecache)=@_;
+    my ($type,$argsymb,$argmap)=@_;
     my ($symb,$courseid,$udom,$uname)=&whichuser();
     if ($argsymb) { $symb=$argsymb; }
     my ($map,$id,$res)=&decode_symb($symb);
@@ -5917,7 +5564,7 @@ sub get_first_access {
     } else {
 	$res=$symb;
     }
-    &load_all_first_access($uname,$udom,$ignorecache);
+    &load_all_first_access($uname,$udom);
     return $cachedtimes{"$courseid\0$res"};
 }
 
@@ -6743,7 +6390,7 @@ sub rolesinit {
     my %firstaccess = &dump('firstaccesstimes', $domain, $username);
     my %timerinterval = &dump('timerinterval', $domain, $username);
     my (%coursetimerstarts, %firstaccchk, %firstaccenv, %coursetimerintervals,
-        %timerintchk, %timerintenv,%coauthorenv);
+        %timerintchk, %timerintenv);
 
     foreach my $key (keys(%firstaccess)) {
         my ($cid, $rest) = split(/\0/, $key);
@@ -6757,8 +6404,6 @@ sub rolesinit {
 
     my %allroles=();
     my %allgroups=();
-    my %gotcoauconfig=();
-    my %domdefaults=();
 
     for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
         my $role = $rolesdump{$area};
@@ -6810,37 +6455,6 @@ sub rolesinit {
         } else {
         # Normal role, defined in roles.tab
             &standard_roleprivs(\%allroles,$trole,$tdomain,$spec,$trest,$area);
-            if (($trole eq 'ca') || ($trole eq 'aa')) {
-                (undef,my ($audom,$auname)) = split(/\//,$area);
-                unless ($gotcoauconfig{$area}) {
-                    my @ca_settings = ('authoreditors');
-                    my %info = &userenvironment($audom,$auname,@ca_settings);
-                    $gotcoauconfig{$area} = 1;
-                    foreach my $item (@ca_settings) {
-                        if (exists($info{$item})) {
-                            my $name = $item;
-                            if ($item eq 'authoreditors') {
-                                $name = 'editors';
-                                unless ($info{'authoreditors'}) {
-                                    my %domdefs;
-                                    if (ref($domdefaults{$audom}) eq 'HASH') {
-                                        %domdefs = %{$domdefaults{$audom}};
-                                    } else {
-                                        %domdefs = &get_domain_defaults($audom);
-                                        $domdefaults{$audom} = \%domdefs;
-                                    }
-                                    if ($domdefs{$name} ne '') {
-                                        $info{'authoreditors'} = $domdefs{$name};
-                                    } else {
-                                        $info{'authoreditors'} = 'edit,xml';
-                                    }
-                                }
-                            }
-                            $coauthorenv{"environment.internal.$name.$area"} = $info{$item};
-                        }
-                    }
-                }
-            }
         }
 
         my $cid = $tdomain.'_'.$trest;
@@ -6869,7 +6483,7 @@ sub rolesinit {
     $env{'user.adv'} = $userroles{'user.adv'};
     $env{'user.rar'} = $userroles{'user.rar'};
 
-    return (\%userroles,\%firstaccenv,\%timerintenv,\%coauthorenv);
+    return (\%userroles,\%firstaccenv,\%timerintenv);
 }
 
 sub set_arearole {
@@ -6930,31 +6544,31 @@ sub course_adhocrole_privs {
             $full{$priv} = $restrict;
         }
         foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {
-            next if ($item eq '');
-            my ($rule,$rest) = split(/=/,$item);
-            next unless (($rule eq 'off') || ($rule eq 'on'));
-            foreach my $priv (split(/:/,$rest)) {
-                if ($priv ne '') {
-                    if ($rule eq 'off') {
-                        $possremove{$priv} = 1;
-                    } else {
-                        $possadd{$priv} = 1;
-                    }
-                }
-            }
-        }
-        foreach my $priv (sort(keys(%full))) {
-            if (exists($currprivs{$priv})) {
-                unless (exists($possremove{$priv})) {
-                    $storeprivs{$priv} = $currprivs{$priv};
-                }
-            } elsif (exists($possadd{$priv})) {
-                $storeprivs{$priv} = $full{$priv};
-            }
-        }
-        $coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
-    }
-    return $coursepriv;
+             next if ($item eq '');
+             my ($rule,$rest) = split(/=/,$item);
+             next unless (($rule eq 'off') || ($rule eq 'on'));
+             foreach my $priv (split(/:/,$rest)) {
+                 if ($priv ne '') {
+                     if ($rule eq 'off') {
+                         $possremove{$priv} = 1;
+                     } else {
+                         $possadd{$priv} = 1;
+                     }
+                 }
+             }
+         }
+         foreach my $priv (sort(keys(%full))) {
+             if (exists($currprivs{$priv})) {
+                 unless (exists($possremove{$priv})) {
+                     $storeprivs{$priv} = $currprivs{$priv};
+                 }
+             } elsif (exists($possadd{$priv})) {
+                 $storeprivs{$priv} = $full{$priv};
+             }
+         }
+         $coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
+     }
+     return $coursepriv;
 }
 
 sub group_roleprivs {
@@ -7218,8 +6832,7 @@ sub set_adhoc_privileges {
     my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%rolehash);
     &appenv(\%userroles,[$role,'cm']);
     &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
-    unless (($caller eq 'constructaccess' && $env{'request.course.id'}) ||
-            ($caller eq 'tiny')) {
+    unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {
         &appenv( {'request.role'        => $spec,
                   'request.role.domain' => $dcdom,
                   'request.course.sec'  => $sec, 
@@ -7294,7 +6907,7 @@ sub unserialize {
 # see Lond::dump_with_regexp
 # if $escapedkeys hash keys won't get unescaped.
 sub dump {
-    my ($namespace,$udomain,$uname,$regexp,$range,$escapedkeys,$encrypt)=@_;
+    my ($namespace,$udomain,$uname,$regexp,$range,$escapedkeys)=@_;
     if (!$udomain) { $udomain=$env{'user.domain'}; }
     if (!$uname) { $uname=$env{'user.name'}; }
     my $uhome=&homeserver($uname,$udomain);
@@ -7310,12 +6923,7 @@ sub dump {
                     $uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
         return %{&unserialize($reply, $escapedkeys)};
     }
-    my $rep;
-    if ($encrypt) {
-        $rep=&reply("encrypt:edump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
-    } else {
-        $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
-    }
+    my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
     my @pairs=split(/\&/,$rep);
     my %returnhash=();
     if (!($rep =~ /^error/ )) {
@@ -7461,7 +7069,7 @@ sub inc {
 # --------------------------------------------------------------- put interface
 
