Return to lonroles.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonroles.pm between versions 1.20 and 1.200

-version 1.20, 2001/01/15 15:59:52
+version 1.200, 2008/07/08 20:16:16
  Line 1
  # The LearningOnline Network with CAPA
  # User Roles Screen
- # (Directory Indexer
- # (Login Screen
- # 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14 Gerd Kortemeyer)
- # 11/23 Gerd Kortemeyer)
- # 1/14,03/06,06/01,07/22,07/24,07/25,
- # 09/04,09/06,09/28,09/29,09/30,10/2,10/5,10/26,10/28,
- # 12/08,12/28,
- # 01/15/01 Gerd Kortemeyer
  #
+ # $Id$
+ #
+ # Copyright Michigan State University Board of Trustees
+ #
+ # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
+ #
+ # LON-CAPA is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation; either version 2 of the License, or
+ # (at your option) any later version.
+ #
+ # LON-CAPA is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ # GNU General Public License for more details.
+ #
+ # You should have received a copy of the GNU General Public License
+ # along with LON-CAPA; if not, write to the Free Software
+ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ #
+ # /home/httpd/html/adm/gpl.txt
+ #
+ # http://www.lon-capa.org/
+ #
+ ###
  package Apache::lonroles;
  use strict;
- use Apache::lonnet();
+ use Apache::lonnet;
  use Apache::lonuserstate();
  use Apache::Constants qw(:common);
  use Apache::File();
+ use Apache::lonmenu;
+ use Apache::loncommon;
+ use Apache::lonhtmlcommon;
+ use Apache::lonannounce;
+ use Apache::lonlocal;
+ use Apache::lonpageflip();
+ use Apache::lonnavdisplay();
+ use GDBM_File;
+ use LONCAPA qw(:DEFAULT :match);
+ sub redirect_user {
+     my ($r,$title,$url,$msg,$launch_nav) = @_;
+     $msg = $title if (! defined($msg));
+     &Apache::loncommon::content_type($r,'text/html');
+     &Apache::loncommon::no_cache($r);
+     $r->send_http_header;
+     my $swinfo=&Apache::lonmenu::rawconfig();
+     my $navwindow;
+     if ($launch_nav eq 'on') {
+ 	$navwindow.=&Apache::lonnavdisplay::launch_win('now',undef,undef,
+ 						       ($url =~ m-^/adm/whatsnew-));
+     } else {
+ 	$navwindow.=&Apache::lonnavmaps::close();
+     }
+     my $start_page = &Apache::loncommon::start_page('Switching Role',undef,
+ 						    {'redirect' => [1,$url],});
+     my $end_page   = &Apache::loncommon::end_page();
+ # Note to style police:
+ # This must only replace the spaces, nothing else, or it bombs elsewhere.
+     $url=~s/ /\%20/g;
+     $r->print(<<ENDREDIR);
+ $start_page
+ <script type="text/javascript">
+ $swinfo
+ </script>
+ $navwindow
+ <h1>$msg</h1>
+ $end_page
+ ENDREDIR
+     return;
+ }
+ sub error_page {
+     my ($r,$error,$dest)=@_;
+     &Apache::loncommon::content_type($r,'text/html');
+     &Apache::loncommon::no_cache($r);
+     $r->send_http_header;
+     return OK if $r->header_only;
+     $r->print(&Apache::loncommon::start_page('Problems during Course Initialization').
+ 	      '<script type="text/javascript">'.
+ 	      &Apache::lonmenu::rawconfig().'</script>'.
+ 	      '<p>'.&mt('The following problems occurred:').
+ 	      $error.
+ 	      '</p><br /><a href="'.$dest.'">'.&mt('Continue').'</a>'.
+ 	      &Apache::loncommon::end_page());
+ }
  sub handler {
      my $r = shift;
      my $now=time;
-     my $then=$ENV{'user.login.time'};
+     my $then=$env{'user.login.time'};
      my $envkey;
+     my %dcroles = ();
+     my $numdc = &check_fordc(\%dcroles,$then);
+     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'});
  # ================================================================== Roles Init
+     if ($env{'form.selectrole'}) {
-     if ($ENV{'form.selectrole'}) {
+         my $locknum=&Apache::lonnet::get_locks();
-        &Apache::lonnet::appenv("request.course.id"  => '',
+         if ($locknum) { return 409; }
-                                "request.course.fn"  => '',
-                                "request.course.uri" => '',
+         if ($env{'form.newrole'}) {
-                                "request.course.sec" => '',
+             $env{'form.'.$env{'form.newrole'}}=1;
-                                "request.role" => 'cm');
+ 	}
-         foreach $envkey (keys %ENV) {
+ 	if ($env{'request.course.id'}) {
-          if ($envkey=~/^user\.role\./) {
+             # Check if user is CC trying to select a course role
- 	    my ($dum1,$dum2,$role,@pwhere)=split(/\./,$envkey);
+             if ($env{'form.switchrole'}) {
-             my $where=join('.',@pwhere);
+                 if (!defined($env{'user.role.'.$env{'form.switchrole'}})) {
-             my $trolecode=$role.'.'.$where;
+                     &adhoc_course_role($then);
-             if ($ENV{'form.'.$trolecode}) {
+                 }
-                my ($tstart,$tend)=split(/\./,$ENV{$envkey});
+             }
-                my $tstatus='is';
+ 	    my %temp=('logout_'.$env{'request.course.id'} => time);
-                if ($tstart) {
+ 	    &Apache::lonnet::put('email_status',\%temp);
-       		  if ($tstart>$then) {
+ 	    &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});
-                      $tstatus='future';
+ 	}
-                   }
+ 	&Apache::lonnet::appenv({"request.course.id"   => '',
-                }
+ 			 	 "request.course.fn"   => '',
-                if ($tend) {
+ 				 "request.course.uri"  => '',
-                   if ($tend<$then) { $tstatus='expired'; }
+ 				 "request.course.sec"  => '',
-                   if ($tend<$now) { $tstatus='will_not'; }
+ 				 "request.role"        => 'cm',
-                }
+                                  "request.role.adv"    => $env{'user.adv'},
-                if ($tstatus eq 'is') {
+ 				 "request.role.domain" => $env{'user.domain'}});
-                    $where=~s/^\///;
+ # Check if user is a DC trying to enter a course or author space and needs privs to be created
-                    my ($cdom,$cnum,$csec)=split(/\//,$where);
+         if ($numdc > 0) {
-                    &Apache::lonnet::appenv('request.role' => $trolecode,
+             foreach my $envkey (keys %env) {
-                                            'request.course.sec' => $csec);
+ # Is this an ad-hoc CC-role?
-                    if ($cnum) {
+                 if (my ($domain,$coursenum) =
- 		      my ($furl,$ferr)=
+ 		    ($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) {
- 			  &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
+                     if ($dcroles{$domain}) {
-                       if (($ENV{'form.orgurl'}) &&
+                         &check_privs($domain,$coursenum,$then,$now,'cc');
-                           ($ENV{'form.orgurl'}!~/^\/adm\/flip/)) {
+                     }
-                          $r->internal_redirect($ENV{'form.orgurl'});
+                     last;
-                          return OK;
+                 }
- 		     } else {
+ # Is this an ad-hoc CA-role?
- 	                 $r->content_type('text/html');
+                 if (my ($domain,$user) =
-                          $r->send_http_header;
+ 		    ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
-                          print (<<ENDREDIR);
+                    # Check if author blocked ca-access
- <head><title>Entering Course</title>
+                     my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
- <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$furl">
+                     if ($blocked{'domcoord.author'} eq 'blocked') {
- </head>
+                        delete($env{$envkey});
- <html>
+                        $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
- <body bgcolor="#FFFFFF">
+                        last;
- Entering course ...
