--- loncom/interface/lonuserutils.pm	2007/12/26 14:38:13	1.36
+++ loncom/interface/lonuserutils.pm	2008/04/30 23:16:19	1.52
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Utility functions for managing LON-CAPA user accounts
 #
-# $Id: lonuserutils.pm,v 1.36 2007/12/26 14:38:13 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.52 2008/04/30 23:16:19 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -42,7 +42,7 @@ use LONCAPA qw(:DEFAULT :match);
 ###############################################################
 # Drop student from all sections of a course, except optional $csec
 sub modifystudent {
-    my ($udom,$unam,$courseid,$csec,$desiredhost)=@_;
+    my ($udom,$unam,$courseid,$csec,$desiredhost,$context)=@_;
     # if $csec is undefined, drop the student from all the courses matching
     # this one.  If $csec is defined, drop them from all other sections of
     # this course and add them to section $csec
@@ -69,14 +69,14 @@ sub modifystudent {
                         # dom  name  id mode pass     f     m     l     g
                         ($udom,$unam,'',  '',  '',undef,undef,undef,undef,
                          $section,time,undef,undef,$desiredhost,'','manual',
-                         '',$courseid);
+                         '',$courseid,'',$context);
                     $result .= $reply.':';
                 }
             }
         }
     }
     if ($result eq '') {
-        $result = 'Unable to find section for this student';
+        $result = &mt('Unable to find section for this student');
     } else {
         $result =~ s/(ok:)+/ok/g;
     }
@@ -129,7 +129,8 @@ sub modifyuserrole {
         if ($role ne '') {
             $role =~ s/_/\//g;
             $roleresult = &Apache::lonnet::assignrole($udom,$uname,$scope,
-                                                      $role,$end,$start);
+                                                      $role,$end,$start,'',
+                                                      '',$context);
         }
     }
     return ($userresult,$authresult,$roleresult,$idresult);
@@ -333,17 +334,12 @@ sub print_upload_manager_header {
 sub javascript_validations {
     my ($mode,$krbdefdom,$curr_authtype,$curr_authfield,$domain,
         $context,$groupslist)=@_;
-
     my %param = (
                   kerb_def_dom => $krbdefdom,
                   curr_authtype => $curr_authtype,
                 );
-    if ($mode eq 'createuser') {
-        $param{'formname'} = 'cu';
-    } elsif ($mode eq 'upload') {
+    if ($mode eq 'upload') {
         $param{'formname'} = 'studentform';
-    } elsif ($mode eq 'singlestudent') {
-        $param{'formname'} = 'cu';
     } elsif ($mode eq 'createcourse') {
         $param{'formname'} = 'ccrs';
     } elsif ($mode eq 'modifycourse') {
@@ -367,7 +363,7 @@ sub javascript_validations {
                 }
             } elsif ($context eq 'domain') {
                 $setsection_call = 'setCourse()';
-                $setsections_js = &dc_setcourse_js($param{'formname'},$mode);
+                $setsections_js = &dc_setcourse_js($param{'formname'},$mode,$context);
             }
             $finish = "  var checkSec = $setsection_call\n".
                       "  if (checkSec == 'ok') {\n".
@@ -389,8 +385,7 @@ sub javascript_validations {
          role     => 'The optional role field was not specified.',
          continue => 'Continue adding users?',
          );
-
-    my $function_name =(<<END);
+    my $function_name = <<"END";
 $setsections_js
 
 function verify_message (vf,founduname,foundpwd,foundname,foundid,foundsec,foundemail) {
@@ -456,7 +451,7 @@ END
     foundatype=1;
     if (current.argfield == null || current.argfield == '') {
         var alertmsg = '';
-        switch (current.value) {
+        switch (current.radiovalue) {
             case 'krb':
                 alertmsg = '$alert{'krb'}';
                 break;
@@ -521,14 +516,8 @@ END
 }
 END
     }
-    my $result = $function_name;
-    if ( ($mode eq 'upload') || ($mode eq 'createcourse') || ($mode eq 'modifycourse')  ) {
-        $result .= $auth_checks;
-    }
-    $result .= $optional_checks."\n".$section_checks;
-    if ( ($mode eq 'upload') || ($mode eq 'createcourse') || ($mode eq 'modifycourse')  ) {
-        $result .= $authheader;
-    }
+    my $result = $function_name.$auth_checks.$optional_checks."\n".