 sub put {
-   my ($namespace,$storehash,$udomain,$uname,$encrypt)=@_;
+   my ($namespace,$storehash,$udomain,$uname)=@_;
    if (!$udomain) { $udomain=$env{'user.domain'}; }
    if (!$uname) { $uname=$env{'user.name'}; }
    my $uhome=&homeserver($uname,$udomain);
@@ -7470,11 +7078,7 @@ sub put {
        $items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
    }
    $items=~s/\&$//;
-   if ($encrypt) {
-       return &reply("encrypt:put:$udomain:$uname:$namespace:$items",$uhome);
-   } else {
-       return &reply("put:$udomain:$uname:$namespace:$items",$uhome);
-   }
+   return &reply("put:$udomain:$uname:$namespace:$items",$uhome);
 }
 
 # ------------------------------------------------------------ newput interface
@@ -7988,17 +7592,6 @@ sub is_portfolio_file {
     return;
 }
 
-sub is_coursetool_logo {
-    my ($uri) = @_;
-    if ($env{'request.course.id'}) {
-        my $courseurl = &courseid_to_courseurl($env{'request.course.id'});
-        if ($uri =~ m{^/*uploaded\Q$courseurl\E/toollogo/\d+/[^/]+$}) {
-            return 1;
-        }
-    }
-    return;
-}
-
 sub usertools_access {
     my ($uname,$udom,$tool,$action,$context,$userenvref,$domdefref,$is_advref)=@_;
     my ($access,%tools);
@@ -8011,22 +7604,17 @@ sub usertools_access {
                       unofficial => 1,
                       community  => 1,
                       textbook   => 1,
-                      lti        => 1,
                  );
     } elsif ($context eq 'requestauthor') {
         %tools = (
                       requestauthor => 1,
                  );
-    } elsif ($context eq 'authordefaults') {
-        %tools = (
-                      webdav    => 1,
-                 );
     } else {
         %tools = (
                       aboutme   => 1,
                       blog      => 1,
+                      webdav    => 1,
                       portfolio => 1,
-                      timezone  => 1,
                  );
     }
     return if (!defined($tools{$tool}));
@@ -8042,10 +7630,6 @@ sub usertools_access {
                 return $env{'environment.canrequest.'.$tool};
             } elsif ($context eq 'requestauthor') {
                 return $env{'environment.canrequest.author'};
-            } elsif ($context eq 'authordefaults') {
-                if ($tool eq 'webdav') {
-                    return $env{'environment.availabletools.'.$tool};
-                }
             } else {
                 return $env{'environment.availabletools.'.$tool};
             }
@@ -8055,10 +7639,6 @@ sub usertools_access {
     my ($toolstatus,$inststatus,$envkey);
     if ($context eq 'requestauthor') {
         $envkey = $context;
-    } elsif ($context eq 'authordefaults') {
-        if ($tool eq 'webdav') {
-            $envkey = 'tools.'.$tool;
-        }
     } else {
         $envkey = $context.'.'.$tool;
     }
@@ -8220,29 +7800,25 @@ sub is_advanced_user {
 }
 
 sub check_can_request {
-    my ($dom,$can_request,$request_domains,$uname,$udom) = @_;
+    my ($dom,$can_request,$request_domains) = @_;
     my $canreq = 0;
-    if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '')) {
-        $uname = $env{'user.name'};
-        $udom = $env{'user.domain'};
-    }
     my ($types,$typename) = &Apache::loncommon::course_types();
     my @options = ('approval','validate','autolimit');
     my $optregex = join('|',@options);
     if ((ref($can_request) eq 'HASH') && (ref($types) eq 'ARRAY')) {
         foreach my $type (@{$types}) {
-            if (&usertools_access($uname,$udom,$type,undef,
-                                  'requestcourses')) {
+            if (&usertools_access($env{'user.name'},
+                                  $env{'user.domain'},
+                                  $type,undef,'requestcourses')) {
                 $canreq ++;
                 if (ref($request_domains) eq 'HASH') {
-                    push(@{$request_domains->{$type}},$udom);
+                    push(@{$request_domains->{$type}},$env{'user.domain'});
                 }
-                if ($dom eq $udom) {
+                if ($dom eq $env{'user.domain'}) {
                     $can_request->{$type} = 1;
                 }
             }
-            if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '') &&
-                ($env{'environment.reqcrsotherdom.'.$type} ne '')) {
+            if ($env{'environment.reqcrsotherdom.'.$type} ne '') {
                 my @curr = split(',',$env{'environment.reqcrsotherdom.'.$type});
                 if (@curr > 0) {
                     foreach my $item (@curr) {
@@ -8259,7 +7835,7 @@ sub check_can_request {
                             }
                         }
                     }
-                    unless ($dom eq $env{'user.domain'}) {
+                    unless($dom eq $env{'user.domain'}) {
                         $canreq ++;
                         if (grep(/^\Q$dom\E:($optregex)(=?\d*)$/,@curr)) {
                             $can_request->{$type} = 1;
@@ -8324,14 +7900,14 @@ sub customaccess {
 # ------------------------------------------------- Check for a user privilege
 