+                     }
- </body>
+                     if ($dcroles{$domain}) {
- </html>
+                         my ($server_status,$home) = &check_author_homeserver($user,$domain);
- ENDREDIR
+                         if (($server_status eq 'ok') || ($server_status eq 'switchserver')) {
-                             return OK;
+                             &check_privs($domain,$user,$then,$now,'ca');
-                      }
+                             if ($server_status eq 'switchserver') {
-                    }
+                                 my $trolecode = 'ca./'.$domain.'/'.$user;
-                }
+                                 my $switchserver = '/adm/switchserver?'
-             }
+                                                   .'otherserver='.$home.'&role='.$trolecode;
- 	  }
+                                 $r->internal_redirect($switchserver);
+                             }
+                         } else {
+                             delete($env{$envkey});
+                         }
+                     } else {
+                         delete($env{$envkey});
+                     }
+                     last;
+                 }
+             }
          }
-    }
+         foreach $envkey (keys %env) {
+             next if ($envkey!~/^user\.role\./);
+             my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
+             &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
+             if ($env{'form.'.$trolecode}) {
+ 		if ($tstatus eq 'is') {
+ 		    $where=~s/^\///;
+ 		    my ($cdom,$cnum,$csec)=split(/\//,$where);
+ # check for course groups
+                     my %coursegroups = &Apache::lonnet::get_active_groups(
+                           $env{'user.domain'},$env{'user.name'},$cdom, $cnum);
+                     my $cgrps = join(':',keys(%coursegroups));
+ # store role if recent_role list being kept
+                     if ($env{'environment.recentroles'}) {
+                         my %frozen_roles =
+                            &Apache::lonhtmlcommon::get_recent_frozen('roles',$env{'environment.recentrolesn'});
+ 			&Apache::lonhtmlcommon::store_recent('roles',
+ 							     $trolecode,' ',$frozen_roles{$trolecode});
+                     }
+ # check for keyed access
+ 		    if (($role eq 'st') &&
+                        ($env{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) {
+ # who is key authority?
+ 			my $authdom=$cdom;
+ 			my $authnum=$cnum;
+ 			if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) {
+ 			    ($authnum,$authdom)=
+ 				split(/:/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'});
+ 			}
+ # check with key authority
+ 			unless (&Apache::lonnet::validate_access_key(
+ 				     $env{'environment.key.'.$cdom.'_'.$cnum},
+ 					     $authdom,$authnum)) {
+ # there is no valid key
+ 			     if ($env{'form.newkey'}) {
+ # student attempts to register a new key
+ 				 &Apache::loncommon::content_type($r,'text/html');
+ 				 &Apache::loncommon::no_cache($r);
+ 				 $r->send_http_header;
+ 				 my $swinfo=&Apache::lonmenu::rawconfig();
+ 				 my $start_page=&Apache::loncommon::start_page
+ 				    ('Verifying Access Key to Unlock this Course');
+ 				 my $end_page=&Apache::loncommon::end_page();
+ 				 my $buttontext=&mt('Enter Course');
+ 				 my $message=&mt('Successfully registered key');
+ 				 my $assignresult=
+ 				     &Apache::lonnet::assign_access_key(
+ 						     $env{'form.newkey'},
+ 						     $authdom,$authnum,
+ 						     $cdom,$cnum,
+                                                      $env{'user.domain'},
+ 						     $env{'user.name'},
+ 	      'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '.
+                                                      $trolecode);
+ 				 unless ($assignresult eq 'ok') {
+ 				     $assignresult=~s/^error\:\s*//;
+ 				     $message=&mt($assignresult).
+ 				     '<br /><a href="/adm/logout">'.
+ 				     &mt('Logout').'</a>';
+ 				     $buttontext=&mt('Re-Enter Key');
+ 				 }
+ 				 $r->print(<<ENDENTEREDKEY);
+ $start_page
+ <script type="text/javascript">
+ $swinfo
+ </script>
+ <form method="post">
+ <input type="hidden" name="selectrole" value="1" />
+ <input type="hidden" name="$trolecode" value="1" />
+ <font size="+2">$message</font><br />
+ <input type="submit" value="$buttontext" />
+ </form>
+ $end_page
+ ENDENTEREDKEY
+                                  return OK;
+ 			     } else {
+ # print form to enter a new key
+ 				 &Apache::loncommon::content_type($r,'text/html');
+ 				 &Apache::loncommon::no_cache($r);
+ 				 $r->send_http_header;
+ 				 my $swinfo=&Apache::lonmenu::rawconfig();
+ 				 my $start_page=&Apache::loncommon::start_page
+ 				    ('Enter Access Key to Unlock this Course');
+ 				 my $end_page=&Apache::loncommon::end_page();
+ 				 $r->print(<<ENDENTERKEY);
+ $start_page
+ <script type="text/javascript">
+ $swinfo
+ </script>
+ <form method="post">
+ <input type="hidden" name="selectrole" value="1" />
+ <input type="hidden" name="$trolecode" value="1" />
+ <input type="text" size="20" name="newkey" value="$env{'form.newkey'}" />
+ <input type="submit" value="Enter key" />
+ </form>
+ $end_page
+ ENDENTERKEY
+ 				 return OK;
+ 			     }
+ 			 }
+ 		     }
+ 		    &Apache::lonnet::log($env{'user.domain'},
+ 					 $env{'user.name'},
+ 					 $env{'user.home'},
+ 					 "Role ".$trolecode);
+ 		    &Apache::lonnet::appenv(
+ 					   {'request.role'        => $trolecode,
+ 					    'request.role.domain' => $cdom,
+ 					    'request.course.sec'  => $csec,
+                                             'request.course.groups' => $cgrps});
+                     my $tadv=0;
+ 		    if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
+                         my $msg;
+ 			my ($furl,$ferr)=
+ 			    &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
+ 			if (($env{'form.orgurl'}) &&
+ 			    ($env{'form.orgurl'}!~/^\/adm\/flip/)) {
+ 			    my $dest=$env{'form.orgurl'};
+ 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
+ 			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
+                             if (($ferr) && ($tadv)) {
+ 				&error_page($r,$ferr,$dest);
+ 			    } else {
+ 				$r->internal_redirect($dest);
+ 			    }
+ 			    return OK;
+ 			} else {
+ 			    if (!$env{'request.course.id'}) {
+ 				&Apache::lonnet::appenv(
+ 				      {"request.course.id"  => $cdom.'_'.$cnum});
+ 				$furl='/adm/roles?tryagain=1';
+ 				$msg=
+ 				    '<h1><span class="LC_error">'.
+ 				    &mt('Could not initialize [_1] at this time.',
+ 					$env{'course.'.$cdom.'_'.$cnum.'.description'}).
+ 				    '</span></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr;
+ 			    }
+ 			    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
+ 			    &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
+ 			    if (($ferr) && ($tadv)) {
+ 				&error_page($r,$ferr,$furl);
+ 			    } else {
+ 				# Check to see if the user is a CC entering a course
+ 				# for the first time
+ 				my (undef, undef, $role, $courseid) = split(/\./, $envkey);
+ 				if (substr($courseid, 0, 1) eq '/') {
+ 				    $courseid = substr($courseid, 1);
+ 				}
+ 				$courseid =~ s/\//_/;
+ 				if ($role eq 'cc' && $env{'course.' . $courseid .
+ 							      '.course.helper.not.run'}) {
+ 				    $furl = "/adm/helper/course.initialization.helper";
+ 				    # Send the user to the course they selected
+ 				} elsif ($env{'request.course.id'}) {
+                                     if ($env{'form.destinationurl'}) {
+                                         my $dest = $env{'form.destinationurl'};
+                                         &redirect_user($r,&mt('Entering [_1]',
+                                                       $env{'course.'.$courseid.'.description'}),
+                                                $dest,$msg,
+                                                $env{'environment.remotenavmap'});
+                                         return OK;
+                                     }
+ 				    if (&Apache::lonnet::allowed('whn',
+ 								 $env{'request.course.id'})
+ 					|| &Apache::lonnet::allowed('whn',
+ 								    $env{'request.course.id'}.'/'
+ 								    .$env{'request.course.sec'})
+ 					) {
+ 					my $startpage = &courseloadpage($courseid);
+ 					unless ($startpage eq 'firstres') {
+ 					    $msg = &mt('Entering [_1] ....',
+ 						       $env{'course.'.$courseid.'.description'});
+ 					    &redirect_user($r,&mt('New in course'),
+ 							   '/adm/whatsnew?refpage=start',$msg,
+ 							   $env{'environment.remotenavmap'});
+ 					    return OK;
+ 					}
+ 				    }
+ 				}
+ # Are we allowed to look at the first resource?