+                 $section_checks.$authheader;
     return $result;
 }
 ###############################################################
@@ -1319,32 +1308,24 @@ sub print_userlist {
     }
     $r->rflush();
     if ($context eq 'course') {
-        my $classlist = &Apache::loncoursedata::get_classlist();
-        my $secidx = &Apache::loncoursedata::CL_SECTION();
-        my $viewablesec = &viewable_section($permission);
-        foreach my $student (keys(%{$classlist})) {
-            my $section = $classlist->{$student}[$secidx];
-            if ($viewablesec ne '') {
-                if ($section ne $viewablesec) {
-                    next;
-                } else {
-                    $userlist{$student} = $classlist->{$student};
-                }
+        if (($env{'form.showrole'} eq 'st') || ($env{'form.showrole'} eq 'Any')) { 
+            my $classlist = &Apache::loncoursedata::get_classlist();
+            %userlist = %{$classlist};
+        }
+        if ($env{'form.showrole'} ne 'st') {
+            my $showroles;
+            if ($env{'form.showrole'} ne 'Any') {
+                $showroles = [$env{'form.showrole'}];
             } else {
-                $userlist{$student} = $classlist->{$student};
+                $showroles = undef;
             }
+            my $withsec = 1;
+            my $hidepriv = 1;
+            my %advrolehash = &Apache::lonnet::get_my_roles($cnum,$cdom,undef,
+                              \@statuses,$showroles,undef,$withsec,$hidepriv);
+            &gather_userinfo($context,$format,\%userlist,$indexhash,\%userinfo,
+                             \%advrolehash,$permission);
         }
-        my $showroles;
-        if ($env{'form.showrole'} ne 'Any') {
-            $showroles = [$env{'form.showrole'}];
-        } else {
-            $showroles = undef;
-        }
-        my $withsec = 1;
-        my %advrolehash = &Apache::lonnet::get_my_roles($cnum,$cdom,undef,
-                                    \@statuses,$showroles,undef,$withsec);
-        &gather_userinfo($context,$format,\%userlist,$indexhash,\%userinfo,
-                         \%advrolehash,$permission);
     } else {
         my (%cstr_roles,%dom_roles);
         if ($context eq 'author') {
@@ -1393,7 +1374,8 @@ sub print_userlist {
             } elsif ($env{'form.roletype'} eq 'course') {
                 if ($env{'form.coursepick'}) {
                     my %courses = &process_coursepick();
-                    my %allusers; 
+                    my %allusers;
+                    my $hidepriv = 1;
                     foreach my $cid (keys(%courses)) {
                         my ($cnum,$cdom,$cdesc) = &get_course_identity($cid);
                         next if ($cnum eq '' || $cdom eq '');
@@ -1411,7 +1393,7 @@ sub print_userlist {
                         foreach my $type (@statuses) {
                             $access{$type} = $type;
                         }
-                        &Apache::loncommon::get_course_users($cdom,$cnum,\%access,\@roles,\@sections,\%users,\%userdata,\%statushash);
+                        &Apache::loncommon::get_course_users($cdom,$cnum,\%access,\@roles,\@sections,\%users,\%userdata,\%statushash,$hidepriv);
                         foreach my $user (keys(%userdata)) {
                             next if (ref($userinfo{$user}) eq 'HASH');
                             foreach my $item ('fullname','id') {
@@ -1486,9 +1468,9 @@ sub section_group_filter {
                                               all  => 'all',
                                               none => 'none',
                                             );
-    my ($output,@options);
+    my $output;
     foreach my $item (@filters) {
-        my $markup; 
+        my ($markup,@options); 
         if ($env{'form.'.$name{$item}} eq '') {
             $env{'form.'.$name{$item}} = 'all';
         }
@@ -1532,6 +1514,10 @@ sub list_submit_button {
 
 sub gather_userinfo {
     my ($context,$format,$userlist,$indexhash,$userinfo,$rolehash,$permission) = @_;
+    my $viewablesec;
+    if ($context eq 'course') {
+        $viewablesec = &viewable_section($permission);
+    }
     foreach my $item (keys(%{$rolehash})) {
         my %userdata;
         if ($context eq 'author') { 
@@ -1541,7 +1527,6 @@ sub gather_userinfo {
             &build_user_record($context,\%userdata,$userinfo,$indexhash,
                                $item,$userlist);
         } elsif ($context eq 'course') {
-            my $viewablesec = &viewable_section($permission);
             ($userdata{'username'},$userdata{'domain'},$userdata{'role'},
              $userdata{'section'}) = split(/:/,$item,-1);
             ($userdata{'start'},$userdata{'end'})=split(/:/,$rolehash->{$item});
@@ -1809,6 +1794,8 @@ sub make_keylist_array {
     $index->{'email'} = &Apache::loncoursedata::CL_PERMANENTEMAIL();
     $index->{'role'} = &Apache::loncoursedata::CL_ROLE();
     $index->{'extent'} = &Apache::loncoursedata::CL_EXTENT();
+    $index->{'photo'} = &Apache::loncoursedata::CL_PHOTO();
+    $index->{'thumbnail'} = &Apache::loncoursedata::CL_THUMBNAIL();
     foreach my $key (keys(%{$index})) {
         $keylist->[$index->{$key}] = $key;
     }
@@ -1917,7 +1904,19 @@ END
         my $alert = &mt("You must select at least one user by checking a user's 'Select' checkbox");
         my $singconfirm = &mt(' for a single user?');
         my $multconfirm = &mt(' for multiple users?');
-        my $date_sec_selector = &date_section_javascript($context,$setting,$statusmode); 
+        my $date_sec_selector = &date_section_javascript($context,$setting,$statusmode);
+        my %lt = &Apache::lonlocal::texthash( 
+              acwi => 'Access will be set to start immediately',
+              asyo => 'as you did not select an end date in the pop-up window',
+              accw => 'Access will be set to continue indefinitely',
+              asyd => 'as you did not select an end date in the pop-up window',
+              sewi => "Sections will be switched to 'No section'",
+              ayes => "as you either selected the 'No section' option",
+              oryo => 'or you did not select a section in the pop-up window',
+              arol => 'A role with no section will be added',
+              swbs => 'Sections will be switched to:',
+              rwba => 'Roles will be added for section(s):',
+        );
         $r->print(<<END);
 
 <script type="text/javascript" language="Javascript">
@@ -1943,12 +1942,47 @@ function verify_action (field) {
     } 
     else {
         var message = document.studentform.bulkaction[document.studentform.bulkaction.selectedIndex].text;
+        var choice = document.studentform.bulkaction[document.studentform.bulkaction.selectedIndex].value;
         if (numchecked == 1) { 
             message += singconf;
         } 
         else {
             message += multconf; 
         }
+        if (choice == 'chgdates' || choice == 'reenable' || choice == 'activate') {
+            var datemsg = '';
+            if ((document.studentform.startdate_month.value == '') && 
+                (document.studentform.startdate_day.value  == '') &&