 sub allowed {
-    my ($priv,$uri,$symb,$role,$clientip,$noblockcheck,$ignorecache,$nodeeplinkcheck,$nodeeplinkout)=@_;
+    my ($priv,$uri,$symb,$role,$clientip,$noblockcheck,$ignorecache)=@_;
     my $ver_orguri=$uri;
     $uri=&deversion($uri);
     my $orguri=$uri;
     $uri=&declutter($uri);
 
     if ($priv eq 'evb') {
-# Evade communication block restrictions for specified role in a course or domain
+# Evade communication block restrictions for specified role in a course
         if ($env{'user.priv.'.$role} =~/evb\&([^\:]*)/) {
             return $1;
         } else {
@@ -8341,7 +7917,7 @@ sub allowed {
 
     if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
 # Free bre access to adm and meta resources
-    if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|viewclasslist|aboutme|ext\.tool)$})) 
+    if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|viewclasslist|aboutme)$})) 
 	 || (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) )) 
 	&& ($priv eq 'bre')) {
 	return 'F';
@@ -8389,10 +7965,7 @@ sub allowed {
 # Free bre to public access
 
     if ($priv eq 'bre') {
-        my $copyright;
-        unless ($uri =~ /ext\.tool/) {
-            $copyright=&metadata($uri,'copyright');
-        }
+        my $copyright=&metadata($uri,'copyright');
 	if (($copyright eq 'public') && (!$env{'request.course.id'})) { 
            return 'F'; 
         }
@@ -8549,13 +8122,7 @@ sub allowed {
             if ($env{'user.priv.'.$env{'request.role'}.'./'}
                   =~/\Q$priv\E\&([^\:]*)/) {
                 my $value = $1;
-                my $deeplinkblock;
-                unless ($nodeeplinkcheck) {
-                    $deeplinkblock = &deeplink_check($priv,$symb,$uri);
-                }
-                if ($deeplinkblock) {
-                    $thisallowed='D';
-                } elsif ($noblockcheck) {
+                if ($noblockcheck) {
                     $thisallowed.=$value;
                 } else {
                     my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);
@@ -8575,13 +8142,7 @@ sub allowed {
                     $refuri=&declutter($refuri);
                     my ($match) = &is_on_map($refuri);
                     if ($match) {
-                        my $deeplinkblock;
-                        unless ($nodeeplinkcheck) {
-                            $deeplinkblock = &deeplink_check($priv,$symb,$refuri);
-                        }
-                        if ($deeplinkblock) {
-                            $thisallowed='D';
-                        } elsif ($noblockcheck) {
+                        if ($noblockcheck) {
                             $thisallowed='F';
                         } else {
                             my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
@@ -8631,12 +8192,6 @@ sub allowed {
 
     if ($env{'request.course.id'}) {
 
-        if ($priv eq 'bre') {
-            if (&is_coursetool_logo($uri)) {
-                return 'F';
-            }
-        }
-
 # If this is modifying password (internal auth) domains must match for user and user's role.
 
         if ($priv eq 'mip') {
@@ -8660,13 +8215,7 @@ sub allowed {
                =~/\Q$priv\E\&([^\:]*)/) {
                my $value = $1;
                if ($priv eq 'bre') {
-                   my $deeplinkblock;
-                   unless ($nodeeplinkcheck) {
-                       $deeplinkblock = &deeplink_check($priv,$symb,$uri);
-                   }
-                   if ($deeplinkblock) {
-                       $thisallowed = 'D';
-                   } elsif ($noblockcheck) {
+                   if ($noblockcheck) {
                        $thisallowed.=$value;
                    } else {
                        my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);
@@ -8708,13 +8257,7 @@ sub allowed {
                   =~/\Q$priv\E\&([^\:]*)/) {
                   my $value = $1;
                   if ($priv eq 'bre') {
-                      my $deeplinkblock;
-                      unless ($nodeeplinkcheck) {
-                          $deeplinkblock = &deeplink_check($priv,$symb,$refuri);
-                      }
-                      if ($deeplinkblock) {
-                          $thisallowed = 'D';
-                      } elsif ($noblockcheck) {
+                      if ($noblockcheck) {
                           $thisallowed.=$value;
                       } else {
                           my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
@@ -8894,17 +8437,6 @@ sub allowed {
        }
    }
 
-# Restricted for deeplinked session?
-
-    if ($env{'request.deeplink.login'}) {
-        if ($env{'acc.deeplinkout'} && !$nodeeplinkout) {
-            if (!$symb) { $symb=&symbread($uri,1); }
-            if (($symb) && ($env{'acc.deeplinkout'}=~/\&\Q$symb\E\&/)) {
-                return '';
-            }
-        }
-    }
-
 # Restricted by state or randomout?
 
    if ($thisallowed=~/X/) {
@@ -8925,8 +8457,6 @@ sub allowed {
 	return 'A';
     } elsif ($thisallowed eq 'B') {
         return 'B';
-    } elsif ($thisallowed eq 'D') {
-        return 'D';
     }
    return 'F';
 }
@@ -8943,7 +8473,7 @@ sub constructaccess {
     my ($ownername,$ownerdomain,$ownerhome);
 
     ($ownerdomain,$ownername) =
-        ($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E|)(?:/daxepage|/daxeopen)?/priv/($match_domain)/($match_username)(?:/|$)});
+        ($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E|)/priv/($match_domain)/($match_username)(?:/|$)});
 
 # The URL does not really point to any authorspace, forget it
     unless (($ownername) && ($ownerdomain)) { return ''; }
@@ -9108,8 +8638,7 @@ sub get_commblock_resources {
                             }
                         }
                     }
-                    if ($interval[0] =~ /^(\d+)/) {
-                        my $timelimit = $1;
+                    if ($interval[0] =~ /^\d+$/) {
                         my $first_access;
                         if ($type eq 'resource') {
                             $first_access=&get_first_access($interval[1],$item);
@@ -9119,7 +8648,7 @@ sub get_commblock_resources {
                             $first_access=&get_first_access($interval[1]);
                         }
                         if ($first_access) {
-                            my $timesup = $first_access+$timelimit;
+                            my $timesup = $first_access+$interval[0];
                             if ($timesup > $now) {
                                 my $activeblock;
                                 if ($type eq 'resource') {
@@ -9244,87 +8773,6 @@ sub has_comm_blocking {
 }
 }
 
