--- loncom/interface/lonmenu.pm	2011/05/27 19:33:45	1.315.2.11
+++ loncom/interface/lonmenu.pm	2012/03/03 01:01:33	1.315.2.15.2.2
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Routines to control the menu
 #
-# $Id: lonmenu.pm,v 1.315.2.11 2011/05/27 19:33:45 raeburn Exp $
+# $Id: lonmenu.pm,v 1.315.2.15.2.2 2012/03/03 01:01:33 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -727,7 +727,7 @@ ENDMENUITEMS
 
             my %icon_text;
             if ($noremote) {
-                %icon_text = (
+                %icon_text = &Apache::lonlocal::texthash (
                                annotate => 'Notes',
                                bookmark => 'Bookmark',
                                catalog  => 'Info',
@@ -743,9 +743,12 @@ s&2&3&forw.gif&forward[_1]&&gopost('/adm
 c&6&3
 c&8&1
 c&8&2
-s&8&3&prt.gif&prepare[_1]&printout[_1]&gopost('/adm/printout',currentURL)&Prepare a printable document&&&$icon_text{'printout'}
-s&9&1&sbkm.gif&set[_1]&bookmark[_2]&set_bookmark()&Set a bookmark for this resource&&1&$icon_text{'bookmark'}
 ENDMENUITEMS
+            if (($env{'request.course.id'} ne 'relate_3e100973b27484f2drelatel1') ||
+                ($env{'request.role'} =~ /^cc/)) {
+                $menuitems .= "s&8&3&prt.gif&prepare[_1]&printout[_1]&gopost('/adm/printout',currentURL)&Prepare a printable document&&&$icon_text{'printout'}\n";
+            }
+            $menuitems .= "s&9&1&sbkm.gif&set[_1]&bookmark[_2]&set_bookmark()&Set a bookmark for this resource&&1&$icon_text{'bookmark'}\n";
 
 my $currentURL = &Apache::loncommon::get_symb();
 my ($symb_old,$symb_old_enc) = &Apache::loncommon::clean_symb($currentURL);
@@ -783,10 +786,14 @@ ENDREALRES
 	    }
         }
 	if ($env{'request.uri'} =~ /^\/res/) {
-	    $menuitems .= (<<ENDMENUITEMS);
-s&8&3&prt.gif&prepare[_1]&printout[_1]&gopost('/adm/printout',currentURL)&Prepare a printable document&&&Print
+            if (($env{'request.course.id'} ne 'relate_3e100973b27484f2drelatel1') ||
+               ($env{'request.role'} =~ /^cc/)) {
+                my $icontext = &mt('Print');
+	        $menuitems .= (<<ENDMENUITEMS);
+s&8&3&prt.gif&prepare[_1]&printout[_1]&gopost('/adm/printout',currentURL)&Prepare a printable document&&&$icontext
 ENDMENUITEMS
-	}
+	    }
+        }
         my $buttons='';
         foreach (split(/\n/,$menuitems)) {
 	    my ($command,@rest)=split(/\&/,$_);
@@ -1890,7 +1897,7 @@ sub roles_selector {
     my ($cdom,$cnum) = @_;
     my $crstype = &Apache::loncommon::course_type();
     my $now = time;
-    my (%courseroles,%seccount);
+    my (%courseroles,%seccount,%courseprivs);
     my $is_cc;
     my $role_selector;
     my $ccrole;
@@ -1898,7 +1905,17 @@ sub roles_selector {
         $ccrole = 'co';
     } else {
         $ccrole = 'cc';
-    } 
+    }
+    my $priv;
+    my $destinationurl = $ENV{'REQUEST_URI'};
+    my $reqprivs = &required_privs();
+    if (ref($reqprivs) eq 'HASH') {
+        my $destination = $destinationurl;
+        $destination =~ s/(\?.*)$//;
+        if (exists($reqprivs->{$destination})) {
+            $priv = $reqprivs->{$destination};
+        }
+    }
     if ($env{'user.role.'.$ccrole.'./'.$cdom.'/'.$cnum}) {
         my ($start,$end) = split(/\./,$env{'user.role.'.$ccrole.'./'.$cdom.'/'.$cnum});
         