+                (document.studentform.startdate_year.value == '')) {
+                datemsg = "\\n$lt{'acwi'},\\n$lt{'asyo'}.\\n";
+            }
+            if ((document.studentform.enddate_month.value == '') &&
+                (document.studentform.enddate_day.value  == '') &&
+                (document.studentform.enddate_year.value == '')) {
+                datemsg += "\\n$lt{'accw'},\\n$lt{'asyd'}.\\n";
+            }
+            if (datemsg != '') {
+                message += "\\n"+datemsg;
+            }
+        }
+        if (choice == 'chgsec') {
+            var rolefilter = document.studentform.showrole.options[document.studentform.showrole.selectedIndex].value;
+            var retained =  document.studentform.retainsec.value;
+            var secshow = document.studentform.newsecs.value;
+            if (secshow == '') {
+                if (rolefilter == 'st' || retained == 0 || retained == "") {
+                    message += "\\n\\n$lt{'sewi'},\\n$lt{'ayes'},\\n$lt{'oryo'}.\\n"; 
+                } else {
+                    message += "\\n\\n$lt{'arol'}\\n$lt{'ayes'},\\n$lt{'oryo'}.\\n";
+                }
+            } else {
+                if (rolefilter == 'st' || retained == 0 || retained == "") {
+                    message += "\\n\\n$lt{'swbs'} "+secshow+".\\n";
+                } else {
+                    message += "\\n\\n$lt{'rwba'} "+secshow+".\\n";
+                }
+            }
+        }
         if (confirm(message)) {
             document.studentform.phase.value = 'bulkchange';
             document.studentform.submit();
@@ -1964,14 +1998,30 @@ function username_display_launch(usernam
         }
     }
     if (target == 'modify') {
-        document.studentform.srchterm.value=username;
-        document.studentform.srchdomain.value=domain;
-        document.studentform.phase.value='get_user_info';
-        document.studentform.action.value = 'singleuser';
-        document.studentform.submit();
+        if (document.studentform.userwin.checked == true) {
+            var url = '/adm/createuser?srchterm='+username+'&srchdomain='+domain+'&phase=get_user_info&action=singleuser&srchin=dom&srchby=uname&srchtype=exact&popup=1';
+            var options = 'height=600,width=800,resizable=yes,scrollbars=yes,location=no,menubar=no,toolbar=no';
+            modifywin = window.open(url,'',options,1);
+            modifywin.focus();
+            return;
+        } else {
+            document.studentform.srchterm.value=username;
+            document.studentform.srchdomain.value=domain;
+            document.studentform.phase.value='get_user_info';
+            document.studentform.action.value = 'singleuser';
+            document.studentform.submit();
+        }
     }
-    else {
-        document.location.href = '/adm/'+domain+'/'+username+'/aboutme';
+    if (target == 'aboutme') {
+        if (document.studentform.userwin.checked == true) {
+            var url = '/adm/'+domain+'/'+username+'/aboutme?popup=1';
+            var options = 'height=600,width=800,resizable=yes,scrollbars=yes,location=no,menubar=no,toolbar=no';
+            aboutmewin = window.open(url,'',options,1);
+            aboutmewin.focus();
+            return;
+        } else {
+            document.location.href = '/adm/'+domain+'/'+username+'/aboutme';
+        }
     }
 }
 </script>
@@ -1999,12 +2049,14 @@ END
                        'clicker'    => "clicker id",
                        'photo'      => "photo",
                        'extent'     => "extent",
+                       'go'         => "go",
                        'pr'         => "Proceed",
                        'ca'         => "check all",
                        'ua'         => "uncheck all",
                        'ac'         => "Action to take for selected users",
                        'link'       => "Behavior of username links",
                        'aboutme'    => "Display a user's personal page",
+                       'owin'       => "Open in a new window",
                        'modify'     => "Modify a user's information",
                       );
     if ($context eq 'domain' && $env{'form.roletype'} eq 'course') {
@@ -2063,28 +2115,30 @@ END
             $output = '<p>';
             my @linkdests = ('aboutme');
             if ($permission->{'cusr'}) {
-                push (@linkdests,'modify');
-                $output .= '<span class="LC_nobreak">'.$lt{'link'}.':&nbsp;';
-                my $usernamelink = $env{'form.usernamelink'};
-                if ($usernamelink eq '') {
-                    $usernamelink = 'aboutme';
-                }
-                foreach my $item (@linkdests) {
-                    my $checkedstr = '';
-                    if ($item eq $usernamelink) {
-                        $checkedstr = ' checked="checked" ';
-                    }
-                    $output .= '<label><input type="radio" name="usernamelink" value="'.$item.'"'.$checkedstr.'>&nbsp;'.$lt{$item}.'</label>&nbsp;&nbsp;';
+                unshift (@linkdests,'modify');
+            }
+            $output .= '<span class="LC_nobreak">'.$lt{'link'}.':&nbsp;';
+            my $usernamelink = $env{'form.usernamelink'};
+            if ($usernamelink eq '') {
+                $usernamelink = 'aboutme';
+            }
+            foreach my $item (@linkdests) {
+                my $checkedstr = '';
+                if ($item eq $usernamelink) {
+                    $checkedstr = ' checked="checked" ';
                 }
-                $output .= '</span><br />';
-            } else {
-                $output .= &mt("Click on a username to view the user's personal page.").'<br />';
+                $output .= '<label><input type="radio" name="usernamelink" value="'.$item.'"'.$checkedstr.'>&nbsp;'.$lt{$item}.'</label>&nbsp;&nbsp;';
             }
+            my $checkwin;
+            if ($env{'form.userwin'}) { 
+                $checkwin = 'checked = "checked"'; 
+            }
+            $output .= '&nbsp;&nbsp;&nbsp;&nbsp;<input type="checkbox" name="userwin" value="1" $checkwin />'.$lt{'owin'}.'</span><br />';
             if ($actionselect) {
-                $output .= <<"END"; 
-$lt{'ac'}:&nbsp;$actionselect <input type="button" value="$lt{'pr'}" onclick="javascript:verify_action(document.studentform.actionlist)" /></p>
+                $output .= <<"END";
+$lt{'ac'}:&nbsp;$actionselect <input type="button" value="$lt{'go'}" onclick="javascript:opendatebrowser(this.form,'studentform','go')" /></p>
 <p><input type="button" value="$lt{'ca'}" onclick="javascript:checkAll(document.studentform.actionlist)" /> &nbsp;
-<input type="button" value="$lt{'ua'}" onclick="javascript:uncheckAll(document.studentform.actionlist)" />
+<input type="button" value="$lt{'ua'}" onclick="javascript:uncheckAll(document.studentform.actionlist)" /><br /><br /><input type="button" value="$lt{'pr'}" onclick="javascript:verify_action(document.studentform.actionlist)" />
 END
                 my @allroles;
                 if ($env{'form.showrole'} eq 'Any') {
@@ -2213,7 +2267,6 @@ END
     }
 
 # Done with header lines in all formats
-
     my %index;
     my $i;
