--- loncom/interface/lonuserutils.pm	2008/01/02 08:01:22	1.40
+++ loncom/interface/lonuserutils.pm	2008/01/05 18:36:26	1.44
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Utility functions for managing LON-CAPA user accounts
 #
-# $Id: lonuserutils.pm,v 1.40 2008/01/02 08:01:22 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.44 2008/01/05 18:36:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1308,32 +1308,21 @@ sub print_userlist {
     $r->rflush();
     if ($context eq 'course') {
         my $classlist = &Apache::loncoursedata::get_classlist();
-        my $secidx = &Apache::loncoursedata::CL_SECTION();
-        my $viewablesec = &viewable_section($permission);
-        foreach my $student (keys(%{$classlist})) {
-            my $section = $classlist->{$student}[$secidx];
-            if ($viewablesec ne '') {
-                if ($section ne $viewablesec) {
-                    next;
-                } else {
-                    $userlist{$student} = $classlist->{$student};
-                }
+        %userlist = %{$classlist};
+        if ($env{'form.showrole'} ne 'st') {
+            my $showroles;
+            if ($env{'form.showrole'} ne 'Any') {
+                $showroles = [$env{'form.showrole'}];
             } else {
-                $userlist{$student} = $classlist->{$student};
+                $showroles = undef;
             }
+            my $withsec = 1;
+            my $hidepriv = 1;
+            my %advrolehash = &Apache::lonnet::get_my_roles($cnum,$cdom,undef,
+                              \@statuses,$showroles,undef,$withsec,$hidepriv);
+            &gather_userinfo($context,$format,\%userlist,$indexhash,\%userinfo,
+                             \%advrolehash,$permission);
         }
-        my $showroles;
-        if ($env{'form.showrole'} ne 'Any') {
-            $showroles = [$env{'form.showrole'}];
-        } else {
-            $showroles = undef;
-        }
-        my $withsec = 1;
-        my $hidepriv = 1;
-        my %advrolehash = &Apache::lonnet::get_my_roles($cnum,$cdom,undef,
-                                    \@statuses,$showroles,undef,$withsec,$hidepriv);
-        &gather_userinfo($context,$format,\%userlist,$indexhash,\%userinfo,
-                         \%advrolehash,$permission);
     } else {
         my (%cstr_roles,%dom_roles);
         if ($context eq 'author') {
@@ -1799,6 +1788,7 @@ sub make_keylist_array {
     $index->{'email'} = &Apache::loncoursedata::CL_PERMANENTEMAIL();
     $index->{'role'} = &Apache::loncoursedata::CL_ROLE();
     $index->{'extent'} = &Apache::loncoursedata::CL_EXTENT();
+    $index->{'photo'} = &Apache::loncoursedata::CL_PHOTO();
     foreach my $key (keys(%{$index})) {
         $keylist->[$index->{$key}] = $key;
     }
@@ -2036,6 +2026,7 @@ END
                        'clicker'    => "clicker id",
                        'photo'      => "photo",
                        'extent'     => "extent",
+                       'go'         => "go",
                        'pr'         => "Proceed",
                        'ca'         => "check all",
                        'ua'         => "uncheck all",
@@ -2118,10 +2109,10 @@ END
                 $output .= &mt("Click on a username to view the user's personal page.").'<br />';
             }
             if ($actionselect) {
-                $output .= <<"END"; 
-$lt{'ac'}:&nbsp;$actionselect <input type="button" value="$lt{'pr'}" onclick="javascript:verify_action(document.studentform.actionlist)" /></p>
+                $output .= <<"END";
+$lt{'ac'}:&nbsp;$actionselect <input type="button" value="$lt{'go'}" onclick="javascript:opendatebrowser(this.form,'studentform','go')" /></p>
 <p><input type="button" value="$lt{'ca'}" onclick="javascript:checkAll(document.studentform.actionlist)" /> &nbsp;
-<input type="button" value="$lt{'ua'}" onclick="javascript:uncheckAll(document.studentform.actionlist)" />
+<input type="button" value="$lt{'ua'}" onclick="javascript:uncheckAll(document.studentform.actionlist)" /><br /><br /><input type="button" value="$lt{'pr'}" onclick="javascript:verify_action(document.studentform.actionlist)" />
 END
                 my @allroles;
