--- loncom/auth/lonroles.pm	2003/10/04 18:13:36	1.74
+++ loncom/auth/lonroles.pm	2004/11/11 23:17:13	1.107
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.74 2003/10/04 18:13:36 www Exp $
+# $Id: lonroles.pm,v 1.107 2004/11/11 23:17:13 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -25,20 +25,6 @@
 #
 # http://www.lon-capa.org/
 #
-# (Directory Indexer
-# (Login Screen
-# YEAR=1999
-# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14 Gerd Kortemeyer)
-# 11/23 Gerd Kortemeyer)
-# YEAR=2000
-# 1/14,03/06,06/01,07/22,07/24,07/25,
-# 09/04,09/06,09/28,09/29,09/30,10/2,10/5,10/26,10/28,
-# 12/08,12/28,
-# YEAR=2001
-# 01/15/01 Gerd Kortemeyer
-# 03/02,05/03,05/25,05/30,06/01,07/06,08/06 Gerd Kortemeyer
-# 12/29 Gerd Kortemeyer
-#
 ###
 
 package Apache::lonroles;
@@ -50,27 +36,39 @@ use Apache::Constants qw(:common);
 use Apache::File();
 use Apache::lonmenu;
 use Apache::loncommon;
+use Apache::lonhtmlcommon;
 use Apache::lonannounce;
 use Apache::lonlocal;
 
 sub redirect_user {
-    my ($r,$title,$url,$msg) = @_;
+    my ($r,$title,$url,$msg,$launch_nav) = @_;
     $msg = $title if (! defined($msg));
     &Apache::loncommon::content_type($r,'text/html');
     &Apache::loncommon::no_cache($r);
     $r->send_http_header;
     my $swinfo=&Apache::lonmenu::rawconfig();
+    my $navwindow;
+    if ($launch_nav eq 'on') {
+	$navwindow.=&Apache::lonnavmaps::launch_win('now');
+    } else {
+	$navwindow.=&Apache::lonnavmaps::close();
+    }
     my $bodytag=&Apache::loncommon::bodytag('Switching Role');
-    $r->print (<<ENDREDIR);
+# Note to style police: 
+# This must only replace the spaces, nothing else, or it bombs elsewhere.
+    $url=~s/ /\%20/g;
+    $r->print(<<ENDREDIR);
 <head><title>$title</title>
 <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$url">
 </head>
 <html>
 $bodytag
-<script>
+<script type="text/javascript">
 $swinfo
 </script>
+$navwindow
 <h1>$msg</h1>
+<a href="$url">Continue</a>
 </body>
 </html>
 ENDREDIR
@@ -84,15 +82,38 @@ sub handler {
     my $now=time;
     my $then=$ENV{'user.login.time'};
     my $envkey;
-
+    my $dcselect='';
+    my %dcroles = ();
+    my $numdc = &check_fordc(\%dcroles,$then);
 
 # ================================================================== Roles Init
-
     if ($ENV{'form.selectrole'}) {
+        if ($ENV{'form.dcselected'}) {
+            my $dcdom = $ENV{'form.dcselected'};
+            my $dckey = 'user.role.dc./'.$dcdom.'/';
+            if ($ENV{$dckey}) {
+                my ($dcstart,$dcend)=split(/\./,$ENV{$dckey});
+                my $active_dc = 1;
+                if ($dcstart) {
+                    if ($dcstart>$then) {
+                        $active_dc = 0;
+                    }
+                }
+                if ($dcend) {
+                    if ($dcend < $then) {
+                        $active_dc = 0;
+                    }
+                }
+                if ($active_dc) {
+                    $dcselect = $dcdom;
+                }
+            }
+        }
 	if ($ENV{'request.course.id'}) {
 	    my %temp=('logout_'.$ENV{'request.course.id'} => time);
 	    &Apache::lonnet::put('email_status',\%temp);
-        }
+	    &Apache::lonnet::delenv('user.state.'.$ENV{'request.course.id'});
+	}
 	&Apache::lonnet::appenv("request.course.id"   => '',
 				"request.course.fn"   => '',
 				"request.course.uri"  => '',
@@ -100,35 +121,99 @@ sub handler {
 				"request.role"        => 'cm',
                                 "request.role.adv"    => $ENV{'user.adv'},
 				"request.role.domain" => $ENV{'user.domain'});
+
+# Check to see if the user is a DC trying to enter a course and needs privs to be created
+        if ($numdc > 0) {
+            foreach my $envkey (keys %ENV) {
+                if ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-) {
+                    if ($dcroles{$1}) {
+                        unless ($ENV{'user.role.cc./'.$1.'/'.$2}) {
+                            &set_privileges($1,$2);
+                        }
+                    }
+                    last;
+                }
+            }
+        }
+
+        if ($ENV{'form.dccourse'}) {
+            my $dcdom = $ENV{'form.dcdomain'};
+            my $pickedcourse = $ENV{'form.dccourse'};
+            if ($dcdom && $pickedcourse) {
+                unless ($ENV{'user.role.cc./'.$dcdom.'/'.$pickedcourse}) {
+                    if ($ENV{'user.role.dc./'.$dcdom.'/'}) {
