--- loncom/auth/lonroles.pm	2016/10/14 23:11:04	1.316
+++ loncom/auth/lonroles.pm	2016/10/27 22:51:08	1.320
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.316 2016/10/14 23:11:04 raeburn Exp $
+# $Id: lonroles.pm,v 1.320 2016/10/27 22:51:08 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -255,7 +255,8 @@ sub handler {
 
     my $envkey;
     my %dcroles = ();
-    my $numdc = &check_fordc(\%dcroles,$update,$then);
+    my %dhroles = ();
+    my ($numdc,$numdh,$numadhoc) = &check_for_adhoc(\%dcroles,\%dhroles,$update,$then);
     my $loncaparev = $r->dir_config('lonVersion');
 
 # ================================================================== Roles Init
@@ -269,7 +270,7 @@ sub handler {
             $env{'form.'.$env{'form.newrole'}}=1;
 # Check if this is a Domain Helpdesk role trying to enter a course
             if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/\w+\./\1/$match_courseid$}) {
-                if (&Apache::lonnet::allowed('rar',$1)) {
+                if ($dhroles{$1}) {
                     $custom_adhoc = 1;
                 }
             }
@@ -321,78 +322,113 @@ sub handler {
                     }
                 }
             }
-        } elsif ($numdc > 0) {
+        } elsif (($numdc > 0) || ($numdh > 0)) {
 # Check if user is a DC trying to enter a course or author space and needs privs to be created
+# Check if user is a DH trying to enter a course and needs privs to be created
             foreach my $envkey (keys(%env)) {
 # Is this an ad-hoc Coordinator role?
-                if (my ($ccrole,$domain,$coursenum) =
-		    ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) {
-                    if ($dcroles{$domain}) {
-                        if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,
-                                                           $update,$refresh,$now,$ccrole)) {
-                            &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.$ccrole.adhoc" => time});
-                        }
-                    }
-                    last;
-                }
-# Is this an ad-hoc CA-role?
-                if (my ($domain,$user) =
-		    ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
-                    if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) {
-                        delete($env{$envkey});
-                        $env{'form.au./'.$domain.'/'} = 1;
-                        my ($server_status,$home) = &check_author_homeserver($user,$domain);
-                        if ($server_status eq 'switchserver') {
-                            my $trolecode = 'au./'.$domain.'/';
-                            my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode;
-                            $r->internal_redirect($switchserver);
-                            return OK;
+                if ($numdc) {
+                    if (my ($ccrole,$domain,$coursenum) =
+		        ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) {
+                        if ($dcroles{$domain}) {
+                            if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,
+                                                                   $update,$refresh,$now,$ccrole)) {
+                                &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.$ccrole.adhoc" => time});
+                            }
                         }
                         last;
                     }
-                    if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) {
-                        if (((($castart) && ($castart < $now)) || !$castart) && 
-                            ((!$caend) || (($caend) && ($caend > $now)))) {
+# Is this an ad-hoc CA-role?
+                    if (my ($domain,$user) =
+		        ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
+                        if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) {
+                            delete($env{$envkey});
+                            $env{'form.au./'.$domain.'/'} = 1;
                             my ($server_status,$home) = &check_author_homeserver($user,$domain);
                             if ($server_status eq 'switchserver') {
-                                my $trolecode = 'ca./'.$domain.'/'.$user;
+                                my $trolecode = 'au./'.$domain.'/';
                                 my $switchserver = '/adm/switchserver?otherserver='.$home.'&amp;role='.$trolecode;
                                 $r->internal_redirect($switchserver);
                                 return OK;
                             }
                             last;
                         }
-                    }
-                    # Check if author blocked ca-access
-                    my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
-                    if ($blocked{'domcoord.author'} eq 'blocked') {
-                        delete($env{$envkey});
-                        $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+                        if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) {
+                            if (((($castart) && ($castart < $now)) || !$castart) && 
+                                ((!$caend) || (($caend) && ($caend > $now)))) {
+                                my ($server_status,$home) = &check_author_homeserver($user,$domain);
+                                if ($server_status eq 'switchserver') {
+                                    my $trolecode = 'ca./'.$domain.'/'.$user;
+                                    my $switchserver = '/adm/switchserver?otherserver='.$home.'&amp;role='.$trolecode;
+                                    $r->internal_redirect($switchserver);
+                                    return OK;
+                                }
+                                last;
+                            }
+                        }
+                        # Check if author blocked ca-access
+                        my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
+                        if ($blocked{'domcoord.author'} eq 'blocked') {
+                            delete($env{$envkey});
+                            $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+                            last;
+                        }
+                        if ($dcroles{$domain}) {
+                            my ($server_status,$home) = &check_author_homeserver($user,$domain);
+                            if (($server_status eq 'ok') || ($server_status eq 'switchserver')) {
+                                &Apache::lonnet::check_adhoc_privs($domain,$user,$update,
+                                                                   $refresh,$now,'ca');
+                                if ($server_status eq 'switchserver') {
+                                    my $trolecode = 'ca./'.$domain.'/'.$user; 
+                                    my $switchserver = '/adm/switchserver?'
+                                                      .'otherserver='.$home.'&amp;role='.$trolecode;
+                                    $r->internal_redirect($switchserver);
+                                    return OK;
+                                }
+                            } else {
+                                delete($env{$envkey});
+                            }
+                        } else {
+                            delete($env{$envkey});
+                        }
                         last;
                     }
-                    if ($dcroles{$domain}) {
-                        my ($server_status,$home) = &check_author_homeserver($user,$domain);
-                        if (($server_status eq 'ok') || ($server_status eq 'switchserver')) {
-                            &Apache::lonnet::check_adhoc_privs($domain,$user,$update,
-                                                               $refresh,$now,'ca');
-                            if ($server_status eq 'switchserver') {
-                                my $trolecode = 'ca./'.$domain.'/'.$user; 
-                                my $switchserver = '/adm/switchserver?'
-                                                  .'otherserver='.$home.'&amp;role='.$trolecode;
-                                $r->internal_redirect($switchserver);
-                                return OK;
+                }
+                if ($numdh) {
+# Is this an ad hoc custom role in a course/community?
+                    if (my ($domain,$rolename,$coursenum) = ($envkey =~ m{^form\.cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)$})) {
+                        if ($dhroles{$domain}) { 
+                            my @adhoc; 
+                            if ($env{'environment.adhocroles.'.$domain}) {
+                                @adhoc = split(',',$env{'environment.adhocroles.'.$domain});
+                            } else {
+                                my %adhocroles = &Apache::lonnet::userenvironment($env{'user.domain'},$env{'user.name'},
+                                                                                  'adhocroles.'.$domain);
+                                if (keys(%adhocroles)) {
+                                    @adhoc = split(',',$adhocroles{'adhocroles.'.$domain});
+                                }
+                            }
+                            if ((@adhoc > 0) && ($rolename ne '')) {
+                                if (grep(/^\Q$rolename\E$/,@adhoc)) {
+                                    if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,$update,$refresh,$now,
+                                                                           "cr/$domain/$domain".'-domainconfig/'.$rolename)) {
+                                        &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.cr/$domain/$domain".
+                                                                 '-domainconfig/'."$rolename.adhoc" => time});
+                                    }
+                                } else {
+                                    delete($env{$envkey});
+                                }
+                            } else {
+                                delete($env{$envkey});
                             }
                         } else {
                             delete($env{$envkey});
                         }
-                    } else {
-                        delete($env{$envkey});
+                        last;
                     }
-                    last;
                 }
             }
         }
-
         foreach $envkey (keys(%env)) {
             next if ($envkey!~/^user\.role\./);
             my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
@@ -1044,7 +1080,7 @@ ENDHEADER
     }
 # ----------------------------------------------------------------------- Table
 