-sub deeplink_check {
-    my ($priv,$symb,$uri) = @_;
-    return unless ($env{'request.course.id'});
-    return unless ($priv eq 'bre');
-    return if ($env{'request.state'} eq 'construct');
-    return if ($env{'request.role.adv'});
-    my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
-    my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
-    my (%possibles,@symbs);
-    if (!$symb) {
-        $symb = &symbread($uri,1,1,1,\%possibles);
-    }
-    if ($symb) {
-        @symbs = ($symb);
-    } elsif (keys(%possibles)) {
-        @symbs = keys(%possibles);
-    }
-
-    my ($deeplink_symb,$allow);
-    if ($env{'request.deeplink.login'}) {
-        $deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom);
-    }
-    foreach my $symb (@symbs) {
-        last if ($allow);
-        my $deeplink = &EXT("resource.0.deeplink",$symb);
-        if ($deeplink eq '') {
-            $allow = 1;
-        } else {
-            my ($state,$others,$listed,$scope,$protect) = split(/,/,$deeplink);
-            if ($state ne 'only') {
-                $allow = 1;
-            } else {
-                my $check_deeplink_entry;
-                if ($protect ne 'none') {
-                    my ($acctype,$item) = split(/:/,$protect);
-                    if (($acctype eq 'ltic') && ($env{'user.linkprotector'})) {
-                        if (grep(/^\Q$item\Ec$/,split(/,/,$env{'user.linkprotector'}))) {
-                            $check_deeplink_entry = 1
-                        }
-                    } elsif (($acctype eq 'ltid') && ($env{'user.linkprotector'})) {
-                        if (grep(/^\Q$item\Ed$/,split(/,/,$env{'user.linkprotector'}))) {
-                            $check_deeplink_entry = 1;
-                        }
-                    } elsif (($acctype eq 'key') && ($env{'user.deeplinkkey'})) {
-                        if (grep(/^\Q$item\E$/,split(/,/,$env{'user.deeplinkkey'}))) {
-                            $check_deeplink_entry = 1;
-                        }
-                    }
-                }
-                if (($protect eq 'none') || ($check_deeplink_entry)) {
-                    if ($scope eq 'res') {
-                        if ($symb eq $deeplink_symb) {
-                            $allow = 1;
-                        }
-                    } elsif (($scope eq 'map') || ($scope eq 'rec')) {
-                        my ($map_from_symb,$map_from_login);
-                        $map_from_symb = &deversion((&decode_symb($symb))[0]);
-                        if ($deeplink_symb =~ /\.(page|sequence)$/) {
-                            $map_from_login = &deversion((&decode_symb($deeplink_symb))[2]);
-                        } else {
-                            $map_from_login = &deversion((&decode_symb($deeplink_symb))[0]);
-                        }
-                        if (($map_from_symb) && ($map_from_login)) {
-                            if ($map_from_symb eq $map_from_login) {
-                                $allow = 1;
-                            } elsif ($scope eq 'rec') {
-                                my @recurseup = &get_map_hierarchy($map_from_symb,$env{'request.course.id'});
-                                if (grep(/^\Q$map_from_login\E$/,@recurseup)) {
-                                    $allow = 1;
-                                }
-                            }
-                        }
-                    }
-                }
-            }
-        }
-    }
-    return if ($allow);
-    return 1;
-}
-
 # -------------------------------- Deversion and split uri into path an filename
 
 #
@@ -10445,12 +9893,8 @@ sub assignrole {
                             }
                         }
                     }
-                } elsif (($selfenroll == 1) && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
-                    if ($role eq 'st') {
-                        $refused = '';
-                    } elsif (($context eq 'ltienroll') && ($env{'request.lti.login'})) {
-                        $refused = '';
-                    }
+                } elsif (($selfenroll == 1) && ($role eq 'st') && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
+                    $refused = '';
                 } elsif ($context eq 'requestcourses') {
                     my @possroles = ('st','ta','ep','in','cc','co');
                     if ((grep(/^\Q$role\E$/,@possroles)) && ($env{'user.name'} ne '' && $env{'user.domain'} ne '')) {
@@ -10742,14 +10186,10 @@ sub modifyuser {
     my $newuser;
     if ($uhome eq 'no_host') {
         $newuser = 1;
-        unless (($umode && ($upass ne '')) || ($umode eq 'localauth') ||
-                ($umode eq 'lti')) {
-            return 'error: more information needed to create new user';
-        }
     }
 # ----------------------------------------------------------------- Create User
     if (($uhome eq 'no_host') && 
-	(($umode && $upass) || ($umode eq 'localauth') || ($umode eq 'lti'))) {
+	(($umode && $upass) || ($umode eq 'localauth'))) {
         my $unhome='';
         if (defined($desiredhome) && &host_domain($desiredhome) eq $udom) { 
             $unhome = $desiredhome;
@@ -11037,19 +10477,14 @@ sub writecoursepref {
 
 sub createcourse {
     my ($udom,$description,$url,$course_server,$nonstandard,$inst_code,
-        $course_owner,$crstype,$cnum,$context,$category,$callercontext)=@_;
+        $course_owner,$crstype,$cnum,$context,$category)=@_;
     $url=&declutter($url);
     my $cid='';
     if ($context eq 'requestcourses') {
         my $can_create = 0;
         my ($ownername,$ownerdom) = split(':',$course_owner);
         if ($udom eq $ownerdom) {
-            my $reload;
-            if (($callercontext eq 'auto') &&
-               ($ownerdom eq $env{'user.domain'}) && ($ownername eq $env{'user.name'})) {
-                $reload = 'reload';
-            }
-            if (&usertools_access($ownername,$ownerdom,$category,$reload,
+            if (&usertools_access($ownername,$ownerdom,$category,undef,
                                   $context)) {
                 $can_create = 1;
             }
@@ -12084,259 +11519,30 @@ sub resdata {
     return undef;
 }
 