+                        &set_privileges($dcdom,$pickedcourse);
+                    }
+                }
+            }
+        }
+
         foreach $envkey (keys %ENV) {
             next if ($envkey!~/^user\.role\./);
-	    my (undef,undef,$role,@pwhere)=split(/\./,$envkey);
-            my $where=join('.',@pwhere);
-            my $trolecode=$role.'.'.$where;
+            my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
+            &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
             if ($ENV{'form.'.$trolecode}) {
-		my ($tstart,$tend)=split(/\./,$ENV{$envkey});
-		my $tstatus='is';
-		if ($tstart) {
-		    if ($tstart>$then) { 
-			$tstatus='future';
-		    }
-		}
-		if ($tend) {
-		    if ($tend<$then) { $tstatus='expired'; }
-		    if ($tend<$now) { $tstatus='will_not'; }
-		}
 		if ($tstatus eq 'is') {
 		    $where=~s/^\///;
 		    my ($cdom,$cnum,$csec)=split(/\//,$where);
 # check for keyed access
 		    if (($role eq 'st') && 
                        ($ENV{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) {
-		         unless (&Apache::lonnet::validate_access_key(
+# who is key authority?
+			my $authdom=$cdom;
+			my $authnum=$cnum;
+			if ($ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}) {
+			    ($authnum,$authdom)=
+				split(/\W/,$ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'});
+			}
+# check with key authority
+			unless (&Apache::lonnet::validate_access_key(
 				     $ENV{'environment.key.'.$cdom.'_'.$cnum},
-					     $cdom,$cnum)) {
+					     $authdom,$authnum)) {
 # there is no valid key
 			     if ($ENV{'form.newkey'}) {
 # student attempts to register a new key
+				 &Apache::loncommon::content_type($r,'text/html');
+				 &Apache::loncommon::no_cache($r);
+				 $r->send_http_header;
+				 my $swinfo=&Apache::lonmenu::rawconfig();
+				 my $bodytag=&Apache::loncommon::bodytag
+				    ('Verifying Access Key to Unlock this Course');
+				 my $buttontext=&mt('Enter Course');
+				 my $message=&mt('Successfully registered key');
+				 my $assignresult=
+				     &Apache::lonnet::assign_access_key(
+						     $ENV{'form.newkey'},
+						     $authdom,$authnum,
+						     $cdom,$cnum,
+                                                     $ENV{'user.domain'},
+						     $ENV{'user.name'},
+	      'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '.
+                                                     $trolecode);
+				 unless ($assignresult eq 'ok') {
+				     $assignresult=~s/^error\:\s*//;
+				     $message=&mt($assignresult).
+				     '<br /><a href="/adm/logout">'.
+				     &mt('Logout').'</a>';
+				     $buttontext=&mt('Re-Enter Key');
+				 }
+				 $r->print(<<ENDENTEREDKEY);
+<head><title>Verifying Course Access Key</title>
+</head>
+<html>
+$bodytag
+<script>
+$swinfo
+</script>
+<form method="post">
+<input type="hidden" name="selectrole" value="1" />
+<input type="hidden" name="$trolecode" value="1" />
+<font size="+2">$message</font><br />
+<input type="submit" value="$buttontext" />
+</form>
+</body></html>
+ENDENTEREDKEY
+                                 return OK;
 			     } else {
 # print form to enter a new key
 				 &Apache::loncommon::content_type($r,'text/html');
@@ -146,7 +231,8 @@ $bodytag
 $swinfo
 </script>
 <form method="post">
-<input type="hidden" name="selectrole" value="$ENV{'form.selectrole'}" />
+<input type="hidden" name="selectrole" value="1" />
+<input type="hidden" name="$trolecode" value="1" />
 <input type="text" size="20" name="newkey" value="$ENV{'form.newkey'}" />
 <input type="submit" value="Enter key" />
 </form>
@@ -156,15 +242,19 @@ ENDENTERKEY
 			     }
 			 }
 		     }
-                    my $tadv=0;
-                    if (($trolecode!~/^st/) && 
-                        ($trolecode!~/^ta/) && 
-                        ($trolecode!~/^cm/)) { $tadv=1; }
+		    &Apache::lonnet::log($ENV{'user.domain'},
+					 $ENV{'user.name'},
+					 $ENV{'user.home'},
+					 "Role ".$trolecode);
+		    
 		    &Apache::lonnet::appenv(
-                                           'request.role'        => $trolecode,
-					   'request.role.adv'    => $tadv,
+					   'request.role'        => $trolecode,
 					   'request.role.domain' => $cdom,
 					   'request.course.sec'  => $csec);
+                    my $tadv=0;
+		    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
+		    &Apache::lonnet::appenv('request.role.adv'    => $tadv);