                 if ($env{'form.showrole'} eq 'Any') {
@@ -2271,6 +2262,10 @@ END
     # Get groups, role, permanent e-mail so we can sort on them if
     # necessary.
     foreach my $user (keys(%{$userlist})) {
+        if ($user eq '' ) {
+            delete($userlist->{$user});
+            next;
+        }
         if ($context eq 'domain' &&  $user eq $env{'request.role.domain'}.'-domainconfig:'.$env{'request.role.domain'}) {
             delete($userlist->{$user});
             next;
@@ -2316,6 +2311,13 @@ END
             }
             if ($mode ne 'autoenroll') {
                 my $section = $userlist->{$user}->[$index{'section'}];
+                if (($env{'request.course.sec'} ne '') && 
+                    ($section ne $env{'request.course.sec'})) {
+                    if ($role eq 'st') {
+                        delete($userlist->{$user});
+                        next;
+                    }
+                }
                 if ($secfilter eq 'none') {
                     if ($section ne '') {
                         delete($userlist->{$user});
@@ -2338,6 +2340,13 @@ END
                         next;
                     }
                 }
+                if ($env{'course.'.$env{'request.course.id'}.'.internal.showphoto'}) {
+                    if (($displayphotos eq 'on') && ($role eq 'st')) {
+                        $userlist->{$user}->[$index{'photo'}] =
+                            &Apache::lonnet::retrievestudentphoto($udom,$uname,
+                                                                'gif','thumbnail');
+                    }
+                }
             }
         }
         my %emails   = &Apache::loncommon::getemails($uname,$udom);
@@ -2469,11 +2478,8 @@ END
                         $r->print('    <td>&nbsp;</td>  ');
                     }
                     if ($env{'course.'.$env{'request.course.id'}.'.internal.showphoto'}) {
-                        if ($displayphotos eq 'on' && $sdata->[$index{'role'}] eq 'st') {
-                            my $imgurl =
-                        &Apache::lonnet::retrievestudentphoto($in{'domain'},$in{'username'},
-                                                          'gif','thumbnail');
-                            $r->print('    <td align="right"><a href="javascript:photowindow('."'".&Apache::lonnet::studentphoto($in{'domain'},$in{'username'},'jpg')."'".')"><img src="'.$imgurl.'" border="1"></a></td>');
+                        if ($displayphotos eq 'on' && $role eq 'st' && $in{'photo'} ne '') {
+                            $r->print('    <td align="right"><a href="javascript:photowindow('."'".&Apache::lonnet::studentphoto($in{'domain'},$in{'username'},'jpg')."'".')"><img src="'.$in{'photo'}.'" border="1"></a></td>');
                         } else {
                             $r->print('    <td>&nbsp;</td>  ');
                         }
@@ -2625,7 +2631,7 @@ sub select_actions {
         }
     }
     if ($options) {
-        $output = '<select name="bulkaction" onchange="javascript:opendatebrowser(this.form,'."'studentform'".')" />'."\n".
+        $output = '<select name="bulkaction" onchange="javascript:opendatebrowser(this.form,'."'studentform','change'".')" />'."\n".
                   '<option value="" selected="selected">'.