+ 				if ($furl !~ m|^/adm/|) {
+ # Guess not ...
+ 				    $furl=&Apache::lonpageflip::first_accessible_resource();
+ 				}
+                                 $msg = &mt('Entering [_1] ...',
+ 					   $env{'course.'.$courseid.'.description'});
+ 				&redirect_user($r,&mt('Entering [_1]',
+ 						      $env{'course.'.$courseid.'.description'}),
+ 					       $furl,$msg,
+ 					       $env{'environment.remotenavmap'});
+ 			    }
+ 			    return OK;
+ 			}
+ 		    }
+                     #
+                     # Send the user to the construction space they selected
+                     if ($role =~ /^(au|ca|aa)$/) {
+                         my $redirect_url = '/priv/';
+                         if ($role eq 'au') {
+                             $redirect_url.=$env{'user.name'};
+                         } else {
+                             $where =~ /\/(.*)$/;
+                             $redirect_url .= $1;
+                         }
+                         $redirect_url .= '/';
+                         &redirect_user($r,&mt('Entering Construction Space'),
+                                        $redirect_url);
+                         return OK;
+                     }
+                     if ($role eq 'dc') {
+                         my $redirect_url = '/adm/menu/';
+                         &redirect_user($r,&mt('Loading Domain Coordinator Menu'),
+                                        $redirect_url);
+                         return OK;
+                     }
+ 		}
+             }
+         }
+     }
  # =============================================================== No Roles Init
-     $r->content_type('text/html');
+     &Apache::loncommon::content_type($r,'text/html');
+     &Apache::loncommon::no_cache($r);
      $r->send_http_header;
      return OK if $r->header_only;
+     my $swinfo=&Apache::lonmenu::rawconfig();
+     my $start_page=&Apache::loncommon::start_page('User Roles');
+     my $standby=&mt('Role selected. Please stand by.');
+     $standby=~s/\n/\\n/g;
+     my $noscript='<span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will be unavailable.').'</span><br />';
      $r->print(<<ENDHEADER);
- <html>
+ $start_page
- <head>
+ <br />
- <title>LON-CAPA User Roles</title>
+ <noscript>
- </head><body bgcolor="#FFFFFF">
+ $noscript
+ </noscript>
+ <script type="text/javascript">
+ $swinfo
+ window.focus();
+ active=true;
+ function enterrole (thisform,rolecode,buttonname) {
+     if (active) {
+ 	active=false;
+         document.title='$standby';
+         window.status='$standby';
+ 	thisform.newrole.value=rolecode;
+ 	thisform.submit();
+     } else {
+        alert('$standby');
+     }
+ }
+ </script>
  ENDHEADER
  # ------------------------------------------ Get Error Message from Environment
-     my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$ENV{'user.error.msg'});
+     my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$env{'user.error.msg'});
-     if ($ENV{'user.error.msg'}) {
+     if ($env{'user.error.msg'}) {
-        $r->log_reason(
+ 	$r->log_reason(
-      "$msg for $ENV{'user.name'} domain $ENV{'user.domain'} access $priv",$fn);
+    "$msg for $env{'user.name'} domain $env{'user.domain'} access $priv",$fn);
      }
- # ---------------------------------------------------------------- Who is this?
+ # ------------------------------------------------- Can this user re-init, etc?
-     my $advanced=0;
+     my $advanced=$env{'user.adv'};
-     foreach $envkey (keys %ENV) {
+     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']);
-         if ($envkey=~/^user\.role\./) {
+     my $tryagain=$env{'form.tryagain'};
- 	    my ($dum1,$dum2,$role,@pwhere)=split(/\./,$envkey);
-             if ($role ne 'st') { $advanced=1; }
-         }
-     }
  # -------------------------------------------------------- Generate Page Output
  # --------------------------------------------------------------- Error Header?
      if ($error) {
- 	$r->print("<h1>LON-CAPA Access Control</h1>");
+         $r->print("<h1>".&mt('LON-CAPA Access Control')."</h1>");
-         $r->print("<hr><pre>Access  : ".
+ 	$r->print("<!-- LONCAPAACCESSCONTROLERRORSCREEN --><hr /><pre>");
-                   Apache::lonnet::plaintext($priv)."\n");
+ 	if ($priv ne '') {
-         $r->print("Resource: $fn\n");
+             $r->print(&mt('Access  : ').&Apache::lonnet::plaintext($priv)."\n");
-         $r->print("Action  : $msg\n</pre><hr>");
+ 	}
+ 	if ($fn ne '') {
+             $r->print(&mt('Resource: ').&Apache::lonenc::check_encrypt($fn)."\n");
+ 	}
+ 	if ($msg ne '') {
+             $r->print(&mt('Action  : ').$msg."\n");
+ 	}
+ 	$r->print("</pre><hr />");
+ 	my $url=$fn;
+ 	my $last;
+ 	if (tie(my %hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
+ 		&GDBM_READER(),0640)) {
+ 	    $last=$hash{'last_known'};
+ 	    untie(%hash);
+ 	}
+ 	if ($last) { $fn.='?symb='.&escape($last); }
+ 	&Apache::londocs::changewarning($r,undef,'You have modified your course recently, [_1] may fix this access problem.',
+ 					&Apache::lonenc::check_encrypt($fn));
      } else {
-         $r->print("<h1>LON-CAPA User Roles</h1>");
+         if ($env{'user.error.msg'}) {
+ 	    $r->print(
+  '<h3><span class="LC_error">'.
+  &mt('You need to choose another user role or enter a specific course for this function').'</span></h3>');
+ 	}
      }
  # -------------------------------------------------------- Choice or no choice?
      if ($nochoose) {
-         if ($advanced) {
+ 	$r->print("<h2>".&mt('Sorry ...')."</h2>\n<span class='LC_error'>".
- 	   $r->print("<h2>Assigned User Roles</h2>\n");
+ 		  &mt('This action is currently not authorized.').'</span>'.
-         } else {
+ 		  &Apache::loncommon::end_page());
-            $r->print("<h2>Sorry ...</h2>\nThis resource might be part of");
+ 	return OK;
-            if ($ENV{'request.course.id'}) {
- 	       $r->print(' another');
-            } else {
-                $r->print(' a certain');
-            }
-            $r->print(' course.</body></html>');
-            return OK;
-         }
      } else {
-         if ($advanced) {
-            $r->print("<h2>Select a User Role</h2>\n");
-         } else {
- 	   $r->print("<h2>Enter a Course</h2>\n");
-         }
          if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) {
      	    $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'};
          }
-         $r->print('<form method=post action="'.(($fn)?$fn:$r->uri).'">');
+         $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">');
-         $r->print('<input type=hidden name=orgurl value="'.$fn.'">');
+         $r->print('<input type="hidden" name="orgurl" value="'.$fn.'" />');
-         $r->print('<input type=hidden name=selectrole value=1>');
+         $r->print('<input type="hidden" name="selectrole" value="1" />');
+         $r->print('<input type="hidden" name="newrole" value="" />');
      }
- # ----------------------------------------------------------------------- Table
+     my (%roletext,%sortrole,%roleclass);
-     $r->print('<table><tr>');
+     my $countactive=0;
-     unless ($nochoose) { $r->print('<th>&nbsp;</th>'); }
+     my $countfuture=0;
-        $r->print('<th>User Role</th><th colspan=2>Extent</th>'.