-sub get_domain_lti {
-    my ($cdom,$context) = @_;
-    my ($name,$cachename,%lti);
-    if ($context eq 'consumer') {
-        $name = 'ltitools';
-    } elsif ($context eq 'provider') {
-        $name = 'lti';
-    } elsif ($context eq 'linkprot') {
-        $name = 'ltisec';
-    } else {
-        return %lti;
-    }
-    if ($context eq 'linkprot') {
-        $cachename = $context;
-    } else {
-        $cachename = $name;
-    }
-    my ($result,$cached)=&is_cached_new($cachename,$cdom);
-    if (defined($cached)) {
-        if (ref($result) eq 'HASH') {
-            %lti = %{$result};
-        }
-    } else {
-        my %domconfig = &get_dom('configuration',[$name],$cdom);
-        if (ref($domconfig{$name}) eq 'HASH') {
-            if ($context eq 'linkprot') {
-                if (ref($domconfig{$name}{'linkprot'}) eq 'HASH') {
-                    %lti = %{$domconfig{$name}{'linkprot'}};
-                }
-            } else {
-                %lti = %{$domconfig{$name}};
-            }
-        }
-        my $cachetime = 24*60*60;
-        &do_cache_new($cachename,$cdom,\%lti,$cachetime);
-    }
-    return %lti;
-}
-
-sub get_course_lti {
-    my ($cnum,$cdom,$context) = @_;
-    my ($name,$cachename,%lti);
-    if ($context eq 'consumer') {
-        $name = 'ltitools';
-        $cachename = 'courseltitools';
-    } elsif ($context eq 'provider') {
-        $name = 'lti';
-        $cachename = 'courselti';
-    } else {
-        return %lti;
-    }
-    my $hashid=$cdom.'_'.$cnum;
-    my ($result,$cached)=&is_cached_new($cachename,$hashid);
-    if (defined($cached)) {
-        if (ref($result) eq 'HASH') {
-            %lti = %{$result};
-        }
-    } else {
-        %lti = &dump($name,$cdom,$cnum,undef,undef,undef,1);
-        my $cachetime = 24*60*60;
-        &do_cache_new($cachename,$hashid,\%lti,$cachetime);
-    }
-    return %lti;
-}
-
-sub courselti_itemid {
-    my ($cnum,$cdom,$url,$method,$params,$context) = @_;
-    my ($chome,$itemid);
-    $chome = &homeserver($cnum,$cdom);
-    return if ($chome eq 'no_host');
-    if (ref($params) eq 'HASH') {
-        my $rep;
-        if (grep { $_ eq $chome } current_machine_ids()) {
-            $rep = LONCAPA::Lond::crslti_itemid($cdom,$cnum,$url,$method,$params,$perlvar{'lonVersion'});
-        } else {
-            my $escurl = &escape($url);
-            my $escmethod = &escape($method);
-            my $items = &freeze_escape($params);
-            $rep = &reply("encrypt:lti:$cdom:$cnum:$context:$escurl:$escmethod:$items",$chome);
-        }
-        unless (($rep=~/^(refused|rejected|error)/) || ($rep eq 'con_lost') ||
-                ($rep eq 'unknown_cmd')) {
-            $itemid = $rep;
-        }
-    }
-    return $itemid;
-}
-
-sub domainlti_itemid {
-    my ($cdom,$url,$method,$params,$context) = @_;
-    my ($primary_id,$itemid);
-    $primary_id = &domain($cdom,'primary');
-    return if ($primary_id eq '');
-    if (ref($params) eq 'HASH') {
-        my $rep;
-        if (grep { $_ eq $primary_id } current_machine_ids()) {
-            $rep = LONCAPA::Lond::domlti_itemid($cdom,$context,$url,$method,$params,$perlvar{'lonVersion'});
-        } else {
-            my $cnum = '';
-            my $escurl = &escape($url);
-            my $escmethod = &escape($method);
-            my $items = &freeze_escape($params);
-            $rep = &reply("encrypt:lti:$cdom:$cnum:$context:$escurl:$escmethod:$items",$primary_id);
-        }
-        unless (($rep=~/^(refused|rejected|error)/) || ($rep eq 'con_lost') ||
-                ($rep eq 'unknown_cmd')) {
-            $itemid = $rep;
-        }
-    }
-    return $itemid;
-}
-
-sub get_ltitools_id {
-    my ($context,$cdom,$cnum,$title) = @_;
-    my ($lockhash,$tries,$gotlock,$id,$error);
-
-    # get lock on ltitools db
-    $lockhash = {
-                   lock => $env{'user.name'}.
-                           ':'.$env{'user.domain'},
-                };
-    $tries = 0;
-    if ($context eq 'domain') {
-        $gotlock = &newput_dom('ltitools',$lockhash,$cdom);
-    } else {
-        $gotlock = &newput('ltitools',$lockhash,$cdom,$cnum);
-    }
-    while (($gotlock ne 'ok') && ($tries<10)) {
-        $tries ++;
-        sleep (0.1);
-        if ($context eq 'domain') {
-            $gotlock = &newput_dom('ltitools',$lockhash,$cdom);
-        } else {
-            $gotlock = &newput('ltitools',$lockhash,$cdom,$cnum);
-        }
-    }
-    if ($gotlock eq 'ok') {
-        my %currids;
-        if ($context eq 'domain') {
-            %currids = &dump_dom('ltitools',$cdom);
-        } else {
-            %currids = &dump('ltitools',$cdom,$cnum);
-        }
-        if ($currids{'lock'}) {
-            delete($currids{'lock'});
-            if (keys(%currids)) {
-                my @curr = sort { $a <=> $b } keys(%currids);
-                if ($curr[-1] =~ /^\d+$/) {
-                    $id = 1 + $curr[-1];
-                }
-            } else {
-                $id = 1;
-            }
-            if ($id) {
-                if ($context eq 'domain') {
-                    unless (&newput_dom('ltitools',{ $id => $title },$cdom) eq 'ok') {
-                        $error = 'nostore';
-                    }
-                } else {
-                    unless (&newput('ltitools',{ $id => $title },$cdom,$cnum) eq 'ok') {
-                        $error = 'nostore';
-                    }
-                }
-            } else {
-                $error = 'nonumber';
-            }
-        }
-        my $dellockoutcome;
-        if ($context eq 'domain') {
-            $dellockoutcome = &del_dom('ltitools',['lock'],$cdom);
-        } else {
-            $dellockoutcome = &del('ltitools',['lock'],$cdom,$cnum);
-        }
-    } else {
-        $error = 'nolock';
-    }
-    return ($id,$error);
-}
-
-sub count_supptools {
-    my ($cnum,$cdom,$ignorecache,$reload)=@_;
-    my $hashid=$cnum.':'.$cdom;
-    my ($numexttools,$cached);
-    unless ($ignorecache) {
-        ($numexttools,$cached) = &is_cached_new('supptools',$hashid);
-    }
-    unless (defined($cached)) {
-        my $chome=&homeserver($cnum,$cdom);
-        $numexttools = 0;
-        unless ($chome eq 'no_host') {
-            my ($supplemental) = &Apache::loncommon::get_supplemental($cnum,$cdom,$reload);
-            if (ref($supplemental) eq 'HASH') {
-                if ((ref($supplemental->{'ids'}) eq 'HASH') && (ref($supplemental->{'hidden'}) eq 'HASH')) {
-                    foreach my $key (keys(%{$supplemental->{'ids'}})) {
-                        if ($key =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
-                            $numexttools ++;
-                        }
-                    }
-                }
-            }
-        }
-        &do_cache_new('supptools',$hashid,$numexttools,600);
-    }
-    return $numexttools;
-}
-
-sub has_unhidden_suppfiles {
-    my ($cnum,$cdom,$ignorecache,$possdel)=@_;
+sub get_numsuppfiles {
+    my ($cnum,$cdom,$ignorecache)=@_;
     my $hashid=$cnum.':'.$cdom;
-    my ($showsupp,$cached);
+    my ($suppcount,$cached);
     unless ($ignorecache) {
-        ($showsupp,$cached) = &is_cached_new('showsupp',$hashid);
+        ($suppcount,$cached) = &is_cached_new('suppcount',$hashid);
     }
     unless (defined($cached)) {
         my $chome=&homeserver($cnum,$cdom);
         unless ($chome eq 'no_host') {
-            my ($supplemental) = &Apache::loncommon::get_supplemental($cnum,$cdom,$ignorecache,$possdel);
-            if (ref($supplemental) eq 'HASH') {
-                if ((ref($supplemental->{'ids'}) eq 'HASH') && (ref($supplemental->{'hidden'}) eq 'HASH')) {
-                    foreach my $key (keys(%{$supplemental->{'ids'}})) {
-                        next if ($key =~ /\.sequence$/);
-                        if (ref($supplemental->{'ids'}->{$key}) eq 'ARRAY') {
-                            foreach my $id (@{$supplemental->{'ids'}->{$key}}) {
-                                unless ($supplemental->{'hidden'}->{$id}) {
-                                    $showsupp = 1;
-                                    last;
-                                }
-                            }
-                        }
-                        last if ($showsupp);
-                    }
-                }
-            }
+            ($suppcount,my $errors) = (0,0);
+            my $suppmap = 'supplemental.sequence';
+            ($suppcount,$errors) =
+                &Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,$errors);
         }
-        &do_cache_new('showsupp',$hashid,$showsupp,600);
+        &do_cache_new('suppcount',$hashid,$suppcount,600);
     }
-    return $showsupp;
+    return $suppcount;
 }
 