                   &mt('Please select').'</option>'."\n".$options."\n".'</select>';
         if ($choices{'dates'}) {
@@ -2662,13 +2668,29 @@ sub date_section_javascript {
     } else {
         $title = &mt('Date selector');
     }
+    my %nopopup = &Apache::lonlocal::texthash (
+        revoke => "Check the boxes for any users for whom roles are to be revoked, and click 'Proceed'",
+        delete => "Check the boxes for any users for whom roles are to be deleted, and click 'Proceed'",
+        none   => "Choose an action to take for selected users",
+    );  
     my $output = '
 <script type="text/javascript">
     var stdeditbrowser;'."\n";
     $output .= <<"ENDONE";
-    function opendatebrowser(callingform,formname) {
+    function opendatebrowser(callingform,formname,calledby) {
         var bulkaction = callingform.bulkaction.options[callingform.bulkaction.selectedIndex].value;
         if (bulkaction == 'revoke' || bulkaction == 'delete' || bulkaction == '') {
+            if (calledby == 'go') {
+                if (bulkaction == 'revoke') {
+                    alert("$nopopup{'revoke'}");
+                }
+                if (bulkaction == 'delete') {
+                    alert("$nopopup{'delete'}"); 
+                }
+                if (bulkaction == '') {
+                    alert("$nopopup{'none'}");
+                }
+            }
             return;
         }
         var url = '/adm/createuser?';
@@ -3382,7 +3404,7 @@ sub upfile_drop_add {
                      );
         my $flushc=0;
         my %student=();
-        my (%curr_groups,@sections,@cleansec,@secs,$defaultwarn,$groupwarn);
+        my (%curr_groups,@sections,@cleansec,$defaultwarn,$groupwarn);
         my %userchg;
         if ($context eq 'course' || $setting eq 'course') {
             if ($context eq 'course') {
@@ -3421,10 +3443,10 @@ sub upfile_drop_add {
         }
         my (%curr_rules,%got_rules,%alerts);
         my %customroles = &my_custom_roles();
-        my ($custom_ok,@permitted_roles) =
-            &roles_on_upload($context,%customroles);
+        my @permitted_roles = &roles_on_upload($context,$setting,%customroles); 
         # Get new users list
         foreach my $line (@userdata) {
+            my @secs;
             my %entries=&Apache::loncommon::record_sep($line);
             # Determine user name
             unless (($entries{$fields{'username'}} eq '') ||
@@ -3458,8 +3480,8 @@ sub upfile_drop_add {
                     my $username = $entries{$fields{'username'}};
                     if (defined($fields{'sec'})) {
                         if (defined($entries{$fields{'sec'}})) {
+                            $entries{$fields{'sec'}} =~ s/\W//g;
                             my $item = $entries{$fields{'sec'}};
-                            $item =~ s/(\s+$|^\s+)//g;
                             if ($item eq "none" || $item eq 'all') {
                                 $r->print('<br />'.&mt('<b>[_1]</b>: Unable to enroll user [_2] [_3] [_4] [_5] in a section named "[_6]" - this is a reserved word.',$username,$fname,$mname,$lname,$gen,$item));
                                 next;
@@ -3518,13 +3540,10 @@ sub upfile_drop_add {
                     my $role = '';
                     if (defined($fields{'role'})) {
                         if ($entries{$fields{'role'}}) {
-                            if (grep(/^\Q$entries{$fields{'role'}}\E$/,@permitted_roles)) {
-                                $role=$entries{$fields{'role'}};
-                                $role =~ s/(\s+$|^\s+)//g;
-                            }
-                            if ($custom_ok) {
-                                if ($customroles{$role}) {
-                                    $role = 'cr_'.$env{'user.domain'}.'_'.$env{'user.name'}.'_'.$entries{$fields{'role'}};
+                            $entries{$fields{'role'}}  =~ s/(\s+$|^\s+)//g;
+                            if ($entries{$fields{'role'}} ne '') {
+                                if (grep(/^\Q$entries{$fields{'role'}}\E$/,@permitted_roles)) {
+                                    $role = $entries{$fields{'role'}};
                                 }
                             }
                             if ($role eq '') {
@@ -3619,59 +3638,60 @@ sub upfile_drop_add {
                         my $multiple = 0;
                         my ($userresult,$authresult,$roleresult,$idresult);
                         my (%userres,%authres,%roleres,%idres);
+                        my $singlesec = '';
                         if ($role eq 'st') {
                             my $sec;
-                            if ($cid) {
-                                if (@secs > 0) {
-                                    $sec = $secs[0];
-                                }
-                                &modifystudent($domain,$username,$cid,$sec,
-                                               $desiredhost);
-                                $roleresult =
-                                    &Apache::lonnet::modifystudent
-                                        ($domain,$username,$id,$amode,$password,
-                                         $fname,$mname,$lname,$gen,$sec,$enddate,
-                                         $startdate,$env{'form.forceid'},
-                                         $desiredhost,$email,'manual','',$cid);
-                                $userresult = $roleresult;
+                            if (@secs > 0) {
+                                $sec = $secs[0];
                             }
+                            &modifystudent($domain,$username,$cid,$sec,
+                                           $desiredhost);
+                            $roleresult =
+                                &Apache::lonnet::modifystudent
