--- loncom/interface/loncreateuser.pm	2002/08/23 19:43:11	1.42
+++ loncom/interface/loncreateuser.pm	2002/10/03 14:56:48	1.43
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Create a user
 #
-# $Id: loncreateuser.pm,v 1.42 2002/08/23 19:43:11 matthew Exp $
+# $Id: loncreateuser.pm,v 1.43 2002/10/03 14:56:48 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -47,7 +47,7 @@
 # 11/12,11/13,11/15 Scott Harrison
 # 02/11/02 Matthew Hall
 #
-# $Id: loncreateuser.pm,v 1.42 2002/08/23 19:43:11 matthew Exp $
+# $Id: loncreateuser.pm,v 1.43 2002/10/03 14:56:48 www Exp $
 ###
 
 package Apache::loncreateuser;
@@ -80,6 +80,19 @@ BEGIN {
     $authformloc  = &Apache::loncommon::authform_local(%param);
 }
 
+
+
+# ==================================================== Figure out author access
+
+sub authorpriv {
+    my ($auname,$audom)=@_;
+    if (($auname ne $ENV{'user.name'}) ||
+        (($audom ne $ENV{'user.domain'}) &&
+         ($audom ne $ENV{'request.role.domain'}))) { return ''; }
+    unless (&Apache::lonnet::allowed('cca',$audom)) { return ''; }
+    return 1;
+}
+
 # =================================================================== Phase one
 
 sub print_username_entry_form {
@@ -98,8 +111,11 @@ $bodytag
 <form action="/adm/createuser" method="post">
 <input type="hidden" name="phase" value="get_user_info">
 <p>
-Username: <input type="text" size="15" name="ccuname"><br>
-Domain: $domform 
+<table>
+<tr><td>Username:</td><td><input type="text" size="15" name="ccuname">
+</td></tr><tr><td>
+Domain:</td><td>$domform</td></tr>
+</table> 
 </p>
 <input type="submit" value="Continue">
 </form>
@@ -294,18 +310,12 @@ END
                        }
                    }
                }
-               # I have no idea what the hell the above code does
-               # So the following is a check:
-               if ($allowed) {
-                   # If we are looking at a co-author role, make sure it is 
-                   # for the current users construction space before we let 
-                   # them revoke it.
-                   if (($role_code eq 'ca') && 
-                       ($ENV{'request.role'} !~ /^dc/)) {
-                       if ($area !~ 
-                           /^\/$ENV{'request.role.domain'}\/$ENV{'user.name'}/) {
-                           $allowed = 0;
-                       }
+               if ($role_code eq 'ca') {
+                   $area=~/\/(\w+)\/(\w+)/;
+		   if (&authorpriv($2,$1)) {
+		       $allowed=1;
+                   } else {
+                       $allowed=0;
                    }
                }
                my $row = '';
@@ -427,7 +437,7 @@ ENDOTHERAUTHS
 #
 # Co-Author
 # 
-    if (&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) {
+    if (&authorpriv($ENV{'user.name'},$ENV{'request.role.domain'})) {
 	my $cuname=$ENV{'user.name'};
         my $cudom=$ENV{'request.role.domain'};
        $r->print(<<ENDCOAUTH);