+     my $countwill=0;
-                  '<th>Start</th><th>End</th><th>Remark</th></tr>'."\n");
+     my $inrole=0;
+     my $possiblerole='';
-     foreach $envkey (sort keys %ENV) {
+     my %futureroles;
+     my %roles_nextlogin;
+     foreach $envkey (sort keys %env) {
+         my $button = 1;
+         my $switchserver='';
+ 	my $roletext;
+ 	my $sortkey;
          if ($envkey=~/^user\.role\./) {
- 	    my ($dum1,$dum2,$role,@pwhere)=split(/\./,$envkey);
+             my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
-             my $where=join('.',@pwhere);
+             &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
-             my $trolecode=$role.'.'.$where;
+             next if (!defined($role) || $role eq '' || $role =~ /^gr/);
-             my ($tstart,$tend)=split(/\./,$ENV{$envkey});
+             $tremark='';
-             my $tremark='';
+             $tpstart='&nbsp;';
-             my $tstatus='is';
+             $tpend='&nbsp;';
-             my $tpstart='&nbsp;';
+             $tfont='#000000';
-             my $tpend='&nbsp;';
              if ($tstart) {
- 		if ($tstart>$then) {
+                 $tpstart=&Apache::lonlocal::locallocaltime($tstart);
-                    $tstatus='future';
-                    if ($tstart<$now) { $tstatus='will'; }
-                 }
-                 $tpstart=localtime($tstart);
              }
              if ($tend) {
-                 if ($tend<$then) { $tstatus='expired'; }
+                 $tpend=&Apache::lonlocal::locallocaltime($tend);
-                 if ($tend<$now) { $tstatus='will_not'; }
-                 $tpend=localtime($tend);
              }
-             if ($ENV{'request.role'} eq $trolecode) {
+             if ($env{'request.role'} eq $trolecode) {
  		$tstatus='selected';
              }
              my $tbg;
-             if ($tstatus eq 'is') {
+             if (($tstatus eq 'is')
- 		$tbg='#77FF77';
+ 		|| ($tstatus eq 'selected')
-             } elsif ($tstatus eq 'future') {
+ 		|| ($tstatus eq 'will')
-                 $tbg='#FFFF77';
+ 		|| ($tstatus eq 'future')
-             } elsif ($tstatus eq 'will') {
+                 || ($env{'form.showall'})) {
-                 $tbg='#FFAA77';
+                 if ($tstatus eq 'is') {
-                 $tremark.='Active at next login. ';
+                     $tbg='#77FF77';
-             } elsif ($tstatus eq 'expired') {
+                     $tfont='#003300';
-                 $tbg='#FF7777';
+ 		    $possiblerole=$trolecode;
- 	    } elsif ($tstatus eq 'will_not') {
+ 		    $countactive++;
-                 $tbg='#AAFF77';
+                 } elsif ($tstatus eq 'future') {
-                 $tremark.='Expired after logout. ';
+                     $tbg='#FFFF77';
-             } elsif ($tstatus eq 'selected') {
+                     $button=0;
-                 $tbg='#11CC55';
+                     $futureroles{$trolecode} = $tstart.':'.$tend;
-                 $tremark.='Currently selected. ';
+                     $countfuture ++;
-             }
+                 } elsif ($tstatus eq 'will') {
-             my $trole;
+                     $tbg='#FFAA77';
-             if ($role =~ /^cr\//) {
+                     $tremark.=&mt('Active at next login. ');
- 	       my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
+                     $roles_nextlogin{$trolecode} = $tstart.':'.$tend;
-                $tremark.='<br>Defined by '.$rauthor.' at '.$rdomain.'.';
+                     $countwill ++;
-                $trole=$rrole;
+                 } elsif ($tstatus eq 'expired') {
- 	    } else {
+                     $tbg='#FF7777';
-                $trole=Apache::lonnet::plaintext($role);
+                     $tfont='#330000';
-             }
+                     $button=0;
-             my $ttype;
+                 } elsif ($tstatus eq 'will_not') {
-             my $twhere;
+                     $tbg='#AAFF77';
-             my ($tdom,$trest,$tsection)=
+                     $tremark.=&mt('Expired after logout. ');
-                split(/\//,Apache::lonnet::declutter($where));
+                 } elsif ($tstatus eq 'selected') {
-             if ($trest) {
+                     $tbg='#11CC55';
- 		$ttype='Course';
+                     $tfont='#002200';
-                 if ($tsection) {
+ 		    $inrole=1;
-                    $ttype.='<br>Section/Group: '.$tsection;
+ 		    $countactive++;
-                 }
+                     $tremark.=&mt('Currently selected. ');
-                 my $tcourseid=$tdom.'_'.$trest;
+                 }
-                 if ($ENV{'course.'.$tcourseid.'.description'}) {
+                 my $trole;
- 		    $twhere=$ENV{'course.'.$tcourseid.'.description'};
+                 if ($role =~ /^cr\//) {
-                 } else {
+                     my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
-                     my %newhash=Apache::lonnet::coursedescription($tcourseid);
+ 		    if ($tremark) { $tremark.='<br />'; }
-                     if (%newhash) {
+                     $tremark.=&mt('Defined by ').$rauthor.
- 			$twhere=$newhash{'description'};
+ 			&mt(' at ').$rdomain.'.';
+ 		}
+ 		$trole=Apache::lonnet::plaintext($role);
+                 my $ttype;
+                 my $twhere;
+                 my ($tdom,$trest,$tsection)=
+                     split(/\//,Apache::lonnet::declutter($where));
+                 # First, Co-Authorship roles
+                 if (($role eq 'ca') || ($role eq 'aa')) {
+                     my $home = &Apache::lonnet::homeserver($trest,$tdom);
+ 		    my $allowed=0;
+ 		    my @ids=&Apache::lonnet::current_machine_ids();
+ 		    foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+                     if (!$allowed) {
+ 			$button=0;
+                         $switchserver='otherserver='.$home.'&role='.$trolecode;
+                     }
+                     #next if ($home eq 'no_host');
+                     $home = &Apache::lonnet::hostname($home);
+                     $ttype='Construction Space';
+                     $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain').
+ 			': '.$tdom.'<br />'.
+                         ' '.&mt('Server').':&nbsp;'.$home;
+                     $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
+ 		    $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
+ 		    $sortkey=$role."$trest:$tdom";
+                 } elsif ($role eq 'au') {
+                     # Authors
+                     my $home = &Apache::lonnet::homeserver
+                         ($env{'user.name'},$env{'user.domain'});
+ 		    my $allowed=0;
+ 		    my @ids=&Apache::lonnet::current_machine_ids();
+ 		    foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+                     if (!$allowed) {
+ 			$button=0;
+                         $switchserver='otherserver='.$home.'&role='.$trolecode;
+                     }
+                     #next if ($home eq 'no_host');
+                     $home = &Apache::lonnet::hostname($home);
+                     $ttype='Construction Space';
+                     $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server').
+ 			':&nbsp;'.$home;
+                     $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
+ 		    $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$env{'user.name'}.'/');
+ 		    $sortkey=$role;
+                 } elsif ($trest) {
+                     my $tcourseid=$tdom.'_'.$trest;
+                     $ttype = &Apache::loncommon::course_type($tcourseid);
+                     $trole = &Apache::lonnet::plaintext($role,$ttype);
+                     if ($env{'course.'.$tcourseid.'.description'}) {
+                         $twhere=$env{'course.'.$tcourseid.'.description'};
+ 			$sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
+                         unless ($twhere eq &mt('Currently not available')) {
+ 			    $twhere.=' <font size="-2">'.
+         &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
+                                     '</font>';
+ 			}
                      } else {
-                         $twhere='Currently not available';
+                         my %newhash=&Apache::lonnet::coursedescription($tcourseid);
-                         $ENV{'course.'.$tcourseid.'.description'}=$twhere;
+                         if (%newhash) {
+ 			    $sortkey=$role."\0".$tdom."\0".$newhash{'description'}.
+ 				"\0".$envkey;
+                             $twhere=$newhash{'description'}.
+                               ' <font size="-2">'.