     foreach my $idx (@$keylist) {
@@ -2234,6 +2287,10 @@ END
     # Get groups, role, permanent e-mail so we can sort on them if
     # necessary.
     foreach my $user (keys(%{$userlist})) {
+        if ($user eq '' ) {
+            delete($userlist->{$user});
+            next;
+        }
         if ($context eq 'domain' &&  $user eq $env{'request.role.domain'}.'-domainconfig:'.$env{'request.role.domain'}) {
             delete($userlist->{$user});
             next;
@@ -2279,6 +2336,13 @@ END
             }
             if ($mode ne 'autoenroll') {
                 my $section = $userlist->{$user}->[$index{'section'}];
+                if (($env{'request.course.sec'} ne '') && 
+                    ($section ne $env{'request.course.sec'})) {
+                    if ($role eq 'st') {
+                        delete($userlist->{$user});
+                        next;
+                    }
+                }
                 if ($secfilter eq 'none') {
                     if ($section ne '') {
                         delete($userlist->{$user});
@@ -2301,6 +2365,15 @@ END
                         next;
                     }
                 }
+                if ($env{'course.'.$env{'request.course.id'}.'.internal.showphoto'}) {
+                    if (($displayphotos eq 'on') && ($role eq 'st')) {
+                        $userlist->{$user}->[$index{'photo'}] =
+                            &Apache::lonnet::retrievestudentphoto($udom,$uname,'jpg');
+                        $userlist->{$user}->[$index{'thumbnail'}] =
+                            &Apache::lonnet::retrievestudentphoto($udom,$uname,
+                                                                'gif','thumbnail');
+                    }
+                }
             }
         }
         my %emails   = &Apache::loncommon::getemails($uname,$udom);
@@ -2413,8 +2486,7 @@ END
             }
             foreach my $item (@cols) {
                 if ($item eq 'username') {
-                    $r->print('<td>'.&print_username_link($mode,$permission,
-                                                          \%in).'</td>');
+                    $r->print('<td>'.&print_username_link($mode,\%in).'</td>');
                 } elsif (($item eq 'start' || $item eq 'end') && ($actionselect)) {
                     $r->print('<td>'.$in{$item}.'<input type="hidden" name="'.$checkval.'_'.$item.'" value="'.$sdata->[$index{$item}].'" /></td>'."\n");
                 } else {
@@ -2432,11 +2504,8 @@ END
                         $r->print('    <td>&nbsp;</td>  ');
                     }
                     if ($env{'course.'.$env{'request.course.id'}.'.internal.showphoto'}) {
-                        if ($displayphotos eq 'on' && $sdata->[$index{'role'}] eq 'st') {
-                            my $imgurl =
-                        &Apache::lonnet::retrievestudentphoto($in{'domain'},$in{'username'},
-                                                          'gif','thumbnail');
-                            $r->print('    <td align="right"><a href="javascript:photowindow('."'".&Apache::lonnet::studentphoto($in{'domain'},$in{'username'},'jpg')."'".')"><img src="'.$imgurl.'" border="1"></a></td>');
+                        if ($displayphotos eq 'on' && $role eq 'st' && $in{'photo'} ne '') {
+                            $r->print('    <td align="right"><a href="javascript:photowindow('."'".$in{'photo'}."'".')"><img src="'.$in{'thumbnail'}.'" border="1"></a></td>');
                         } else {
                             $r->print('    <td>&nbsp;</td>  ');
                         }
@@ -2501,14 +2570,10 @@ END
 }
 
 sub print_username_link {
-    my ($mode,$permission,$in) = @_;
+    my ($mode,$in) = @_;
     my $output;
     if ($mode eq 'autoenroll') {
         $output = $in->{'username'};
-    } elsif (!$permission->{'cusr'}) {
-        $output = &Apache::loncommon::aboutmewrapper($in->{'username'},
-                                                     $in->{'username'},
-                                                     $in->{'domain'});
     } else {
         $output = '<a href="javascript:username_display_launch('.
                   "'$in->{'username'}','$in->{'domain'}'".')" />'.
@@ -2588,7 +2653,7 @@ sub select_actions {
         }
     }
     if ($options) {
-        $output = '<select name="bulkaction" onchange="javascript:opendatebrowser(this.form,'."'studentform'".')" />'."\n".