+
 		    my $msg=&mt('Entering course ...');
 
 		    if (($cnum) && ($role ne 'ca')) {
@@ -200,10 +290,21 @@ ENDENTERKEY
 							  '.course.helper.not.run'}) {
 				$furl = "/adm/helper/course.initialization.helper";
 			    }
+                            # Check to see if the user is a DC coming from the
+                            # course selection page
+                            if ($ENV{'form.dccourse'}) {
+                                my $formaction = '/adm/roles/';
+                                my ($dcdom,$pickedcourse) = split/_/,$courseid;
+                                if ($ENV{'user.role.dc./'.$dcdom.'/'}) {
+                                    &Apache::lonhtmlcommon::store_recent('cc_pickby_dc_'.$dcdom,
+                                    $courseid,$formaction);
+                                }
+                            }
                             #
                             # Send the user to the course they selected
-                            &redirect_user($r,'Entering Course',
-                                           $furl,$msg);
+                            &redirect_user($r,&mt('Entering Course'),
+                                           $furl,$msg,
+					   $ENV{'environment.remotenavmap'});
                             return OK;
 			}
 		    }
@@ -218,10 +319,18 @@ ENDENTERKEY
                             $redirect_url .= $1;
                         }
                         $redirect_url .= '/';
-                        &redirect_user($r,'Entering Construction Space',
+                        &redirect_user($r,&mt('Entering Construction Space'),
                                        $redirect_url);
                         return OK;
                     }
+                    if ($role eq 'dc') {
+                        unless ($dcselect) {
+                            my $redirect_url = '/adm/menu/';
+                            &redirect_user($r,&mt('Loading Domain Coordinator Menu'),
+                                       $redirect_url);
+                            return OK;
+                        }
+                    }
 		}
             }
         }
@@ -236,9 +345,9 @@ ENDENTERKEY
     return OK if $r->header_only;
 
     my $swinfo=&Apache::lonmenu::rawconfig();
+    my $setDCchoice = &dc_script();
     my $bodytag=&Apache::loncommon::bodytag('User Roles');
-    my $helptag=&Apache::loncommon::help_open_topic
-     ("General_Intro","Click here for help");
+    my $helptag='<table><tr><td>'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'</td></td></tr></table>';
     $r->print(<<ENDHEADER);
 <html>
 <head>
@@ -249,6 +358,7 @@ $helptag<br />
 <script>
 $swinfo
 window.focus();
+$setDCchoice
 </script>
 ENDHEADER
 
@@ -267,6 +377,12 @@ ENDHEADER
     my $tryagain=$ENV{'form.tryagain'};
 
 # -------------------------------------------------------- Generate Page Output
+# -------------------------------------------------------- Domain Coordinator? 
+    if ($dcselect ne '') {
+        &choosecourse_display($r,$dcselect,$then,$now);
+        return OK;
+    }
+
 # --------------------------------------------------------------- Error Header?
     if ($error) {
 	$r->print("<h1>LON-CAPA Access Control</h1>");
@@ -304,13 +420,11 @@ ENDHEADER
 		      "<br />\n");
 	    $r->print(&mt(
       "Author and Co-Author roles may not be available on servers other than your home server."));
-        } else {
-	    $r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
         }
         if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) {
     	    $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'};
         }
-        $r->print('<form method=post action="'.(($fn)?$fn:$r->uri).'">');
+        $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">');
         $r->print('<input type=hidden name=orgurl value="'.$fn.'">');
         $r->print('<input type=hidden name=selectrole value=1>');
     }
@@ -320,40 +434,28 @@ ENDHEADER
 	if ($ENV{'form.showall'}) { $r->print(' checked'); }
 	$r->print('><input type=submit value="'.&mt('Display').'">');
     }
-# ----------------------------------------------------------------------- Table
-    $r->print('<br /><table><tr>');
-    unless ($nochoose) { $r->print('<th>&nbsp;</th>'); }
-    $r->print('<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent').
-         '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'.