+         &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
+                               '</font>';
+                             $ttype = $newhash{'type'};
+                             $trole = &Apache::lonnet::plaintext($role,$ttype);
+                         } else {
+                             $twhere=&mt('Currently not available');
+                             $env{'course.'.$tcourseid.'.description'}=$twhere;
+ 			    $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
+                             $ttype = 'Unavailable';
+                         }
                      }
-                 }
+                     if ($tsection) {
-             } elsif ($tdom) {
+                         $twhere.='<br />'.&mt('Section').': '.$tsection;
-                 $ttype='Domain';
+ 		    }
-                 $twhere=$tdom;
+ 		    if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; }
-             } else {
+                 } elsif ($tdom) {
-                 $ttype='System';
+                     $ttype='Domain';
-                 $twhere='system wide';
+                     $twhere=$tdom;
-             }
+ 		    $sortkey=$role.$twhere;
-             $r->print('<tr bgcolor='.$tbg.'>');
-             unless ($nochoose) {
- 		if ($tstatus eq 'is') {
-                     $r->print('<td><input type=submit value=Select name="'.
-                               $trolecode.'"></td>');
                  } else {
-                     $r->print('<td>&nbsp;</td>');
+                     $ttype='System';
+                     $twhere=&mt('system wide');
+ 		    $sortkey=$role.$twhere;
                  }
+                 $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver);
+ 		$roletext{$envkey}=$roletext;
+ 		if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
+ 		$sortrole{$sortkey}=$envkey;
+ 		$roleclass{$envkey}=$ttype;
+ 	    }
+         }
+     }
+     if ($env{'user.adv'}) {
+         $r->print(
+               '<br /><span class="LC_rolesinfo"><label>'.&mt('Show all roles').': <input type="checkbox" name="showall"');
+         if ($env{'form.showall'}) { $r->print(' checked="checked" '); }
+         $r->print(' /></label><input type="submit" value="'.&mt('Display').'" /></span>');
+     } else {
+         if ($countactive > 0) {
+             my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
+             $r->print('<p>'.&mt('[_1]Visit the [_2]Course Catalog[_3] to view all [_4] LON-CAPA courses.','<b>','<a href="/adm/coursecatalog">','</a></b>',$domdesc).'<br />'.&mt('If a course is [_1]not[_2] in your list of current courses below, you may be able to enroll if self-enrollment is permitted.','<b>','</b>').'</p>');
+         }
+     }
+ # No active roles
+     if ($countactive==0) {
+ 	if ($inrole) {
+ 	    $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>');
+ 	} else {
+ 	    $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>');
+ 	}
+         &findcourse_advice($r);
+ 	$r->print('</form>');
+         if ($countfuture) {
+             $r->print(&mt('The following [quant,_1,role,roles] will become active in the future:',$countfuture));
+             my $doheaders = &roletable_headers($r,\%roleclass,\%sortrole,
+                                                $nochoose);
+             &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,
+                             \%roletext);
+             my $tremark='';
+             my $tfont='#003300';
+             if ($env{'request.role'} eq 'cm') {
+                 $r->print('<tr bgcolor="#11CC55">');
+                 $tremark=&mt('Currently selected. ');
+                 $tfont='#002200';
+             } else {
+                 $r->print('<tr bgcolor="#77FF77">');
              }
-             $r->print('<td>'.$trole.'</td><td>'.
+             $r->print('<td></td><td colspan="3"><font color="'.$tfont.'"><span class="LC_rolesinfo">'.&mt('No role specified').
- 		      $ttype.'</td><td>'.$twhere.'</td><td>'.$tpstart.
+                       '</span></font></td><td><font color="'.$tfont.'">'.$tremark.
-                       '</td><td>'.$tpend.
+                       '&nbsp;</font></td></tr>'."\n");
-                       '</td><td>'.$tremark.'&nbsp;</td></tr>'."\n");
+             $r->print('</table>');
          }
+         $r->print(&Apache::loncommon::end_page());
+ 	return OK;
+ # Is there only one choice?
+     } elsif (($countactive==1) && ($env{'request.role'} eq 'cm')) {
+ 	$r->print('<h3>'.&mt('Please stand by.').'</h3>'.
+ 	    '<input type="hidden" name="'.$possiblerole.'" value="1" />'.
+             '<noscript><br /><input type="submit" name="submit" value="'.&mt('Continue').'" /></noscript>');
+ 	$r->print("</form>\n");
+ 	$r->rflush();
+ 	$r->print('<script type="text/javascript">document.forms.rolechoice.submit();</script>');
+ 	$r->print(&Apache::loncommon::end_page());
+ 	return OK;
      }
+ # More than one possible role
+ # ----------------------------------------------------------------------- Table
+     unless ((!&Apache::lonmenu::show_course()) || ($nochoose)) {
+ 	$r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
+     }
+     my $doheaders = &roletable_headers($r,\%roleclass,\%sortrole,$nochoose);
+     if ($env{'environment.recentroles'}) {
+         my %recent_roles =
+                &Apache::lonhtmlcommon::get_recent('roles',$env{'environment.recentrolesn'});
+ 	my $output='';
+ 	foreach (sort(keys(%recent_roles))) {
+ 	    if (defined($roletext{'user.role.'.$_})) {
+ 		$output.=$roletext{'user.role.'.$_};
+                 if ($_ =~ m-dc\./($match_domain)/-
+ 		    && $dcroles{$1}) {
+ 		    $output .= &adhoc_roles_row($1,'recent');
+                 }
+ 	    } elsif ($numdc > 0) {
+                 unless ($_ =~/^error\:/) {
+                     $output.=&display_cc_role('user.role.'.$_);
+                 }
+             }
+ 	}
+ 	if ($output) {
+ 	    $r->print("<tr><td align='center' colspan='5'><font face='arial'>".
+ 		      &mt('Recent Roles')."</font></td></tr>");
+ 	    $r->print($output);
+             $doheaders ++;
+ 	}
+     }
+     if ($numdc > 0) {
+         $r->print(&coursepick_jscript());
+         $r->print(&Apache::loncommon::coursebrowser_javascript().
+                   &Apache::loncommon::authorbrowser_javascript());
+     }
+     &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext);
      my $tremark='';
-     if ($ENV{'request.role'} eq 'cm') {
+     my $tfont='#003300';
+     if ($env{'request.role'} eq 'cm') {
  	$r->print('<tr bgcolor="#11CC55">');
-         $tremark='Currently selected.';
+         $tremark=&mt('Currently selected. ');
+         $tfont='#002200';
      } else {
          $r->print('<tr bgcolor="#77FF77">');
      }
      unless ($nochoose) {
-        if ($ENV{'request.role'} ne 'cm') {
+ 	if ($env{'request.role'} ne 'cm') {
-           $r->print('<td><input type=submit value=Select name="cm"></td>');
+ 	    $r->print('<td><input type="submit" value="'.
-        } else {
+ 		      &mt('Select').'" name="cm" /></td>');
-           $r->print('<td>&nbsp;</td>');
+ 	} else {
-        }
+ 	    $r->print('<td>&nbsp;</td>');
+ 	}
      }
-     $r->print('<td colspan=5>No role specified'.
+     $r->print('<td colspan="3"><font color="'.$tfont.'"><span class="LC_rolesinfo">'.&mt('No role specified').
-                       '</td><td>'.$tremark.'&nbsp;</td></tr>'."\n");
+       '</span></font></td><td><font color="'.$tfont.'">'.$tremark.