+        $output = '<select name="bulkaction" onchange="javascript:opendatebrowser(this.form,'."'studentform','change'".')" />'."\n".
                   '<option value="" selected="selected">'.
                   &mt('Please select').'</option>'."\n".$options."\n".'</select>';
         if ($choices{'dates'}) {
@@ -2619,19 +2684,29 @@ sub select_actions {
 
 sub date_section_javascript {
     my ($context,$setting) = @_;
-    my $title;
-    if (($context eq 'course') || ($context eq 'domain' && $setting eq 'course'))  {
-        $title = &mt('Date and Section selector');
-    } else {
-        $title = &mt('Date selector');
-    }
+    my $title = 'Date_And_Section_Selector';
+    my %nopopup = &Apache::lonlocal::texthash (
+        revoke => "Check the boxes for any users for whom roles are to be revoked, and click 'Proceed'",
+        delete => "Check the boxes for any users for whom roles are to be deleted, and click 'Proceed'",
+        none   => "Choose an action to take for selected users",
+    );  
     my $output = '
-<script type="text/javascript">
-    var stdeditbrowser;'."\n";
+<script type="text/javascript">'."\n";
     $output .= <<"ENDONE";
-    function opendatebrowser(callingform,formname) {
+    function opendatebrowser(callingform,formname,calledby) {
         var bulkaction = callingform.bulkaction.options[callingform.bulkaction.selectedIndex].value;
         if (bulkaction == 'revoke' || bulkaction == 'delete' || bulkaction == '') {
+            if (calledby == 'go') {
+                if (bulkaction == 'revoke') {
+                    alert("$nopopup{'revoke'}");
+                }
+                if (bulkaction == 'delete') {
+                    alert("$nopopup{'delete'}"); 
+                }
+                if (bulkaction == '') {
+                    alert("$nopopup{'none'}");
+                }
+            }
             return;
         }
         var url = '/adm/createuser?';
@@ -2675,7 +2750,15 @@ function saveselections(formname) {
 END
     if ($env{'form.bulkaction'} eq 'chgsec') {
         $output .= <<"END";
-        opener.document.$callingform.retainsec.value = formname.retainsec.value;
+        if (formname.retainsec.length > 1) {  
+            for (var i=0; i<formname.retainsec.length; i++) {
+                if (formname.retainsec[i].checked == true) {
+                    opener.document.$callingform.retainsec.value = formname.retainsec[i].value;
+                }
+            }
+        } else {
+            opener.document.$callingform.retainsec.value = formname.retainsec.value;
+        }
         setSections(formname);
         if (seccheck == 'ok') {
             opener.document.$callingform.newsecs.value = formname.sections.value;
@@ -3337,7 +3420,7 @@ sub upfile_drop_add {
                      );
         my $flushc=0;
         my %student=();
-        my (%curr_groups,@sections,@cleansec,@secs,$defaultwarn,$groupwarn);
+        my (%curr_groups,@sections,@cleansec,$defaultwarn,$groupwarn);
         my %userchg;
         if ($context eq 'course' || $setting eq 'course') {
             if ($context eq 'course') {
@@ -3376,10 +3459,10 @@ sub upfile_drop_add {
         }
         my (%curr_rules,%got_rules,%alerts);
         my %customroles = &my_custom_roles();
-        my ($custom_ok,@permitted_roles) =
-            &roles_on_upload($context,%customroles);
+        my @permitted_roles = &roles_on_upload($context,$setting,%customroles); 
         # Get new users list
         foreach my $line (@userdata) {
+            my @secs;
             my %entries=&Apache::loncommon::record_sep($line);
             # Determine user name
             unless (($entries{$fields{'username'}} eq '') ||
@@ -3413,8 +3496,8 @@ sub upfile_drop_add {
                     my $username = $entries{$fields{'username'}};
                     if (defined($fields{'sec'})) {
                         if (defined($entries{$fields{'sec'}})) {
+                            $entries{$fields{'sec'}} =~ s/\W//g;
                             my $item = $entries{$fields{'sec'}};
-                            $item =~ s/(\s+$|^\s+)//g;
                             if ($item eq "none" || $item eq 'all') {
                                 $r->print('<br />'.&mt('<b>[_1]</b>: Unable to enroll user [_2] [_3] [_4] [_5] in a section named "[_6]" - this is a reserved word.',$username,$fname,$mname,$lname,$gen,$item));
                                 next;
@@ -3473,13 +3556,10 @@ sub upfile_drop_add {
                     my $role = '';
                     if (defined($fields{'role'})) {
                         if ($entries{$fields{'role'}}) {
-                            if (grep(/^\Q$entries{$fields{'role'}}\E$/,@permitted_roles)) {
-                                $role=$entries{$fields{'role'}};
-                                $role =~ s/(\s+$|^\s+)//g;
-                            }
-                            if ($custom_ok) {
-                                if ($customroles{$role}) {
-                                    $role = 'cr_'.$env{'user.domain'}.'_'.$env{'user.name'}.'_'.$entries{$fields{'role'}};
+                            $entries{$fields{'role'}}  =~ s/(\s+$|^\s+)//g;
+                            if ($entries{$fields{'role'}} ne '') {
+                                if (grep(/^\Q$entries{$fields{'role'}}\E$/,@permitted_roles)) {
+                                    $role = $entries{$fields{'role'}};
                                 }
                             }
                             if ($role eq '') {
@@ -3574,59 +3654,61 @@ sub upfile_drop_add {
                         my $multiple = 0;
                         my ($userresult,$authresult,$roleresult,$idresult);
                         my (%userres,%authres,%roleres,%idres);
+                        my $singlesec = '';
                         if ($role eq 'st') {
                             my $sec;
-                            if ($cid) {
-                                if (@secs > 0) {
-                                    $sec = $secs[0];
-                                }
-                                &modifystudent($domain,$username,$cid,$sec,
-                                               $desiredhost);
-                                $roleresult =
-                                    &Apache::lonnet::modifystudent
-                                        ($domain,$username,$id,$amode,$password,
-                                         $fname,$mname,$lname,$gen,$sec,$enddate,
-                                         $startdate,$env{'form.forceid'},
-                                         $desiredhost,$email,'manual','',$cid);
-                                $userresult = $roleresult;
+                            if (@secs > 0) {
+                                $sec = $secs[0];
                             }
+                            &modifystudent($domain,$username,$cid,$sec,
+                                           $desiredhost,$context);
+                            $roleresult =
+                                &Apache::lonnet::modifystudent
+                                    ($domain,$username,$id,$amode,$password,