-	      &mt('Remark').'</th></tr>'."\n");
 
+    my (%roletext,%sortrole,%roleclass);
+    my $countactive=0;
+    my $inrole=0;
+    my $possiblerole='';
     foreach $envkey (sort keys %ENV) {
         my $button = 1;
         my $switchserver='';
+	my $roletext;
+	my $sortkey;
         if ($envkey=~/^user\.role\./) {
-	    my (undef,undef,$role,@pwhere)=split(/\./,$envkey);
+            my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
+            &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
             next if (!defined($role) || $role eq '');
-            my $where=join('.',@pwhere);
-            my $trolecode=$role.'.'.$where;
-            my ($tstart,$tend)=split(/\./,$ENV{$envkey});
-            my $tremark='';
-            my $tstatus='is';
-            my $tpstart='&nbsp;';
-            my $tpend='&nbsp;';
-            my $tfont='#000000';
+            $tremark='';
+            $tpstart='&nbsp;';
+            $tpend='&nbsp;';
+            $tfont='#000000';
             if ($tstart) {
-		if ($tstart>$then) { 
-                    $tstatus='future';
-                    if ($tstart<$now) { $tstatus='will'; }
-                }
                 $tpstart=&Apache::lonlocal::locallocaltime($tstart);
             }
             if ($tend) {
-                if ($tend<$then) { 
-                    $tstatus='expired'; 
-                } elsif ($tend<$now) { 
-                    $tstatus='will_not'; 
-                }
                 $tpend=&Apache::lonlocal::locallocaltime($tend);
             }
             if ($ENV{'request.role'} eq $trolecode) {
@@ -365,6 +467,8 @@ ENDHEADER
                 if ($tstatus eq 'is') {
                     $tbg='#77FF77';
                     $tfont='#003300';
+		    $possiblerole=$trolecode;
+		    $countactive++;
                 } elsif ($tstatus eq 'future') {
                     $tbg='#FFFF77';
                     $button=0;
@@ -381,6 +485,8 @@ ENDHEADER
                 } elsif ($tstatus eq 'selected') {
                     $tbg='#11CC55';
                     $tfont='#002200';
+		    $inrole=1;
+		    $countactive++;
                     $tremark.=&mt('Currently selected. ');
                 }
                 my $trole;
@@ -399,56 +505,68 @@ ENDHEADER
                 # First, Co-Authorship roles
                 if ($role eq 'ca') {
                     my $home = &Apache::lonnet::homeserver($trest,$tdom);
-                    if ($home ne $r->dir_config('lonHostID')) {
+		    my $allowed=0;
+		    my @ids=&Apache::lonnet::current_machine_ids();
+		    foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+                    if (!$allowed) {
 			$button=0;
                         $switchserver=&Apache::lonnet::escape('http://'.
                          $Apache::lonnet::hostname{$home}.
                          '/adm/login?domain='.$ENV{'user.domain'}.
 			  '&username='.$ENV{'user.name'}.
-                          '&firsturl=/priv/'.$trest);
+                          '&firsturl=/priv/'.$trest.'/');
                     }
                     #next if ($home eq 'no_host');
                     $home = $Apache::lonnet::hostname{$home};
-                    $ttype=&mt('Construction Space');
+                    $ttype='Construction Space';
                     $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain').
 			': '.$tdom.'<br />'.
                         ' '.&mt('Server').':&nbsp;'.$home;
                     $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca';
+		    $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
+		    $sortkey=$role."$trest:$tdom";
                 } elsif ($role eq 'au') {
                     # Authors
                     my $home = &Apache::lonnet::homeserver
                         ($ENV{'user.name'},$ENV{'user.domain'});
-                    if ($home ne $r->dir_config('lonHostID')) {
+		    my $allowed=0;
+		    my @ids=&Apache::lonnet::current_machine_ids();
+		    foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+                    if (!$allowed) {
 			$button=0;
                         $switchserver=&Apache::lonnet::escape('http://'.
                          $Apache::lonnet::hostname{$home}.
                           '/adm/login?domain='.$ENV{'user.domain'}.
 			   '&username='.$ENV{'user.name'}.
-                           '&firsturl=/priv/'.$ENV{'user.name'});
+                           '&firsturl=/priv/'.$ENV{'user.name'}.'/');
                     }
                     #next if ($home eq 'no_host');
                     $home = $Apache::lonnet::hostname{$home};
-                    $ttype=&mt('Construction Space');
+                    $ttype='Construction Space';
                     $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server').
 			':&nbsp;'.$home;
                     $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca';
+		    $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$ENV{'user.name'}.'/');
+		    $sortkey=$role;
                 } elsif ($trest) {
-                    $ttype=&mt('Course');
+                    $ttype='Course';
                     if ($tsection) {
                         $ttype.='<br>'.&mt('Section/Group').': '.$tsection;
 		    }
                     my $tcourseid=$tdom.'_'.$trest;
                     if ($ENV{'course.'.$tcourseid.'.description'}) {
                         $twhere=$ENV{'course.'.$tcourseid.'.description'};
+			$sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
                         unless ($twhere eq &mt('Currently not available')) {
 			    $twhere.=' <font size="-2">'.