+       '&nbsp;</font></td></tr>'."\n");
      $r->print('</table>');
      unless ($nochoose) {
  	$r->print("</form>\n");
      }
- # ------------------------------------------------------------ Priviledges Info
+ # ------------------------------------------------------------ Privileges Info
-   if ($advanced) {
+     if (($advanced) && (($env{'user.error.msg'}) || ($error))) {
-     $r->print('<hr><h2>Current Priviledges</h2>');
+ 	$r->print('<hr /><h2>Current Privileges</h2>');
+ 	$r->print(&privileges_info());
-     foreach $envkey (sort keys %ENV) {
+     }
-         if ($envkey=~/^user\.priv\.$ENV{'request.role'}\./) {
+     $r->print(&Apache::lonnet::getannounce());
-             my $where=$envkey;
+     if ($advanced) {
-             $where=~s/^user\.priv\.$ENV{'request.role'}\.//;
+ 	$r->print('<p><small><i>'
-             my $ttype;
+                  .&mt('This is LON-CAPA [_1]',$r->dir_config('lonVersion'))
+ 		 .'</i><br />'
+ 		 .'<a href="/adm/logout">'.&mt('Logout').'</a>&nbsp;&nbsp;'
+                  .'<a href="/adm/coursecatalog">'.&mt('Course Catalog')
+                  .'</small></p>');
+     }
+     $r->print(&Apache::loncommon::end_page());
+     return OK;
+ }
+ sub roletable_headers {
+     my ($r,$roleclass,$sortrole,$nochoose) = @_;
+     my $doheaders;
+     if ((ref($sortrole) eq 'HASH') && (ref($roleclass) eq 'HASH')) {
+         $r->print('<br /><table id="LC_rolesmenu"><tr>');
+         if (!$nochoose) { $r->print('<th>&nbsp;</th>'); }
+         $r->print('<th>'.&mt('User Role').'</th><th>'.&mt('Extent')
+                   .'</th><th>'.&mt('Start').'</th><th>'.&mt('End')
+                   .'</th></tr>'."\n");
+         $doheaders=-1;
+         my @roletypes = &roletypes();
+         foreach my $type (@roletypes) {
+             my $haverole=0;
+             foreach my $which (sort {uc($a) cmp uc($b)} (keys(%{$sortrole}))) {
+                 if ($roleclass->{$sortrole->{$which}} =~ /^\Q$type\E/) {
+                     $haverole=1;
+                 }
+             }
+             if ($haverole) { $doheaders++; }
+         }
+     }
+     return $doheaders;
+ }
+ sub roletypes {
+     my @types = ('Domain','Construction Space','Course','Unavailable','System');
+     return @types;
+ }
+ sub print_rolerows {
+     my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext) = @_;
+     if ((ref($roleclass) eq 'HASH') && (ref($sortrole) eq 'HASH')) {
+         my @types = &roletypes();
+         foreach my $type (@types) {
+             my $output;
+             foreach my $which (sort {uc($a) cmp uc($b)} (keys(%{$sortrole}))) {
+                 if ($roleclass->{$sortrole->{$which}} =~ /^\Q$type\E/) {
+                     if (ref($roletext) eq 'HASH') {
+                         $output.=$roletext->{$sortrole->{$which}};
+                         if ($sortrole->{$which} =~ m-dc\./($match_domain)/-) {
+                             if (ref($dcroles) eq 'HASH') {
+                                 if ($dcroles->{$1}) {
+                                     $output .= &adhoc_roles_row($1,'');
+                                 }
+                             }
+                         }
+                     }
+                 }
+             }
+             if ($output) {
+                 if ($doheaders > 0) {
+                     $r->print("<tr>".
+                               "<td align='center' colspan='5'><font face='arial'>".
+                               &mt($type)."</font></td></tr>");
+                 }
+                 $r->print($output);
+             }
+         }
+     }
+ }
+ sub findcourse_advice {
+     my ($r) = @_;
+     my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
+     if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) {
+         $r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
+ <ul>
+  <li>'.&mt('The course has yet to be created.').'</li>
+  <li>'.&mt('Automatic enrollment of registered students has not been enabled for the course.').'</li>
+  <li>'.&mt('You are in a section of course for which automatic enrollment in the corresponding LON-CAPA course is not active.').'</li>
+  <li>'.&mt('The start date for automated enrollment has yet to be reached.').'</li>
+  <li>'.&mt('You registered for the course recently and there is a time lag between the time you register, and the time this information becomes available for the update of LON-CAPA course rosters.').'</li>
+  </ul>');
+     } else {
+         $r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'<br />');
+     }
+     $r->print('<p>'.&mt('The [_1]Course Catalog[_2] provides information about all [_3] classes for which LON-CAPA courses have been created.','<a href="/adm/coursecatalog">','</a>',$domdesc).'<br />');
+     $r->print(&mt('You can search the course catalog for courses which permit self-enrollment, if you would like to enroll in a course.').'</p>');
+     return;
+ }
+ sub privileges_info {
+     my ($which) = @_;
+     my $output;
+     $which ||= $env{'request.role'};
+     foreach my $envkey (sort(keys(%env))) {
+ 	next if ($envkey!~/^user\.priv\.\Q$which\E\.(.*)/);
+ 	my $where=$1;
+ 	my $ttype;
+ 	my $twhere;
+ 	my (undef,$tdom,$trest,$tsec)=split(m{/},$where);
+ 	if ($trest) {
+ 	    if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') {
+ 		$ttype='Construction Space';
+ 		$twhere='User: '.$trest.', Domain: '.$tdom;
+ 	    } else {
+ 		$ttype= &Apache::loncommon::course_type($tdom.'_'.$trest);
+ 		$twhere=$env{'course.'.$tdom.'_'.$trest.'.description'};
+ 		if ($tsec) {
+ 		    my $sec_type = 'Section';
+ 		    if (exists($env{"user.role.gr.$where"})) {
+ 			$sec_type = 'Group';
+ 		    }
+ 		    $twhere.=' ('.$sec_type.': '.$tsec.')';
+ 		}
+ 	    }
+ 	} elsif ($tdom) {
+ 	    $ttype='Domain';
+ 	    $twhere=$tdom;
+ 	} else {
+ 	    $ttype='System';
+ 	    $twhere='/';
+ 	}
+ 	$output .= "\n<h3>".$ttype.': '.$twhere.'</h3>'."\n<ul>";
+ 	foreach my $priv (sort(split(/:/,$env{$envkey}))) {
+ 	    next if (!$priv);
+ 	    my ($prv,$restr)=split(/\&/,$priv);
+ 	    my $trestr='';
+ 	    if ($restr ne 'F') {
+ 		$trestr.=' ('.
+ 		    join(', ',
+ 			 map { &Apache::lonnet::plaintext($_) }
+ 			     (split('',$restr))).') ';
+ 	    }
+ 	    $output .= "\n\t".
+ 		'<li>'.&Apache::lonnet::plaintext($prv).$trestr.'</li>';
+ 	}
+ 	$output .= "\n".'</ul>';
+     }
+     return $output;
+ }
+ sub role_status {
+     my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
+     my @pwhere = ();
+     if (exists($env{$rolekey}) && $env{$rolekey} ne '') {
+         (undef,undef,$$role,@pwhere)=split(/\./,$rolekey);
+         unless (!defined($$role) || $$role eq '') {
+             $$where=join('.',@pwhere);
+             $$trolecode=$$role.'.'.$$where;
+             ($$tstart,$$tend)=split(/\./,$env{$rolekey});
+             $$tstatus='is';
+             if ($$tstart && $$tstart>$then) {
+ 		$$tstatus='future';
+ 		if ($$tstart<$now) { $$tstatus='will'; }
+             }
+             if ($$tend) {
+                 if ($$tend<$then) {
+                     $$tstatus='expired';
+                 } elsif ($$tend<$now) {
+                     $$tstatus='will_not';
+                 }
+             }
+         }
+     }
+ }
+ sub build_roletext {
+     my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_;
+     my $roletext='<tr bgcolor="'.$tbg.'" class="LC_rolesmenu_'.$tstatus.'">';
+     my $is_dc=($trolecode =~ m/^dc\./);
+     my $rowspan=($is_dc) ? ''
+                          : ' rowspan="2" ';
+     unless ($nochoose) {
+         my $buttonname=$trolecode;
+         $buttonname=~s/\W//g;
+         if (!$button) {
+             if ($switchserver) {
+                 $roletext.='<td'.$rowspan.'><span class="LC_rolesinfo"><a href="/adm/switchserver?'.