 #
 # EXT resource caching routines
 #
 
-{
-# Cache (5 seconds) of map hierarchy for speedup of navmaps display
-#
-# The course for which we cache
-my $cachedmapkey='';
-# The cached recursive maps for this course
-my %cachedmaps=();
-# When this was last done
-my $cachedmaptime='';
-
 sub clear_EXT_cache_status {
     &delenv('cache.EXT.');
 }
@@ -12591,25 +11797,20 @@ sub EXT {
 	}
 # ------------------------------------------ fourth, look in resource metadata
 
-        my $what = $spacequalifierrest;
-        $what=~s/\./\_/;
-        my $filename;
+	$spacequalifierrest=~s/\./\_/;
+	my $filename;
 	if (!$symbparm) { $symbparm=&symbread(); }
 	if ($symbparm) {
 	    $filename=(&decode_symb($symbparm))[2];
 	} else {
 	    $filename=$env{'request.filename'};
 	}
-        my $toolsymb;
-        if (($filename =~ /ext\.tool$/) && ($what ne '0_gradable')) {
-            $toolsymb = $symbparm;
-        }
-	my $metadata=&metadata($filename,$what,$toolsymb);
+	my $metadata=&metadata($filename,$spacequalifierrest);
 	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
-	$metadata=&metadata($filename,'parameter_'.$what,$toolsymb);
+	$metadata=&metadata($filename,'parameter_'.$spacequalifierrest);
 	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
 
-# ----------------------------------------------- fifth, look in rest of course
+# ---------------------------------------------- fourth, look in rest of course
 	if ($symbparm && defined($courseid) && 
 	    $courseid eq $env{'request.course.id'}) {
 	    my $coursereply=&resdata($env{'course.'.$courseid.'.num'},
@@ -12630,7 +11831,7 @@ sub EXT {
 	    if (defined($partgeneral[0])) { return &get_reply(\@partgeneral); }
 	}
 	if ($recurse) { return undef; }
-	my $pack_def=&packages_tab_default($filename,$varname,$toolsymb);
+	my $pack_def=&packages_tab_default($filename,$varname);
 	if (defined($pack_def)) { return &get_reply([$pack_def,'resource']); }
 # ---------------------------------------------------- Any other user namespace
     } elsif ($realm eq 'environment') {
@@ -12655,10 +11856,6 @@ sub EXT {
 	if ($space eq 'name') {
 	    return $ENV{'SERVER_NAME'};
         }
-    } elsif ($realm eq 'client') {
-        if ($space eq 'remote_addr') {
-            return &get_requestor_ip();
-        }
     }
     return '';
 }
@@ -12692,30 +11889,6 @@ sub check_group_parms {
     return $coursereply;
 }
 