+                                     $fname,$mname,$lname,$gen,$sec,$enddate,
+                                     $startdate,$env{'form.forceid'},
+                                     $desiredhost,$email,'manual','',$cid,
+                                     '',$context);
+                            $userresult = $roleresult;
                         } else {
-                            if (($context eq 'course') || 
-                                (grep(/^\Q$role\E$/,@courseroles))) {
-                                if (!$cid) {
-                                    next;
-                                }
-                            }
-                            my $singlesec;
-                            if ((grep(/^\Q$role\E$/,@courseroles)) && ($role ne 'cc')) {
-                                if (@secs > 1) {
-                                    $multiple = 1;
-                                    foreach my $sec (@secs) {
-                                        ($userres{$sec},$authres{$sec},$roleres{$sec},$idres{$sec}) =
-                                            &modifyuserrole($context,$setting,
-                                                $changeauth,$cid,$domain,$username,
-                                                $id,$amode,$password,$fname,
-                                                $mname,$lname,$gen,$sec,
-                                                $env{'form.forceid'},$desiredhost,
-                                                $email,$role,$enddate,$startdate,$checkid);
+                            if ($role ne '') { 
+                                if ($context eq 'course' || $setting eq 'course') {
+                                    if ($customroles{$role}) {
+                                        $role = 'cr_'.$env{'user.domain'}.'_'.
+                                                $env{'user.name'}.'_'.$role;
+                                    }
+                                    if ($role ne 'cc') { 
+                                        if (@secs > 1) {
+                                            $multiple = 1;
+                                            foreach my $sec (@secs) {
+                                                ($userres{$sec},$authres{$sec},$roleres{$sec},$idres{$sec}) =
+                                                &modifyuserrole($context,$setting,
+                                                    $changeauth,$cid,$domain,$username,
+                                                    $id,$amode,$password,$fname,
+                                                    $mname,$lname,$gen,$sec,
+                                                    $env{'form.forceid'},$desiredhost,
+                                                    $email,$role,$enddate,
+                                                    $startdate,$checkid);
+                                            }
+                                        } elsif (@secs > 0) {
+                                            $singlesec = $secs[0];
+                                        }
                                     }
-                                } elsif (@secs > 0) {
-                                    $singlesec = $secs[0];
                                 }
                             }
                             if (!$multiple) {
                                 ($userresult,$authresult,$roleresult,$idresult) = 
                                     &modifyuserrole($context,$setting,
-                                        $changeauth,$cid,$domain,$username, 
-                                        $id,$amode,$password,$fname,
-                                        $mname,$lname,$gen,$singlesec,
-                                        $env{'form.forceid'},$desiredhost,
-                                        $email,$role,$enddate,$startdate,$checkid);
+                                                    $changeauth,$cid,$domain,$username, 
+                                                    $id,$amode,$password,$fname,
+                                                    $mname,$lname,$gen,$singlesec,
+                                                    $env{'form.forceid'},$desiredhost,
+                                                    $email,$role,$enddate,$startdate,$checkid);
                             }
                         }
                         if ($multiple) {
                             foreach my $sec (sort(keys(%userres))) {
-                               $flushc =
+                                $flushc =
                                 &user_change_result($r,$userres{$sec},$authres{$sec},
                                                     $roleres{$sec},$idres{$sec},\%counts,$flushc,
                                                     $username,\%userchg);
@@ -3892,24 +3974,25 @@ sub update_user_list {
             $end = $now;
             $type = 'manual';
             $result =
-                &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid);
+                &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context);
         } elsif ($choice eq 'revoke') {
             # revoke or delete user role
             $end = $now; 
             if ($role eq 'st') {
                 $result = 
-                    &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid);
+                    &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context);
             } else {
                 $result = 
-                    &Apache::lonnet::revokerole($udom,$uname,$scope,$role);
+                    &Apache::lonnet::revokerole($udom,$uname,$scope,$role,
+                                                '','',$context);
             }
         } elsif ($choice eq 'delete') {
             if ($role eq 'st') {
-                &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$now,$start,$type,$locktype,$cid);
+                &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$now,$start,$type,$locktype,$cid,'',$context);
             }
             $result =
                 &Apache::lonnet::assignrole($udom,$uname,$scope,$role,$now,
-                                            $start,1);
+                                            $start,1,'',$context);
         } else {
             #reenable, activate, change access dates or change section
             if ($choice ne 'chgsec') {
@@ -3918,25 +4001,25 @@ sub update_user_list {
             }
             if ($choice eq 'reenable') {
                 if ($role eq 'st') {
-                    $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid);
+                    $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context);
                 } else {
                     $result = 
                         &Apache::lonnet::assignrole($udom,$uname,$scope,$role,$end,
-                                                    $now);
+                                                    $now,'','',$context);
                 }
             } elsif ($choice eq 'activate') {
                 if ($role eq 'st') {
-                    $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid);
+                    $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context);