+                 $switchserver.'">'.&mt('Switch Server').'</a></span></td>';
+             } else {
+                 $roletext.=('<td'.$rowspan.'>&nbsp;</td>');
+             }
+         } elsif ($tstatus eq 'is') {
+             $roletext.='<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'.
+                         &mt('Select').'" onClick="javascript:enterrole(this.form,\''.
+                         $trolecode."','".$buttonname.'\');" /></td>';
+         } elsif ($tryagain) {
+             $roletext.=
+                 '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'.
+                 &mt('Try Selecting Again').'" onClick="javascript:enterrole(this.form,\''.
+                         $trolecode."','".$buttonname.'\');" /></td>';
+         } elsif ($advanced) {
+             $roletext.=
+                 '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'.
+                 &mt('Re-Initialize').'" onClick="javascript:enterrole(this.form,\''.
+                         $trolecode."','".$buttonname.'\');" /></td>';
+         } else {
+             $roletext.='<td'.$rowspan.'>&nbsp;</td>';
+         }
+     }
+     if ($trolecode !~ m/^(dc|ca|au|aa)\./) {
+ 	$tremark.=&Apache::lonannounce::showday(time,1,
+ 			 &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
+     }
+     $roletext.='<td><font color="'.$tfont.'">'.$trole.
+ 	       '</font></td><td><font color="'.$tfont.'">'.$twhere.
+                '</font></td><td><font color="'.$tfont.'">'.$tpstart.
+                '</font></td><td><font color="'.$tfont.'">'.$tpend.
+                '</font></td></tr>';
+     if (!$is_dc) {
+ 	$roletext.='<tr bgcolor="'.$tbg.'"><td colspan="4"><font color="'.$tfont.'"><span class="LC_rolesinfo">'.$tremark.
+ 	    '</span>&nbsp;</font></td></tr><tr><td colspan="5" height="3"></td></tr>'."\n";
+     }
+     return $roletext;
+ }
+ sub check_author_homeserver {
+     my ($uname,$udom)=@_;
+     if (($uname eq '') || ($udom eq '')) {
+         return ('fail','');
+     }
+     my $home = &Apache::lonnet::homeserver($uname,$udom);
+     if (&Apache::lonnet::host_domain($home) ne $udom) {
+         return ('fail',$home);
+     }
+     my @ids=&Apache::lonnet::current_machine_ids();
+     if (grep(/^\Q$home\E$/,@ids)) {
+         return ('ok',$home);
+     } else {
+         return ('switchserver',$home);
+     }
+ }
+ sub check_privs {
+     my ($cdom,$cnum,$then,$now,$checkrole) = @_;
+     my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
+     if ($env{$cckey}) {
+         my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
+         &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
+         unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) {
+             &set_privileges($cdom,$cnum,$checkrole);
+         }
+     } else {
+         &set_privileges($cdom,$cnum,$checkrole);
+     }
+ }
+ sub check_fordc {
+     my ($dcroles,$then) = @_;
+     my $numdc = 0;
+     if ($env{'user.adv'}) {
+         foreach my $envkey (sort keys %env) {
+             if ($envkey=~/^user\.role\.dc\.\/($match_domain)\/$/) {
+                 my $dcdom = $1;
+                 my $livedc = 1;
+                 my ($tstart,$tend)=split(/\./,$env{$envkey});
+                 if ($tstart && $tstart>$then) { $livedc = 0; }
+                 if ($tend   && $tend  <$then) { $livedc = 0; }
+                 if ($livedc) {
+                     $$dcroles{$dcdom} = $envkey;
+                     $numdc++;
+                 }
+             }
+         }
+     }
+     return $numdc;
+ }
+ sub adhoc_course_role {
+     my ($then) = @_;
+     my ($cdom,$cnum);
+     my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+     my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+     if (&check_forcc($cdom,$cnum,$then)) {
+         my $setprivs;
+         if (!defined($env{'user.role.'.$env{'form.switchrole'}})) {
+             $setprivs = 1;
+         } else {
+             my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.switchrole'}});
+             if (($start && ($start>$then || $start == -1)) ||
+                 ($end && $end<$then)) {
+                 $setprivs = 1;
+             }
+         }
+         if ($setprivs) {
+             if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)([\w/]*)\./\Q$cdom\E/\Q$cnum\E/?(\w*)$-) {
+                 my $role = $1;
+                 my $custom_role = $2;
+                 my $usec = $3;
+                 if ($role eq 'cr') {
+                     if ($custom_role =~ m-^/$match_domain/$match_username/\w+$-) {
+                         $role .= $custom_role;
+                     } else {
+                         return;
+                     }
+                 }
+                 my (%userroles,%newrole,%newgroups);
+                 my $area = '/'.$cdom.'/'.$cnum;
+                 my $spec = $role.'.'.$area;
+                 if ($usec ne '') {
+                     $spec .= '/'.$usec;
+                     $area .= '/'.$usec;
+                 }
+                 &Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,$area);
+                 &Apache::lonnet::set_userprivs(\%userroles,\%newrole,%newgroups);
+                 my $adhocstart = $then-1;
+                 $userroles{'user.role.'.$spec} = $adhocstart.'.';
+                 &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
+             }
+         }
+     }
+     return;
+ }
+ sub check_forcc {
+     my ($cdom,$cnum,$then) = @_;
+     my $is_cc;
+     if ($cdom ne '' && $cnum ne '') {
+         if (&Apache::lonnet::is_course($cdom,$cnum)) {
+             my $envkey = 'user.role.cc./'.$cdom.'/'.$cnum;
+             if (defined($env{$envkey})) {
+                 $is_cc = 1;
+                 my ($tstart,$tend)=split(/\./,$env{$envkey});
+                 if ($tstart && $tstart>$then) { $is_cc = 0; }
+                 if ($tend   && $tend  <$then) { $is_cc = 0; }
+             }
+         }
+     }
+     return $is_cc;
+ }
+ sub courselink {
+     my ($dcdom,$rowtype) = @_;
+     my $courseform=&Apache::loncommon::selectcourse_link
+                    ('rolechoice','dccourse'.$rowtype.'_'.$dcdom,
+                     'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'.
+                     $dcdom,$dcdom,undef);
+     my $hiddenitems = '<input type="hidden" name="dcdomain'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
+                       '<input type="hidden" name="origdom'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
+                       '<input type="hidden" name="dccourse'.$rowtype.'_'.$dcdom.'" value="" />'.
+                       '<input type="hidden" name="coursedesc'.$rowtype.'_'.$dcdom.'" value="" />';
+     return $courseform.$hiddenitems;
+ }
+ sub coursepick_jscript {
+     my %lt = &Apache::lonlocal::texthash(
+                   plsu => "Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.",
+                   youc => 'You can only use this screen to select courses in the current domain.',
+              );
+     my $verify_script = <<"END";
+ <script type="text/javascript">
+ function verifyCoursePick(caller) {
+     var numbutton = getIndex(caller)
+     var pickedCourse = document.rolechoice.elements[numbutton+4].value
+     var pickedDomain = document.rolechoice.elements[numbutton+2].value
+     if (document.rolechoice.elements[numbutton+2].value == document.rolechoice.elements[numbutton+3].value) {
+         if (pickedCourse != '') {
+             if (numbutton != -1) {
+                 var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse
+                 document.rolechoice.elements[numbutton+1].name = courseTarget
+                 document.rolechoice.submit()
+             }
+         }
+         else {
+             alert("$lt{'plsu'}");
+         }
+     }
+     else {
+         alert("$lt{'youc'}")
+     }
+ }
+ function getIndex(caller) {
+     for (var i=0;i<document.rolechoice.elements.length;i++) {
+         if (document.rolechoice.elements[i] == caller) {
+             return i;
+         }
+     }
+     return -1;
+ }
+ </script>
+ END
+     return $verify_script;
+ }
+ sub coauthorlink {
+     my ($dcdom,$rowtype) = @_;
+     my $coauthorform=&Apache::loncommon::selectauthor_link('rolechoice',$dcdom);
+     my $hiddenitems = '<input type="hidden" name="adhoccauname'.$rowtype.'_'.$dcdom.'" value="" />';
+     return $coauthorform.$hiddenitems;
+ }
+ sub display_cc_role {
+     my $rolekey = shift;
+     my $roletext;
+     my $advanced = $env{'user.adv'};
+     my $tryagain = $env{'form.tryagain'};
+     unless ($rolekey =~/^error\:/) {
+         if ($rolekey =~ m-^user\.role.cc\./($match_domain)/($match_courseid)$-) {
+             my $tcourseid = $1.'_'.$2;
+             my $trolecode = 'cc./'.$1.'/'.$2;
              my $twhere;
-             my ($tdom,$trest,$tsec)=
+             my $ttype;
-                split(/\//,Apache::lonnet::declutter($where));
+             my $tbg='#77FF77';
-             if ($trest) {
+             my $tfont='#003300';
- 		$ttype='Course';
+             my %newhash=&Apache::lonnet::coursedescription($tcourseid);
-                 $twhere=$ENV{'course.'.$tdom.'_'.$trest.'.description'};
+             if (%newhash) {
-                 if ($tsec) {
+                 $twhere=$newhash{'description'}.