         &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
                                     '</font>';
 			}
                     } else {
-                        my %newhash=Apache::lonnet::coursedescription
-                            ($tcourseid);
+                        my %newhash=&Apache::lonnet::coursedescription($tcourseid);
                         if (%newhash) {
+			    $sortkey=$role."\0".$tdom."\0".$newhash{'description'}.
+				"\0".$envkey;
                             $twhere=$newhash{'description'}.
                               ' <font size="-2">'.
         &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
@@ -456,52 +574,163 @@ ENDHEADER
                         } else {
                             $twhere=&mt('Currently not available');
                             $ENV{'course.'.$tcourseid.'.description'}=$twhere;
+			    $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
                         }
                     }
 		    if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; }
                 } elsif ($tdom) {
-                    $ttype=&mt('Domain');
+                    $ttype='Domain';
                     $twhere=$tdom;
+		    $sortkey=$role.$twhere;
                 } else {
-                    $ttype=&mt('System');
+                    $ttype='System';
                     $twhere=&mt('system wide');
+		    $sortkey=$role.$twhere;
                 }
  
-                $r->print('<tr bgcolor='.$tbg.'>');
+                $roletext.='<tr bgcolor='.$tbg.'>';
                 unless ($nochoose) {
                     if (!$button) {
 			if ($switchserver) {
-			    $r->print('<td><a href="/adm/logout?handover='.
-                              $switchserver.'">'.&mt('Switch Server').'</a></td>');
+			    $roletext.='<td><a href="/adm/logout?handover='.
+                              $switchserver.'">'.&mt('Switch Server').'</a></td>';
                         } else {
-                            $r->print('<td>&nbsp;</td>');
+                            $roletext.=('<td>&nbsp;</td>');
                         }
                     } elsif ($tstatus eq 'is') {
-                        $r->print('<td><input type=submit value="'.
+                        $roletext.=('<td><input type=submit value="'.
 				  &mt('Select').'" name="'.
                                   $trolecode.'"></td>');
                     } elsif ($tryagain) {
-                        $r->print
-                        ('<td><input type=submit value="'.
-		  &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>');
+                        $roletext.=
+			    '<td><input type=submit value="'.
+		  &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>';
                     } elsif ($advanced) {
-                        $r->print
-                            ('<td><input type=submit value="'.
-		        &mt('Re-Initialize').'" name="'.$trolecode.'"></td>');
+                        $roletext.=
+                            '<td><input type=submit value="'.
+		        &mt('Re-Initialize').'" name="'.$trolecode.'"></td>';
                     } else {
-                        $r->print('<td>&nbsp;</td>');
+                        $roletext.='<td>&nbsp;</td>';
                     }
                 }
                 $tremark.=&Apache::lonannounce::showday(time,1,
                          &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
                 
-		$r->print('<td><font color="'.$tfont.'">'.$trole.
+		$roletext.='<td><font color="'.$tfont.'">'.$trole.
                       '</font></td><td><font color="'.$tfont.'">'.$ttype.
                       '</font></td><td><font color="'.$tfont.'">'.$twhere.
                       '</font></td><td><font color="'.$tfont.'">'.$tpstart.
                       '</font></td><td><font color="'.$tfont.'">'.$tpend.
                       '</font></td><td><font color="'.$tfont.'">'.$tremark.
-                      '&nbsp;</font></td></tr>'."\n");
+                      '&nbsp;</font></td></tr>'."\n";
+		$roletext{$envkey}=$roletext;
+		if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
+		$sortrole{$sortkey}=$envkey;
+		$roleclass{$envkey}=$ttype;
+	    }
+        }
+    }
+# No active roles
+    if ($countactive==0) {
+	if ($inrole) {
+	    $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>');
+	} else {
+	    $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>');
+	}
+	$r->print('</form></body></html>');
+	return OK;
+# Is there only one choice?
+    } elsif (($countactive==1) && ($ENV{'request.role'} eq 'cm')) {
+	$r->print('<h3>'.&mt('Please stand by.').'</h3>'.
+	    '<input type="hidden" name="'.$possiblerole.'" value="1" />');
+	$r->print("</form>\n");
+	$r->rflush();
+	$r->print('<script>document.forms.rolechoice.submit();</script>');
+	$r->print('</body></html>');
+	return OK;
+    }
+# More than one possible role
+# ----------------------------------------------------------------------- Table
+    unless (($advanced) || ($nochoose)) {
+	$r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
+    }
+    $r->print('<br /><table><tr>');
+    unless ($nochoose) { $r->print('<th>&nbsp;</th>'); }
+    $r->print('<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent').
+         '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'.