-    if ($numdc > 0) {
+    if (($numdc > 0) || (($numdh > 0) && ($numadhoc > 0))) {
         $r->print(&coursepick_jscript());
         $r->print(&Apache::loncommon::coursebrowser_javascript().
                   &Apache::loncommon::authorbrowser_javascript());
@@ -1077,9 +1113,12 @@ ENDHEADER
                                $roletext{'user.role.'.$role}->[1].
                                &Apache::loncommon::end_data_table_row();
                 }
-                if ($role =~ m{dc\./($match_domain)/} 
+                if ($role =~ m{^dc\./($match_domain)/$} 
 		    && $dcroles{$1}) {
 		    $output .= &adhoc_roles_row($1,'recent');
+                } elsif ($role =~ m{^dh\./($match_domain)/$}
+                         && ($env{'environment.adhocroles.'.$1} ne '')) {
+                    $output .= &adhoc_customroles_row($1,'recent');
                 }
 	    } elsif ($numdc > 0) {
                 unless ($role =~/^error\:/) {
@@ -1476,12 +1515,15 @@ sub print_rolerows {
                                            &Apache::loncommon::end_data_table_row();
                             }
                         }
-                        if ($sortrole->{$which} =~ m-dc\./($match_domain)/-) {
+                        if ($sortrole->{$which} =~ m{^user\.role\.dc\./($match_domain)/}) {
                             if (ref($dcroles) eq 'HASH') {
                                 if ($dcroles->{$1}) {
                                     $output .= &adhoc_roles_row($1,'');
                                 }
                             }
+                        } elsif (($sortrole->{$which} =~ m{^user\.role\.dh\./($match_domain)/}) &&
+                                 ($env{'environment.adhocroles.'.$1} ne '')) {
+                            $output .= &adhoc_customroles_row($1,'');
                         }
                     }
                 }
@@ -1739,29 +1781,42 @@ sub check_author_homeserver {
     }
 }
 