- 		    $twhere.=' (Section/Group: '.$tsec.')';
+                         ' <font size="-2">'.
-                 }
+                         &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$2,$1,$tfont).
-             } elsif ($tdom) {
+                         '</font>';
-                 $ttype='Domain';
+                 $ttype = $newhash{'type'};
-                 $twhere=$tdom;
              } else {
-                 $ttype='System';
+                 $twhere=&mt('Currently not available');
-                 $twhere='/';
+                 $env{'course.'.$tcourseid.'.description'}=$twhere;
              }
-             $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>');
+             my $trole = &Apache::lonnet::plaintext('cc',$ttype);
-             map {
+             $twhere.="<br />".&mt('Domain').":".$1;
-               if ($_) {
+             $roletext = &build_roletext($trolecode,$1,$2,'is',$tryagain,$advanced,'',$tbg,$tfont,$trole,$twhere,'','','',1,'');
- 		  my ($prv,$restr)=split(/\&/,$_);
-                   my $trestr='';
-                   if ($restr ne 'F') {
-                       my $i;
-                       $trestr.=' (';
-                       for ($i=0;$i<length($restr);$i++) {
- 		         $trestr.=
-                            Apache::lonnet::plaintext(substr($restr,$i,1));
-                          if ($i<length($restr)-1) { $trestr.=', '; }
- 		      }
-                       $trestr.=')';
-                   }
-                   $r->print('<li>'.Apache::lonnet::plaintext($prv).$trestr.
-                             '</li>');
- 	      }
-             } sort split(/:/,$ENV{$envkey});
-             $r->print('</ul>');
          }
      }
-   }
+     return ($roletext);
+ }
-     $r->print("</body></html>\n");
+ sub adhoc_roles_row {
-     return OK;
+     my ($dcdom,$rowtype) = @_;
- }
+     my $output = '<tr bgcolor="#77FF77">'.
+                  ' <td colspan="5"><table><tr><td><span class="LC_rolesinfo">'
+                  .&mt('[_1]Ad hoc[_2] roles in domain [_3] --',
+                  '<span class="LC_cusr_emph">','</span>',$dcdom).'</span></td><td>';
+     my $selectcclink = &courselink($dcdom,$rowtype);
+     my $ccrole = &Apache::lonnet::plaintext('cc');
+     my $carole = &Apache::lonnet::plaintext('ca');
+     my $selectcalink = &coauthorlink($dcdom,$rowtype);
+     $output.= '<span class="LC_rolesinfo">'.
+             &mt('[_1]: [_2]',$ccrole,$selectcclink).
+             '</span><br /></td><td>&nbsp;&nbsp;</td><td><span class="LC_rolesinfo">'.
+             &mt('[_1]: [_2]',$carole,$selectcalink).
+             '</span><br /></td></tr></table></td></tr>'.
+             '<tr><td colspan="5" height="3"></td></tr>'."\n";
+     return $output;
+ }
+ sub recent_filename {
+     my $area=shift;
+     return 'nohist_recent_'.&escape($area);
+ }
+ sub set_privileges {
+ # role can be cc or ca
+     my ($dcdom,$pickedcourse,$role) = @_;
+     my $area = '/'.$dcdom.'/'.$pickedcourse;
+     my $spec = $role.'.'.$area;
+     my %userroles = &Apache::lonnet::set_arearole($role,$area,'','',
+ 						  $env{'user.domain'},
+ 						  $env{'user.name'});
+     my %ccrole = ();
+     &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
+     my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole);
+     &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
+     &Apache::lonnet::log($env{'user.domain'},
+                          $env{'user.name'},
+                          $env{'user.home'},
+                         "Role ".$role);
+     &Apache::lonnet::appenv(
+                           {'request.role'        => $spec,
+                           'request.role.domain' => $dcdom,
+                           'request.course.sec'  => ''});
+     my $tadv=0;
+     if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
+     &Apache::lonnet::appenv({'request.role.adv'    => $tadv});
+ }
+ sub courseloadpage {
+     my ($courseid) = @_;
+     my $startpage;
+     my %entry_settings = &Apache::lonnet::get('nohist_whatsnew',
+ 					      [$courseid.':courseinit']);
+     my ($tmp) = %entry_settings;
+     unless ($tmp =~ /^error: 2 /) {
+         $startpage = $entry_settings{$courseid.':courseinit'};
+     }
+     if ($startpage eq '') {
+         if (exists($env{'environment.course_init_display'})) {
+             $startpage = $env{'environment.course_init_display'};
+         }
+     }
+     return $startpage;
+ }
 ;
  __END__
+ =head1 NAME
+ Apache::lonroles - User Roles Screen
+ =head1 SYNOPSIS
+ Invoked by /etc/httpd/conf/srm.conf:
+  <Location /adm/roles>
+  PerlAccessHandler       Apache::lonacc
+  SetHandler perl-script
+  PerlHandler Apache::lonroles
+  ErrorDocument     403 /adm/login
+  ErrorDocument	  500 /adm/errorhandler
+  </Location>
+ =head1 OVERVIEW
+ =head2 Choosing Roles
+ C<lonroles> is a handler that allows a user to switch roles in
+ mid-session. LON-CAPA attempts to work with "No Role Specified", the
+ default role that a user has before selecting a role, as widely as
+ possible, but certain handlers for example need specification which
+ course they should act on, etc. Both in this scenario, and when the
+ handler determines via C<lonnet>'s C<&allowed> function that a certain
+ action is not allowed, C<lonroles> is used as error handler. This
+ allows the user to select another role which may have permission to do
+ what they were trying to do. C<lonroles> can also be accessed via the
+ B<CRS> button in the Remote Control.
+ =begin latex
+ \begin{figure}
+ \begin{center}
+ \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen}
+   \caption{\label{Sample_Roles_Screen}Sample Roles Screen}
+ \end{center}
+ \end{figure}
+ =end latex
+ =head2 Role Initialization
+ The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role.
+ =head1 INTRODUCTION
+ This module enables a user to select what role he wishes to
+ operate under (instructor, student, teaching assistant, course
+ coordinator, etc).  These roles are pre-established by the actions
+ of upper-level users.
+ This is part of the LearningOnline Network with CAPA project
+ described at http://www.lon-capa.org.
+ =head1 HANDLER SUBROUTINE
+ This routine is called by Apache and mod_perl.
+ =over 4
+ =item *
+ Roles Initialization (yes/no)
+ =item *
+ Get Error Message from Environment
+ =item *
+ Who is this?
+ =item *
+ Generate Page Output
+ =item *
+ Choice or no choice
+ =item *
+ Table
+ =item *
+ Privileges
+ =back
+ =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Removed from v.1.20
changed lines
	Added in v.1.200