+                                    ($domain,$username,$id,$amode,$password,
+                                     $fname,$mname,$lname,$gen,$sec,$enddate,
+                                     $startdate,$env{'form.forceid'},
+                                     $desiredhost,$email,'manual','',$cid);
+                            $userresult = $roleresult;
                         } else {
-                            if (($context eq 'course') || 
-                                (grep(/^\Q$role\E$/,@courseroles))) {
-                                if (!$cid) {
-                                    next;
-                                }
-                            }
-                            my $singlesec;
-                            if ((grep(/^\Q$role\E$/,@courseroles)) && ($role ne 'cc')) {
-                                if (@secs > 1) {
-                                    $multiple = 1;
-                                    foreach my $sec (@secs) {
-                                        ($userres{$sec},$authres{$sec},$roleres{$sec},$idres{$sec}) =
-                                            &modifyuserrole($context,$setting,
-                                                $changeauth,$cid,$domain,$username,
-                                                $id,$amode,$password,$fname,
-                                                $mname,$lname,$gen,$sec,
-                                                $env{'form.forceid'},$desiredhost,
-                                                $email,$role,$enddate,$startdate,$checkid);
+                            if ($role ne '') { 
+                                if ($context eq 'course' || $setting eq 'course') {
+                                    if ($customroles{$role}) {
+                                        $role = 'cr_'.$env{'user.domain'}.'_'.
+                                                $env{'user.name'}.'_'.$role;
+                                    }
+                                    if ($role ne 'cc') { 
+                                        if (@secs > 1) {
+                                            $multiple = 1;
+                                            foreach my $sec (@secs) {
+                                                ($userres{$sec},$authres{$sec},$roleres{$sec},$idres{$sec}) =
+                                                &modifyuserrole($context,$setting,
+                                                    $changeauth,$cid,$domain,$username,
+                                                    $id,$amode,$password,$fname,
+                                                    $mname,$lname,$gen,$sec,
+                                                    $env{'form.forceid'},$desiredhost,
+                                                    $email,$role,$enddate,
+                                                    $startdate,$checkid);
+                                            }
+                                        } elsif (@secs > 0) {
+                                            $singlesec = $secs[0];
+                                        }
                                     }
-                                } elsif (@secs > 0) {
-                                    $singlesec = $secs[0];
                                 }
                             }
                             if (!$multiple) {
                                 ($userresult,$authresult,$roleresult,$idresult) = 
                                     &modifyuserrole($context,$setting,
-                                        $changeauth,$cid,$domain,$username, 
-                                        $id,$amode,$password,$fname,
-                                        $mname,$lname,$gen,$singlesec,
-                                        $env{'form.forceid'},$desiredhost,
-                                        $email,$role,$enddate,$startdate,$checkid);
+                                                    $changeauth,$cid,$domain,$username, 
+                                                    $id,$amode,$password,$fname,
+                                                    $mname,$lname,$gen,$singlesec,
+                                                    $env{'form.forceid'},$desiredhost,
+                                                    $email,$role,$enddate,$startdate,$checkid);
                             }
                         }
                         if ($multiple) {
                             foreach my $sec (sort(keys(%userres))) {
-                               $flushc =
+                                $flushc =
                                 &user_change_result($r,$userres{$sec},$authres{$sec},
                                                     $roleres{$sec},$idres{$sec},\%counts,$flushc,
                                                     $username,\%userchg);
@@ -4539,24 +4559,17 @@ sub authorpriv {
 }
 
 sub roles_on_upload {
-    my ($context,%customroles) = @_;
+    my ($context,$setting,%customroles) = @_;
     my (@possible_roles,@permitted_roles);
-    if ($context eq 'domain') {
-        @possible_roles = &curr_role_permissions($context,undef,1);
-        push(@possible_roles,&curr_role_permissions($context,'course',1));
-    } else {
-        @possible_roles = &curr_role_permissions($context,undef,1);
-    }
-    my $custom_ok = 0;
+    @possible_roles = &curr_role_permissions($context,$setting,1);
     foreach my $role (@possible_roles) {
         if ($role eq 'cr') {
-            $custom_ok = 1;
             push(@permitted_roles,keys(%customroles));
         } else {
             push(@permitted_roles,$role);
         }
     }
-    return ($custom_ok,@permitted_roles);
+    return @permitted_roles;
 }
 
 sub get_course_identity {