-sub check_fordc {
-    my ($dcroles,$update,$then) = @_;
+sub check_for_adhoc {
+    my ($dcroles,$dhroles,$update,$then) = @_;
     my $numdc = 0;
+    my $numdh = 0;
+    my $numadhoc = 0;
+    my $num_custom_adhoc = 0; 
     if ($env{'user.adv'}) {
         foreach my $envkey (sort(keys(%env))) {
-            if ($envkey=~/^user\.role\.dc\.\/($match_domain)\/$/) {
-                my $dcdom = $1;
-                my $livedc = 1;
+            if ($envkey=~/^user\.role\.(dc|dh)\.\/($match_domain)\/$/) {
+                my $role = $1;
+                my $roledom = $2;
+                my $liverole = 1;
                 my ($tstart,$tend)=split(/\./,$env{$envkey});
                 my $limit = $update;
-                if ($env{'request.role'} eq 'dc./'.$dcdom.'/') {
+                if ((($role eq 'dc') && ($env{'request.role'} eq 'dc./'.$roledom.'/')) ||
+                    (($role eq 'dh') && ($env{'request.role'} eq 'dh./'.$roledom.'/'))) {
                     $limit = $then;
                 }
-                if ($tstart && $tstart>$limit) { $livedc = 0; }
-                if ($tend   && $tend  <$limit) { $livedc = 0; }
-                if ($livedc) {
-                    $$dcroles{$dcdom} = $envkey;
-                    $numdc++;
+                if ($tstart && $tstart>$limit) { $liverole = 0; }
+                if ($tend   && $tend  <$limit) { $liverole = 0; }
+                if ($liverole) {
+                    if ($role eq 'dc') {
+                        $dcroles->{$roledom} = $envkey;
+                        $numdc++;
+                    } else {
+                        $dhroles->{$roledom} = $envkey;
+                        if ($env{'environment.adhocroles.'.$roledom} ne '') {
+                            $numadhoc ++;
+                        }
+                        $numdh++;
+                    }
                 }
             }
         }
     }
-    return $numdc;
+    return ($numdc,$numdh,$numadhoc);
 }
 
 sub adhoc_course_role {
@@ -1853,15 +1908,16 @@ sub check_forcc {
 }
 
 sub courselink {
-    my ($dcdom,$rowtype) = @_;
+    my ($roledom,$rowtype,$role) = @_;
     my $courseform=&Apache::loncommon::selectcourse_link
-                   ('rolechoice','dccourse'.$rowtype.'_'.$dcdom,
-                    'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'.
-                    $dcdom,$dcdom,undef,'Course/Community');
-    my $hiddenitems = '<input type="hidden" name="dcdomain'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
-                      '<input type="hidden" name="origdom'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
-                      '<input type="hidden" name="dccourse'.$rowtype.'_'.$dcdom.'" value="" />'.
-                      '<input type="hidden" name="coursedesc'.$rowtype.'_'.$dcdom.'" value="" />';
+                   ('rolechoice','course'.$rowtype.'_'.$roledom.'_'.$role,
+                    'domain'.$rowtype.'_'.$roledom.'_'.$role,
+                    'coursedesc'.$rowtype.'_'.$roledom.'_'.$role,
+                    $roledom.':'.$role,undef,'Course/Community');
+    my $hiddenitems = '<input type="hidden" name="domain'.$rowtype.'_'.$roledom.'_'.$role.'" value="'.$roledom.'" />'.
+                      '<input type="hidden" name="origdom'.$rowtype.'_'.$roledom.'_'.$role.'" value="'.$roledom.'" />'.
+                      '<input type="hidden" name="course'.$rowtype.'_'.$roledom.'_'.$role.'" value="" />'.
+                      '<input type="hidden" name="coursedesc'.$rowtype.'_'.$roledom.'_'.$role.'" value="" />';
     return $courseform.$hiddenitems;
 }
 
@@ -1958,7 +2014,8 @@ sub adhoc_roles_row {
                  .&mt('[_1]Ad hoc[_2] roles in domain [_3] --'
                      ,'<span class="LC_cusr_emph">','</span>',$dcdom)
                  .' ';
-    my $selectcclink = &courselink($dcdom,$rowtype);
+    my $role = 'cc';
+    my $selectcclink = &courselink($dcdom,$rowtype,$role);
     my $ccrole = &Apache::lonnet::plaintext('co',undef,undef,1);
     my $carole = &Apache::lonnet::plaintext('ca');
     my $selectcalink = &coauthorlink($dcdom,$rowtype);
@@ -1968,6 +2025,25 @@ sub adhoc_roles_row {
     return $output;
 }
 
+sub adhoc_customroles_row {
+    my ($dhdom,$rowtype) = @_;
+    my $output = &Apache::loncommon::continue_data_table_row()
+                 .' <td colspan="5" class="LC_textsize_mobile">'
+                 .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3] --',
+                      '<span class="LC_cusr_emph">','</span>',$dhdom);
+    my @customroles = split(/,/,$env{'environment.adhocroles.'.$dhdom});
+    my $count = 0;
+    foreach my $role (@customroles) {
+        next if (($role eq '') || ($role =~ /\W/));
+        $output .= ' '.$role.': '.&courselink($dhdom,$rowtype,$role).' |';
+        $count ++;
+    }
+    if ($count) {
+        return $output;
+    }
+    return;
+}
+
 sub recent_filename {
     my $area=shift;
     return 'nohist_recent_'.&escape($area);