--- loncom/auth/lonacc.pm	2009/07/23 18:45:39	1.127
+++ loncom/auth/lonacc.pm	2010/03/19 22:22:34	1.130.4.1
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.127 2009/07/23 18:45:39 raeburn Exp $
+# $Id: lonacc.pm,v 1.130.4.1 2010/03/19 22:22:34 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -411,6 +411,22 @@ sub handler {
 	}
 	$env{'request.filename'} = $r->filename;
 	$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
+        if ($requrl =~ m{^/adm/wrapper/ext/}) {
+            my $query = $r->args;
+            if ($query) {
+                my $preserved;
+                foreach my $pair (split(/&/,$query)) {
+                    my ($name, $value) = split(/=/,$pair);
+                    unless (($name eq 'symb') || ($name eq 'wrapperdisplay')) {
+                        $preserved .= $pair.'&';
+                    }
+                }
+                $preserved =~ s/\&$//;
+                if ($preserved) {
+                    $env{'request.external.querystring'} = $preserved;
+                }
+            }
+        }
 # -------------------------------------------------------- Load POST parameters
 
 	&Apache::lonacc::get_posted_cgi($r);
@@ -433,8 +449,24 @@ sub handler {
                 return OK;
             }
 	    if (($access ne '2') && ($access ne 'F')) {
-		$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
-		return HTTP_NOT_ACCEPTABLE; 
+                if ($requrl =~ m{^/res/}) {
+                    $access = &Apache::lonnet::allowed('bro',$requrl);
+                    if ($access ne 'F') {
+                        if ($requrl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
+                            $access = &Apache::lonnet::allowed('bre','/res/lib/templates/simpleproblem.problem');
+                            if ($access ne 'F') {
+                                $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+                                return HTTP_NOT_ACCEPTABLE;
+                            }
+                        } else {
+                            $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+                            return HTTP_NOT_ACCEPTABLE;
+                        }
+                    }
+                } else {
+		    $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+		    return HTTP_NOT_ACCEPTABLE;
+                }
 	    }
 	}
 	if ($requrl =~ m|^/prtspool/|) {
@@ -457,6 +489,7 @@ sub handler {
 	    $env{'user.domain'} eq 'public' &&
 	    $requrl !~ m{^/+(res|public|uploaded)/} &&
 	    $requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$ }x &&
+        $requrl !~ m{^/adm/blockingstatus/.*$} &&
 	    $requrl !~ m{^/+adm/(help|logout|restrictedaccess|randomlabel\.png)}) {
 	    $env{'request.querystring'}=$r->args;
 	    $env{'request.firsturl'}=$requrl;