@@ -1911,7 +1928,7 @@ sub roles_selector {
         }
     }
     if ($is_cc) {
-        &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount);
+        &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount,\%courseprivs,$priv);
     } else {
         my %gotnosection;
         foreach my $item (keys(%env)) {
@@ -1927,6 +1944,18 @@ sub roles_selector {
                         $gotnosection{$role} = 1;
                     }
                 }
+                if ($priv ne '') {
+                    my $cnumsec = $cnum;
+                    if ($sec ne '') {
+                        $cnumsec .= "/$sec";
+                    }
+                    $courseprivs{"$role./$cdom/$cnumsec./"} =
+                        $env{"user.priv.$role./$cdom/$cnumsec./"};
+                    $courseprivs{"$role./$cdom/$cnumsec./$cdom/"} =
+                        $env{"user.priv.$role./$cdom/$cnumsec./$cdom/"};
+                    $courseprivs{"$role./$cdom/$cnumsec./$cdom/$cnumsec"} =
+                        $env{"user.priv.$role./$cdom/$cnumsec./$cdom/$cnumsec"};
+                }
                 if (ref($courseroles{$role}) eq 'ARRAY') {
                     if ($sec ne '') {
                         if (!grep(/^\Q$sec\E$/,@{$courseroles{$role}})) {
@@ -1952,7 +1981,7 @@ sub roles_selector {
     }
     my @roles_order = ($ccrole,'in','ta','ep','ad','st');
     if (keys(%courseroles) > 1) {
-        $role_selector = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles);
+        $role_selector = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles,\%courseprivs,$priv);
         $role_selector .= '<form name="rolechooser" method="post" action="/adm/roles">
                           <select name="switchrole" onchange="javascript:adhocRole('."'switchrole'".')">';
         $role_selector .= '<option value="">'.$switchtext.'</option>';
@@ -1968,7 +1997,7 @@ sub roles_selector {
         }
         $role_selector .= '</select>'."\n".
                '<input type="hidden" name="destinationurl" value="'.
-               &HTML::Entities::encode($ENV{'REQUEST_URI'}).'" />'."\n".
+               &HTML::Entities::encode($destinationurl).'" />'."\n".
                '<input type="hidden" name="gotorole" value="1" />'."\n".
                '<input type="hidden" name="selectrole" value="" />'."\n".
                '<input type="hidden" name="switch" value="1" />'."\n".
@@ -1978,18 +2007,21 @@ sub roles_selector {
 }
 
 sub get_all_courseroles {
-    my ($cdom,$cnum,$courseroles,$seccount) = @_;
-    unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH')) {
+    my ($cdom,$cnum,$courseroles,$seccount,$courseprivs) = @_;
+    unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH') &&
+            (ref($courseprivs) eq 'HASH')) {
         return;
     }
     my ($result,$cached) = 
         &Apache::lonnet::is_cached_new('getcourseroles',$cdom.'_'.$cnum);
     if (defined($cached)) {
         if (ref($result) eq 'HASH') {
-            if ((ref($result->{'roles'}) eq 'HASH') && 
-                (ref($result->{'seccount'}) eq 'HASH')) {
+            if ((ref($result->{'roles'}) eq 'HASH') &&
+                (ref($result->{'seccount'}) eq 'HASH') &&
+                (ref($result->{'privs'}) eq 'HASH')) {
                 %{$courseroles} = %{$result->{'roles'}};
                 %{$seccount} = %{$result->{'seccount'}};
+                %{$courseprivs} = %{$result->{'privs'}};
                 return;
             }
         }
@@ -2017,30 +2049,43 @@ sub get_all_courseroles {
                 push(@{$courseroles->{$urole}},$usec);
             }
         }
+        my $area = '/'.$cdom.'/'.$cnum;
+        if ($usec ne '') {
+            $area .= '/'.$usec;
+        }
+        if ($role =~ /^cr\//) {
+            &Apache::lonnet::custom_roleprivs($courseprivs,$urole,$cdom,$cnum,$urole.'.'.$area,$area);
+        } else {
+            &Apache::lonnet::standard_roleprivs($courseprivs,$urole,$cdom,$urole.'.'.$area,$cnum,$area);
+        }
     }
     my %sections_count = &Apache::loncommon::get_sections($cdom,$cnum,['st']);
     @{$courseroles->{'st'}} = ();
+    &Apache::lonnet::standard_roleprivs($courseprivs,'st',$cdom,"st./$cdom/$cnum",$cnum,"/$cdom/$cnum");
     if (keys(%sections_count) > 0) {
         push(@{$courseroles->{'st'}},keys(%sections_count));
-        $seccount->{'st'} = scalar(keys(%sections_count)); 
+        $seccount->{'st'} = scalar(keys(%sections_count));
     }
     my $rolehash = {
                      'roles'    => $courseroles,
                      'seccount' => $seccount,
+                     'privs'    => $courseprivs,
                    };
     &Apache::lonnet::do_cache_new('getcourseroles',$cdom.'_'.$cnum,$rolehash);
     return;
 }
 