                 } else {
                     $result = &Apache::lonnet::assignrole($udom,$uname,$scope,$role,$end,
-                                            $now);
+                                            $now,'','',$context);
                 }
             } elsif ($choice eq 'chgdates') {
                 if ($role eq 'st') {
-                    $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid);
+                    $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context);
                 } else {
                     $result = &Apache::lonnet::assignrole($udom,$uname,$scope,$role,$end,
-                                                $start);
+                                                $start,'','',$context);
                 }
             } elsif ($choice eq 'chgsec') {
                 my (@newsecs,$revresult,$nochg,@retained);
@@ -3949,7 +4032,12 @@ sub update_user_list {
                         if (@newsecs == 0) {
                             $result = &mt('No change in section assignment (none)');
                             $nochg = 1;
-                        }
+                        } else {
+                            $revresult =
+                                &Apache::lonnet::revokerole($udom,$uname,
+                                                            $scope,$role,
+                                                            '','',$context);
+                        } 
                     } else {
                         if (@newsecs > 0) {
                             if (grep(/^\Q$sec\E$/,@newsecs)) {
@@ -3957,12 +4045,14 @@ sub update_user_list {
                             } else {
                                 $revresult =
                                     &Apache::lonnet::revokerole($udom,$uname,
-                                                                $scope,$role);
+                                                                $scope,$role,
+                                                                '','',$context);
                             }
                         } else {
                             $revresult =
                                 &Apache::lonnet::revokerole($udom,$uname,
-                                                            $scope,$role);
+                                                            $scope,$role,
+                                                            '','',$context);
                         }
                     }
                 } else {
@@ -3977,17 +4067,17 @@ sub update_user_list {
                     if (!$nochg) {
                         if ($role eq 'st') {
                             $result = 
-                                &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,undef,$end,$start,$type,$locktype,$cid);
+                                &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,undef,$end,$start,$type,$locktype,$cid,'',$context);
                         } else {
                             my $newscope = $scopestem;
-                            $result = &Apache::lonnet::assignrole($udom,$uname,$newscope,$role,$end,$start);
+                            $result = &Apache::lonnet::assignrole($udom,$uname,$newscope,$role,$end,$start,'','',$context);
                         }
                     }
                 } else {
                     foreach my $newsec (@newsecs) { 
                         if (!grep(/^\Q$newsec\E$/,@retained)) {
                             if ($role eq 'st') {
-                                $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$newsec,$end,$start,$type,$locktype,$cid);
+                                $result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$newsec,$end,$start,$type,$locktype,$cid,'',$context);
                             } else {
                                 my $newscope = $scopestem;
                                 if ($newsec ne '') {
@@ -4126,17 +4216,29 @@ sub set_login {
 }
 
 sub course_sections {
-    my ($sections_count,$role) = @_;
+    my ($sections_count,$role,$current_sec) = @_;
     my $output = '';
     my @sections = (sort {$a <=> $b} keys %{$sections_count});
     my $numsec = scalar(@sections);
+    my $is_selected = ' selected="selected" ';
     if ($numsec <= 1) {
         $output = '<select name="currsec_'.$role.'" >'."\n".
-                  '  <option value="">'.&mt('Select').'</option>'."\n".
+                  '  <option value="">'.&mt('Select').'</option>'."\n";
+        if ($current_sec eq 'none') {
+            $output .=       
+                  '  <option value=""'.$is_selected.'>'.&mt('No section').'</option>'."\n";
+        } else {
+            $output .=
                   '  <option value="">'.&mt('No section').'</option>'."\n";
+        }
         if ($numsec == 1) {
-            $output .=  
+            if ($current_sec eq $sections[0]) {
+                $output .=
+                  '  <option value="'.$sections[0].'"'.$is_selected.'>'.$sections[0].'</option>'."\n";
+            } else {
+                $output .=  
                   '  <option value="'.$sections[0].'" >'.$sections[0].'</option>'."\n";
+            }
         }
     } else {
         $output = '<select name="currsec_'.$role.'" ';
@@ -4144,13 +4246,23 @@ sub course_sections {
         if (scalar(@sections) < 4) { $multiple = scalar(@sections); }
         if ($role eq 'st') {
             $output .= '>'."\n".
-                       '  <option value="">'.&mt('Select').'</option>'."\n".
+                       '  <option value="">'.&mt('Select').'</option>'."\n";
+            if ($current_sec eq 'none') {
+                $output .= 
+                       '  <option value=""'.$is_selected.'>'.&mt('No section')."</option>\n";
+            } else {
+                $output .=
                        '  <option value="">'.&mt('No section')."</option>\n";
+            }
         } else {
             $output .= 'multiple="multiple" size="'.$multiple.'">'."\n";
         }
         foreach my $sec (@sections) {
-            $output .= '<option value="'.$sec.'">'.$sec."</option>\n";
+            if ($current_sec eq $sec) {
+                $output .= '<option value="'.$sec.'"'.$is_selected.'>'.$sec."</option>\n";
+            } else {
+                $output .= '<option value="'.$sec.'">'.$sec."</option>\n";
+            }
         }
     }
     $output .= '</select>';
@@ -4168,7 +4280,7 @@ sub get_groupslist {
 }
 
 sub setsections_javascript {
-    my ($formname,$groupslist,$mode) = @_;
+    my ($formname,$groupslist,$mode,$checkauth) = @_;
     my ($checkincluded,$finish,$rolecode,$setsection_js);
     if ($mode eq 'upload') {
         $checkincluded = 'formname.name == "'.$formname.'"';
@@ -4176,12 +4288,26 @@ sub setsections_javascript {
         $rolecode = "var role = formname.defaultrole.options[formname.defaultrole.selectedIndex].value;\n";
     } elsif ($formname eq 'cu') {
         $checkincluded = 'formname.elements[i-1].checked == true';
-        $finish = 'formname.submit()';
+        if ($checkauth) {
+            $finish = "var authcheck = auth_check();\n".