-sub get_map_hierarchy {
-    my ($mapname,$courseid) = @_;
-    my @recurseup = ();
-    if ($mapname) {
-        if (($cachedmapkey eq $courseid) &&
-            (abs($cachedmaptime-time)<5)) {
-            if (ref($cachedmaps{$mapname}) eq 'ARRAY') {
-                return @{$cachedmaps{$mapname}};
-            }
-        }
-        my $navmap = Apache::lonnavmaps::navmap->new();
-        if (ref($navmap)) {
-            @recurseup = $navmap->recurseup_maps($mapname);
-            undef($navmap);
-            $cachedmaps{$mapname} = \@recurseup;
-            $cachedmaptime=time;
-            $cachedmapkey=$courseid;
-        }
-    }
-    return @recurseup;
-}
-
-}
-
 sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().
     my ($courseid,@groups) = @_;
     @groups = sort(@groups);
@@ -12723,11 +11896,11 @@ sub sort_course_groups { # Sort groups b
 }
 
 sub packages_tab_default {
-    my ($uri,$varname,$toolsymb)=@_;
+    my ($uri,$varname)=@_;
     my (undef,$part,$name)=split(/\./,$varname);
 
     my (@extension,@specifics,$do_default);
-    foreach my $package (split(/,/,&metadata($uri,'packages',$toolsymb))) {
+    foreach my $package (split(/,/,&metadata($uri,'packages'))) {
 	my ($pack_type,$pack_part)=split(/_/,$package,2);
 	if ($pack_type eq 'default') {
 	    $do_default=1;
@@ -12796,12 +11969,12 @@ my %metaentry;
 my %importedpartids;
 my %importedrespids;
 sub metadata {
-    my ($uri,$what,$toolsymb,$liburi,$prefix,$depthcount)=@_;
+    my ($uri,$what,$liburi,$prefix,$depthcount)=@_;
     $uri=&declutter($uri);
     # if it is a non metadata possible uri return quickly
     if (($uri eq '') || 
 	(($uri =~ m|^/*adm/|) && 
-	     ($uri !~ m|^adm/includes|) && ($uri !~ m{/(smppg|bulletinboard|ext\.tool)$})) ||
+	     ($uri !~ m|^adm/includes|) && ($uri !~ m{/(smppg|bulletinboard)$})) ||
         ($uri =~ m|/$|) || ($uri =~ m|/.meta$|) || ($uri =~ m{^/*uploaded/.+\.sequence$})) {
 	return undef;
     }
@@ -12820,65 +11993,6 @@ sub metadata {
 	my ($result,$cached)=&is_cached_new('meta',$uri);
 	if (defined($cached)) { return $result->{':'.$what}; }
     }
-
-#
-# If the uri is for an external tool the file from
-# which metadata should be retrieved depends on whether
-# the tool had been configured to be gradable (set in the Course
-# Editor or Resource Editor).
-#
-# If a valid symb has been included as the third arg in the call
-# to &metadata() that can be used to retrieve the value of
-# parameter_0_gradable set for the resource, and included in the
-# uploaded map containing the tool. The value is retrieved via
-# &EXT(), if a valid symb is available.  Otherwise the value of
-# gradable in the exttool_$marker.db file for the tool instance
-# is retrieved via &get().
-#
-# When lonuserstate::traceroute() calls lonnet::EXT() for
-# hiddenresource and encrypturl (during course initialization)
-# the map-level parameter for resource.0.gradable included in the
-# uploaded map containing the tool will not yet have been stored
-# in the user_course_parms.db file for the user's session, so in
-# this case fall back to retrieving gradable status from the
-# exttool_$marker.db file.
-#
-# In order to avoid an infinite loop, &metadata() will return
-# before a call to &EXT(), if the uri is for an external tool
-# and the $what for which metadata is being requested is
-# parameter_0_gradable or 0_gradable.
-#
-
-    if ($uri =~ /ext\.tool$/) {
-        if (($what eq 'parameter_0_gradable') || ($what eq '0_gradable')) {
-            return;
-        } else {
-            my ($checked,$use_passback);
-            if ($toolsymb ne '') {
-                (undef,undef,my $tooluri) = &decode_symb($toolsymb);
-                if (($tooluri eq $uri) && (&EXT('resource.0.gradable',$toolsymb))) {
-                    $checked = 1;
-                    if (&EXT('resource.0.gradable',$toolsymb) =~ /^yes$/i) {
-                        $use_passback = 1;
-                    }
-                }
-            }
-            unless ($checked) {
-                my ($ignore,$cdom,$cnum,$marker) = split(m{/},$uri);
-                $marker=~s/\D//g;
-                if ($marker) {
-                    my %toolsettings=&get('exttool_'.$marker,['gradable'],$cdom,$cnum);
-                    $use_passback = $toolsettings{'gradable'};
-                }
-            }
-            if ($use_passback) {
-                $filename = '/home/httpd/html/res/lib/templates/LTIpassback.tool';
-            } else {
-                $filename = '/home/httpd/html/res/lib/templates/LTIstandard.tool';
-            }
-        }
-    }
-
     {
 # Imported parts would go here
         my @origfiletagids=();
@@ -13052,7 +12166,7 @@ sub metadata {
 