+	      &mt('Remarks and Calendar Announcements').'</th></tr>'."\n");
+    my $doheaders=-1;
+    foreach my $type ('Construction Space','Course','Domain','System') {
+	my $haverole=0;
+	foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
+	    if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 
+		$haverole=1;
+	    }
+	}
+	if ($haverole) { $doheaders++; }
+    }
+    if ($numdc > 0) {
+         $r->print('<tr bgcolor="#BBffBB">'.
+                      '<td align="center" colspan="7">'.
+                      '<input type="hidden" name="all_cc_roles" value="1"/>'.
+                      '<input type="hidden" name="dcselected" value=""/>'.
+                      &mt('Domain').'</td>');
+         foreach my $dcdom (keys %dcroles) {
+             my $output = $roletext{$dcroles{$dcdom}};
+             my $ccrole = Apache::lonnet::plaintext('cc');
+             if ($ENV{'request.role'} =~ m-cc\./$dcdom/-) {
+                 $output.=$roletext{'user.role.'.$ENV{'request.role'}};
+             }
+             $r->print($output);
+             $r->print('<tr bgcolor="#77FF77">');
+             $r->print('<td><input type="button" value="'.
+                      &mt('Select').'" name="dcpick_'.$dcdom.'/" '.
+                      'onClick="setDCchoice('."'$dcdom'".')"></td>'.
+                      '<td><font color="#002200">'.
+                      $ccrole.'</font></td><td>'.&mt('Course').'</td>'.
+                      '<td><font color="#002200"><b>'.&mt('All courses').'</b>'.
+                      '<br />'.&mt('Domain').':'.$dcdom.'</font>'.
+                      '<td colspan="4"><font color="#002200">'.
+                      &mt('Course Coordinator access to all courses in domain').
+                      ': <b>'.$dcdom.'</b></font></td></tr>'."\n");
+         }
+         foreach my $type ('Construction Space','Course','Domain','System') {
+             my $output;
+             foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
+                my $skiprole = 0;
+                foreach my $dcdom (keys %dcroles) {
+                    if ($sortrole{$which} =~ m-(dc)\./$dcdom/-) {
+                        $skiprole = 1;
+                        last;
+                    }
+                }
+                if (($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) && (!$skiprole)) {
+                    $output.=$roletext{$sortrole{$which}};
+                }
+            }
+            if ($output) {
+                if ($doheaders > 0) {
+                    $r->print("<tr bgcolor='#BBffBB'>".
+                          "<td align='center' colspan='7'>".&mt($type)."</td>
+");
+                }
+                $r->print($output);
+            }
+        }
+    } else {
+        foreach my $type ('Construction Space','Course','Domain','System') {
+	    my $output;
+	    foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
+	        if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 
+		    $output.=$roletext{$sortrole{$which}};
+	        }
+	    }
+	    if ($output) {
+	        if ($doheaders > 0) {
+		    $r->print("<tr bgcolor='#BBffBB'>".
+			      "<td align='center' colspan='7'>".&mt($type)."</td>");
+	        }
+	        $r->print($output);	
 	    }
         }
     }
@@ -587,11 +816,251 @@ ENDHEADER
     $r->print(&Apache::lonnet::getannounce());
     if ($advanced) {
 	$r->print('<p><small><i>This is LON-CAPA '.
-		  $r->dir_config('lonVersion').'</i></small></p>');
+		  $r->dir_config('lonVersion').'</i><br />'.
+		  '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>');
     }
     $r->print("</body></html>\n");
     return OK;
-} 
+}
+
+sub role_status {
+    my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
+    my @pwhere = ();
+    if (exists($ENV{$rolekey}) && $ENV{$rolekey} ne '') {
+        (undef,undef,$$role,@pwhere)=split(/\./,$rolekey);
+        unless (!defined($$role) || $$role eq '') {
+            $$where=join('.',@pwhere);
+            $$trolecode=$$role.'.'.$$where;
+            ($$tstart,$$tend)=split(/\./,$ENV{$rolekey});
+            $$tstatus='is';
+            if ($$tstart && $$tstart>$then) {
+		$$tstatus='future';
+		if ($$tstart<$now) { $$tstatus='will'; }
+            }
+            if ($$tend) {
+                if ($$tend<$then) {