 sub jump_to_role {
-    my ($cdom,$cnum,$seccount,$courseroles) = @_;
+    my ($cdom,$cnum,$seccount,$courseroles,$courseprivs,$priv) = @_;
     my %lt = &Apache::lonlocal::texthash(
                 this => 'This role has section(s) associated with it.',
                 ente => 'Enter a specific section.',
                 orlb => 'Enter a specific section, or leave blank for no section.',
                 avai => 'Available sections are:',
                 youe => 'You entered an invalid section choice:',
-                plst => 'Please try again',
+                plst => 'Please try again.',
+                role => 'The role you selected is not permitted to view the current page.',
+                swit => 'Switch role, but display Main Menu page instead?',
     );
     my $js;
     if (ref($courseroles) eq 'HASH') {
@@ -2063,6 +2108,37 @@ sub jump_to_role {
                    '    numsec['.$i.'] = "'.$seccount->{$items[$i]}.'";'."\n";
         }
     }
+    my $checkroles = 0;
+    if ($priv && ref($courseprivs) eq 'HASH') {
+        my (%disallowed,%allowed,@disallow);
+        foreach my $role (sort(keys(%{$courseprivs}))) {
+            my $trole;
+            if ($role =~ m{^(.+?)\Q./$cdom/$cnum\E}) {
+                $trole = $1;
+            }
+            if (($trole ne '') && ($trole ne 'cm')) {
+                if ($courseprivs->{$role} =~ /\Q:$priv\E($|:|\&\w+)/) {
+                    $allowed{$trole} = 1;
+                } else {
+                    $disallowed{$trole} = 1;
+                }
+            }
+        }
+        foreach my $trole (keys(%disallowed)) {
+            unless ($allowed{$trole}) {
+                push(@disallow,$trole);
+            }
+        }
+        if (@disallow > 0) {
+            $checkroles = 1;
+            $js .= "    var disallow = new Array('".join("','",@disallow)."');\n".
+                   "    var rolecheck = 1;\n";
+        }
+    }
+    if (!$checkroles) {
+        $js .=  "    var disallow = new Array();\n".
+                "    rolecheck = 0;\n";
+    }
     return <<"END";
 <script type="text/javascript">
 //<![CDATA[
@@ -2070,7 +2146,7 @@ function adhocRole(roleitem) {
     $js
     var newrole =  document.rolechooser.elements[roleitem].options[document.rolechooser.elements[roleitem].selectedIndex].value;
     if (newrole == '') {
-        return; 
+        return;
     } 
     var fullrole = newrole+'./$cdom/$cnum';
     var selidx = '';
@@ -2079,6 +2155,18 @@ function adhocRole(roleitem) {
             selidx = i;
         }
     }
+    if (rolecheck > 0) {
+        for (var i=0; i<disallow.length; i++) {
+            if (disallow[i] == newrole) {
+                if (confirm("$lt{'role'}\\n$lt{'swit'}")) {
+                    document.rolechooser.destinationurl.value = '/adm/menu';
+                } else {
+                    document.rolechooser.elements[roleitem].selectedIndex = 0;
+                    return;
+                }
+            }
+        }
+    }
     var secok = 1;
     var secchoice = '';
     if (selidx >= 0) {
@@ -2116,6 +2204,7 @@ function adhocRole(roleitem) {
         return;
     }
     if (fullrole == "$env{'request.role'}") {
+        document.rolechooser.elements[roleitem].selectedIndex = 0;
         return;
     }
     itemid = retrieveIndex('gotorole');
@@ -2141,6 +2230,22 @@ function retrieveIndex(item) {
 END
 }
 
+sub required_privs {
+    my $privs =  {
+             '/adm/parmset'      => 'opa',
+             '/adm/courseprefs'  => 'opa',
+             '/adm/whatsnew'     => 'whn',
+             '/adm/populate'     => 'cst',
+             '/adm/trackstudent' => 'vsa',
+             '/adm/statistics'   => 'vgr',
+           };
+    unless ($env{'course.'.$env{'request.course.id'}.'.grading'} eq 'spreadsheet') {
+        $privs->{'/adm/classcalc'}   = 'vgr',
+        $privs->{'/adm/assesscalc'}  = 'vgr',
+        $privs->{'/adm/studentcalc'} = 'vgr';
+    }
+    return $privs;
+}
 
 # ================================================================ Main Program