+                      "   if (authcheck == 'ok') {\n".
+                      "       formname.submit();\n".
+                      "   }\n";
+        } else {
+            $finish = 'formname.submit()';
+        }
         $rolecode = "var match = str.split('_');
                 var role = match[3];\n";
     } elsif ($formname eq 'enrollstudent') {
         $checkincluded = 'formname.name == "'.$formname.'"';
-        $finish = 'formname.submit()';
+        if ($checkauth) {
+            $finish = "var authcheck = auth_check();\n".
+                      "   if (authcheck == 'ok') {\n".
+                      "       formname.submit();\n".
+                      "   }\n";
+        } else {
+            $finish = 'formname.submit()';
+        }
         $rolecode = "var match = str.split('_');
                 var role = match[1];\n";
     } else {
@@ -4476,24 +4602,17 @@ sub authorpriv {
 }
 
 sub roles_on_upload {
-    my ($context,%customroles) = @_;
+    my ($context,$setting,%customroles) = @_;
     my (@possible_roles,@permitted_roles);
-    if ($context eq 'domain') {
-        @possible_roles = &curr_role_permissions($context,undef,1);
-        push(@possible_roles,&curr_role_permissions($context,'course',1));
-    } else {
-        @possible_roles = &curr_role_permissions($context,undef,1);
-    }
-    my $custom_ok = 0;
+    @possible_roles = &curr_role_permissions($context,$setting,1);
     foreach my $role (@possible_roles) {
         if ($role eq 'cr') {
-            $custom_ok = 1;
             push(@permitted_roles,keys(%customroles));
         } else {
             push(@permitted_roles,$role);
         }
     }
-    return ($custom_ok,@permitted_roles);
+    return @permitted_roles;
 }
 
 sub get_course_identity {
@@ -4518,15 +4637,19 @@ sub get_course_identity {
 }
 
 sub dc_setcourse_js {
-    my ($formname,$mode) = @_;
-    my $dc_setcourse_code;
+    my ($formname,$mode,$context) = @_;
+    my ($dc_setcourse_code,$authen_check);
     my $cctext = &Apache::lonnet::plaintext('cc');
     my %alerts = &sectioncheck_alerts();
     my $role = 'role';
     if ($mode eq 'upload') {
         $role = 'courserole';
+    } else {
+        $authen_check = &verify_authen($formname,$context);
     }
     $dc_setcourse_code = (<<"SCRIPTTOP");
+$authen_check
+
 function setCourse() {
     var course = document.$formname.dccourse.value;
     if (course != "") {
@@ -4611,9 +4734,11 @@ SCRIPTTOP
             }
         }
     }
-    document.$formname.submit();
+    var authcheck = auth_check();
+    if (authcheck == 'ok') {
+        document.$formname.submit();
+    }
 }
-
 ENDSCRIPT
     } else {
         $dc_setcourse_code .=  "
@@ -4634,6 +4759,66 @@ ENDSCRIPT
         return -1;
     }
 ENDSCRIPT
+    return $dc_setcourse_code;
+}
+
+sub verify_authen {
+    my ($formname,$context) = @_;
+    my %alerts = &authcheck_alerts();
+    my $finish = "return 'ok';";
+    if ($context eq 'author') {
+        $finish = "document.$formname.submit();";
+    }
+    my $outcome = <<"ENDSCRIPT";
+
+function auth_check() {
+    var logintype;
+    if (document.$formname.login.length) {
+        if (document.$formname.login.length > 0) {
+            var loginpicked = 0;
+            for (var i=0; i<document.$formname.login.length; i++) {
+                if (document.$formname.login[i].checked == true) {
+                    loginpicked = 1;
+                    logintype = document.$formname.login[i].value;
+                }
+            }
+            if (loginpicked == 0) {
+                alert("$alerts{'authen'}");
+                return;
+            }
+        }
+    } else {
+        logintype = document.$formname.login.value;
+    }
+    if (logintype == 'nochange') {
+        return 'ok';
+    }
+    var argpicked = document.$formname.elements[logintype+'arg'].value;
+    if ((argpicked == null) || (argpicked == '') || (typeof argpicked == 'undefined')) {
+        var alertmsg = '';
+        switch (logintype) {
+            case 'krb':
+                alertmsg = '$alerts{'krb'}';
+                break;
+            case 'int':
+                alertmsg = '$alerts{'ipass'}';
+            case 'fsys':
+                alertmsg = '$alerts{'ipass'}';
+                break;
+            case 'loc':
+                alertmsg = '';
+                break;
+            default:
+                alertmsg = '';
+        }
+        if (alertmsg != '') {
+            alert(alertmsg);
+            return;
+        }
+    }
+    $finish
+}
+ENDSCRIPT
 }
 
 sub sectioncheck_alerts {
@@ -4655,5 +4840,15 @@ sub sectioncheck_alerts {
     return %alerts;
 }
 
+sub authcheck_alerts {
+    my %alerts = 
+        &Apache::lonlocal::texthash(
+                    authen => 'You must choose an authentication type.',
+                    krb    => 'You need to specify the Kerberos domain.',
+                    ipass  => 'You need to specify the initial password.',
+        );
+    return %alerts;
+}
+
 1;