+                    $$tstatus='expired';
+                } elsif ($$tend<$now) {
+                    $$tstatus='will_not';
+                }
+            }
+        }
+    }
+}
+
+sub dc_script {
+    my $response = (<<"END");
+function setDCchoice(caller) {
+    var dcname = "dc./"+caller+"/"
+    document.rolechoice.dcselected.value = caller
+    document.rolechoice.elements[3].name = dcname
+    document.rolechoice.submit()
+}
+END
+    return $response;
+}
+                                                                                 
+sub check_fordc {
+    my ($dcroles,$then) = @_;
+    my $numdc = 0;
+    if ($ENV{'user.adv'}) {
+        foreach my $envkey (sort keys %ENV) {
+            if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) {
+                my $dcdom = $1;
+                my $livedc = 1;
+                my ($tstart,$tend)=split(/\./,$ENV{$envkey});
+                if ($tstart && $tstart>$then) { $livedc = 0; }
+                if ($tend   && $tend  <$then) { $livedc = 0; }
+                if ($livedc) {
+                    $$dcroles{$dcdom} = $envkey;
+                    $numdc++;
+                }
+            }
+        }
+    }
+    return $numdc;
+}
+
+sub choosecourse_display {
+    my ($r,$dcdom,$then,$now) = @_;
+    my $cb_jscript = &Apache::loncommon::coursebrowser_javascript($dcdom,'dom');
+    my $verify_script = <<"END";
+<script>
+function verifyCoursePick() {
+    var pickedCourse = document.roles.dccourse.value
+    var pickedDomain = document.roles.dcdomain.value
+    if (document.roles.dcdomain.value == document.roles.origdom.value) {
+        if (pickedCourse != '') {
+            var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse
+            document.roles.elements[0].value = 1
+            document.roles.elements[0].name = courseTarget
+            document.roles.selectrole.value = 1
+            document.roles.submit()
+        }
+        else {
+            alert("You must use the 'Select Course' link to open a separate pick course window which you can use to select the course you wish to enter");
+        }
+    }
+    else {
+        alert("You can only use this screen to select courses in the current domain")
+    }
+}
+</script>
+END
+    my $courseform=&Apache::loncommon::selectcourse_link
+                     ('roles','dccourse','dcdomain','coursedesc');
+    $r->print($cb_jscript.$verify_script);
+    my $formaction='/adm/roles';
+    $formaction=~s/\/+/\//g;
+    my $crs;
+    &select_recent_courses($r,$dcdom,$then,$now);
+    $r->print('<br /><form name="roles" method="post" action="'.$formaction.'" />');
+    $r->print('<h3>'.&mt('Choose a course from domain').': '.$dcdom.'</h3><font size="+1">'.$courseform.'</font><br /><br />'.
+              '<input type="hidden" name="chosencourse" value=""/>'.
+              'Course Title: <input type="text" size="20" name="coursedesc" value=""><br />'.
+              'Course ID: <input type="text" size="15" name="dccourse" />'.
+              '<input type="hidden" name="dcdomain" value="'.$dcdom.'" />'.
+              '<input type="hidden" name="origdom" value="'.$dcdom.'" />'.
+              '<input type="hidden" name="selectrole" value="" />'.
+              '<br /><br /><input type="button" name="proceed" value="'.&mt('Enter this course').'" onClick="verifyCoursePick()" />'.
+              '</form>');
+    return;
+}
+
+sub select_recent_courses {
+    my ($r,$dcdom,$then,$now)=@_;
+    my $advanced = $ENV{'user.adv'};
+    my $tryagain = $ENV{'form.tryagain'};
+    my %recent=&Apache::lonnet::dump(&recent_filename('cc_pickby_dc_'.$dcdom));
+    my $numrecent = 0;
+    my $roletext = '<h3>'.&mt('Enter a recently visited course').'</h3>'.
+                   '<form name="rolechoice" action="/adm/roles" method="post">'.
+                   '<table><tr><th>&nbsp;</th>'.
+                   '<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent').
+                   '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'.
+                   &mt('Remarks and Calendar Announcements').'</th></tr>'."\n".
+                   '<tr bgcolor="#BBffBB">'.
+                   '<td align="center" colspan="7">'.
+                   &mt('Domain').' - '.&mt('Recent courses accessed in this domain').