 			if ($depthcount<20) {
 			    my $metadata = 
-				&metadata($uri,'keys',$toolsymb,$location,$unikey,
+				&metadata($uri,'keys', $location,$unikey,
 					  $depthcount+1);
 			    foreach my $meta (split(',',$metadata)) {
 				$metaentry{':'.$meta}=$metaentry{':'.$meta};
@@ -13127,7 +12241,7 @@ sub metadata {
 		$dir=~s|[^/]*$||;
 		$location=&filelocation($dir,$location);
 		my $rights_metadata =
-		    &metadata($uri,'keys',$toolsymb,$location,'_rights',
+		    &metadata($uri,'keys',$location,'_rights',
 			      $depthcount+1);
 		foreach my $rights (split(',',$rights_metadata)) {
 		    #$metaentry{':'.$rights}=$metacache{$uri}->{':'.$rights};
@@ -13396,68 +12510,11 @@ sub get_coursechange {
 }
 
 sub devalidate_coursechange_cache {
-    my ($cdom,$cnum)=@_;
-    my $hashid=$cdom.'_'.$cnum;
+    my ($cnum,$cdom)=@_;
+    my $hashid=$cnum.':'.$cdom;
     &devalidate_cache_new('crschange',$hashid);
 }
 
-sub get_suppchange {
-    my ($cdom,$cnum) = @_;
-    if ($cdom eq '' || $cnum eq '') {
-        return unless ($env{'request.course.id'});
-        $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
-        $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
-    }
-    my $hashid=$cdom.'_'.$cnum;
-    my ($change,$cached)=&is_cached_new('suppchange',$hashid);
-    if ((defined($cached)) && ($change ne '')) {
-        return $change;
-    } else {
-        my %crshash = &get('environment',['internal.supplementalchange'],$cdom,$cnum);
-        if ($crshash{'internal.supplementalchange'} eq '') {
-            $change = $env{'course.'.$cdom.'_'.$cnum.'.internal.created'};
-            if ($change eq '') {
-                %crshash = &get('environment',['internal.created'],$cdom,$cnum);
-                $change = $crshash{'internal.created'};
-            }
-        } else {
-            $change = $crshash{'internal.supplementalchange'};
-        }
-        my $cachetime = 600;
-        &do_cache_new('suppchange',$hashid,$change,$cachetime);
-    }
-    return $change;
-}
-
-sub devalidate_suppchange_cache {
-    my ($cdom,$cnum)=@_;
-    my $hashid=$cdom.'_'.$cnum;
-    &devalidate_cache_new('suppchange',$hashid);
-}
-
-sub update_supp_caches {
-    my ($cdom,$cnum) = @_;
-    my %servers = &internet_dom_servers($cdom);
-    my @ids=&current_machine_ids();
-    foreach my $server (keys(%servers)) {
-        next if (grep(/^\Q$server\E$/,@ids));
-        my $hashid=$cnum.':'.$cdom;
-        my $cachekey = &escape('showsupp').':'.&escape($hashid);
-        &remote_devalidate_cache($server,[$cachekey]);
-    }
-    &has_unhidden_suppfiles($cnum,$cdom,1,1);
-    &count_supptools($cnum,$cdom,1);
-    my $now = time;
-    if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
-        &Apache::lonnet::appenv({'request.course.suppupdated' => $now});
-    }
-    &put('environment',{'internal.supplementalchange' => $now},
-         $cdom,$cnum);
-    &Apache::lonnet::appenv(
-        {'course.'.$cdom.'_'.$cnum.'.internal.supplementalchange' => $now});
-    &do_cache_new('suppchange',$cdom.'_'.$cnum,$now,600);
-}
-
 # ------------------------------------------------- Update symbolic store links
 
 sub symblist {
@@ -13644,10 +12701,17 @@ sub symbread {
     my %bighash;
     my $syval='';
     if (($env{'request.course.fn'}) && ($thisfn)) {
+        my $targetfn = $thisfn;
+        if ( ($thisfn =~ m/^(uploaded|editupload)\//) && ($thisfn !~ m/\.(page|sequence)$/) ) {
+            $targetfn = 'adm/wrapper/'.$thisfn;
+        }
+	if ($targetfn =~ m|^adm/wrapper/(ext/.*)|) {
+	    $targetfn=$1;
+	}
         unless ($ignoresymbdb) {
             if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
                           &GDBM_READER(),0640)) {
-	        $syval=$hash{$thisfn};
+	        $syval=$hash{$targetfn};
                 untie(%hash);
             }
             if ($syval && $checkforblock) {
@@ -14819,8 +13883,6 @@ sub clutter {
 #		&logthis("Got a blank emb style");
 	    }
 	}
-    } elsif ($thisfn =~ m{^/adm/$match_domain/$match_courseid/\d+/ext\.tool$}) {
-        $thisfn='/adm/wrapper'.$thisfn;
     }
     return $thisfn;
 }
@@ -15892,7 +14954,6 @@ prevents recursive calls to &allowed.
  2: browse allowed
  A: passphrase authentication needed
  B: access temporarily blocked because of a blocking event in a course.
- D: access blocked because access is required via session initiated via deep-link
 
 =item *
 
@@ -16185,6 +15246,10 @@ data base, returning a hash that is keye
 values that are the resource value.  I believe that the timestamps and
 versions are also returned.
 
+get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's
+supplemental content area. This routine caches the number of files for
+10 minutes.
+
 =back
 
 =head2 Course Modification
@@ -16352,14 +15417,10 @@ condval($condidx) : value of condition i
 
 =item *
 
-metadata($uri,$what,$toolsymb,$liburi,$prefix,$depthcount) : request a
+metadata($uri,$what,$liburi,$prefix,$depthcount) : request a
 resource's metadata, $what should be either a specific key, or either
 'keys' (to get a list of possible keys) or 'packages' to get a list of
-packages that this resource currently uses, the last 3 arguments are
-only used internally for recursive metadata.
-
-the toolsymb is only used where the uri is for an external tool (for which
-the uri as well as the symb are guaranteed to be unique).
+packages that this resource currently uses, the last 3 arguments are only used internally for recursive metadata.
 
 this function automatically caches all requests