+                    '</td></tr>'."\n";
+    foreach my $courseid (sort keys %recent) {
+        unless ($courseid =~/^error\:/) {
+            my ($dom,$crs) = split/_/,$courseid;
+            if ($dom eq $dcdom) {
+                $numrecent ++;
+                my $crskey = 'user.role.cc./'.$dom.'/'.$crs;
+                my ($where,$trolecode,$role,$tstatus,$tend,$tstart,$tbg,$tfont,$tremark,$inrole,$tpstart,$tpend);
+                my $button = 1;
+                &role_status($crskey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
+                if ($tstart) {
+                    $tpstart=&Apache::lonlocal::locallocaltime($tstart);
+                }
+                if ($tend) {
+                    $tpend=&Apache::lonlocal::locallocaltime($tend);
+                }
+                my $ttype = &mt('Course');
+                my $twhere;
+                if ($ENV{'course.'.$courseid.'.description'}) {
+                    $twhere=$ENV{'course.'.$courseid.'.description'};
+                }
+                my ($tdom,$trest,$tsection)=
+                    split(/\//,Apache::lonnet::declutter($where));
+                if ($ENV{'request.role'} eq $trolecode) {
+                    $tstatus='selected';
+                }
+                if ($tstatus eq 'is') {
+                    $tbg='#77FF77';
+                    $tfont='#003300';
+                } elsif ($tstatus eq 'future') {
+                    $tbg='#FFFF77';
+                    $button=0;
+                } elsif ($tstatus eq 'will') {
+                    $tbg='#FFAA77';
+                    $tremark.=&mt('Active at next login. ');
+                } elsif ($tstatus eq 'expired') {
+                    $tbg='#FF7777';
+                    $tfont='#330000';
+                    $button=0;
+                } elsif ($tstatus eq 'will_not') {
+                    $tbg='#AAFF77';
+                    $tremark.=&mt('Expired after logout. ');
+                } elsif ($tstatus eq 'selected') {
+                    $tbg='#11CC55';
+                    $tfont='#002200';
+                    $inrole=1;
+                    $tremark.=&mt('Currently selected. ');
+                }
+                my $trole=Apache::lonnet::plaintext($role);
+                $roletext.='<tr bgcolor='.$tbg.'>';
+                if (!$button) {
+                    $roletext.=('<td>&nbsp;</td>');
+                } elsif ($tstatus eq 'is') {
+                    $roletext.=('<td><input type=submit value="'.
+                              &mt('Select').'" name="'.
+                              $trolecode.'"></td>');
+                } elsif ($tryagain) {
+                    $roletext.=
+                        '<td><input type=submit value="'.
+                        &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>';
+                } elsif ($advanced) {
+                    $roletext.=
+                        '<td><input type=submit value="'.
+                        &mt('Re-Initialize').'" name="'.$trolecode.'"></td>';
+                } else {
+                    $roletext.='<td>&nbsp;</td>';
+                }
+                $tremark.=&Apache::lonannounce::showday(time,1,
+                         &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
+                                                                                  
+                $roletext.='<td><font color="'.$tfont.'">'.$trole.
+                      '</font></td><td><font color="'.$tfont.'">'.$ttype.
+                      '</font></td><td><font color="'.$tfont.'">'.$twhere.
+                      '</font></td><td><font color="'.$tfont.'">'.$tpstart.
+                      '</font></td><td><font color="'.$tfont.'">'.$tpend.
+                      '</font></td><td><font color="'.$tfont.'">'.$tremark.
+                      '&nbsp;</font></td></tr>'."\n";
+            }
+        }
+    }
+    if ($numrecent > 0) {
+        $r->print($roletext.'</table><input type="hidden" '.
+                  'name="selectrole" value="1" /></form>'."\n");
+    }
+}
+
+sub recent_filename {
+    my $area=shift;
+    return 'nohist_recent_'.&Apache::lonnet::escape($area);
+}
+
+sub set_privileges {
+    my ($dcdom,$pickedcourse) = @_;
+    my $area = '/'.$dcdom.'/'.$pickedcourse;
+    my $role = 'cc';
+    my $spec = $role.'.'.$area;
+    my $userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$ENV{'user.name'});
+    my %ccrole = ();
+    &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
+    my ($author,$adv)= &Apache::lonnet::set_userprivs(\$userroles,\%ccrole);
+    my @newprivs = split/\n/,$userroles;
+    my %newccroles = ();
+    foreach (@newprivs) {
+        my ($key,$val) = split/=/,$_;
+        $newccroles{$key} = $val;
+    }
+    &Apache::lonnet::appenv(%newccroles);
+    &Apache::lonnet::log($ENV{'user.domain'},
+                         $ENV{'user.name'},
+                         $ENV{'user.home'},
+                        "Role ".$role);
+    &Apache::lonnet::appenv(
+                          'request.role'        => $role,
+                          'request.role.domain' => $dcdom,
+                          'request.course.sec'  => '');
+    my $tadv=0;
+    if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
+    &Apache::lonnet::appenv('request.role.adv'    => $tadv);
+}
 
 1;
 __END__

	'.&mt('User Role').'	'.&mt('Extent'). + '		'.&mt('Start').'
'. + ''. + ''. + &mt('Domain').'
	'. + $ccrole.'	'.&mt('Course').'	'.&mt('All courses').''. + ' '.&mt('Domain').':'.$dcdom.''. + '	'. + &mt('Course Coordinator access to all courses in domain'). + ': '.$dcdom.'
".&mt($type)."
".&mt($type)."
	'.&mt('User Role').'	'.&mt('Extent'). + '		'.&mt('Start').'	'.&mt('End').'	'. + &mt('Remarks and Calendar Announcements').'
'. + &mt('Domain').' - '.&mt('Recent courses accessed in this domain'). + '
					'.$trole. + '	'.$ttype. + '	'.$twhere. + '	'.$tpstart. + '	'.$tpend. + '	'.$tremark. + '