--- loncom/interface/portfolio.pm	2005/12/19 23:19:18	1.92
+++ loncom/interface/portfolio.pm	2006/07/18 01:25:43	1.134
@@ -1,3 +1,8 @@
+# The LearningOnline Network
+# portfolio browser
+#
+# $Id: portfolio.pm,v 1.134 2006/07/18 01:25:43 banghart Exp $
+#
 # Copyright Michigan State University Board of Trustees
 #
 # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
@@ -30,89 +35,184 @@ use Apache::lontexconvert;
 use Apache::lonfeedback;
 use Apache::lonlocal;
 use Apache::lonnet;
+use Apache::longroup;
+use Apache::lonhtmlcommon;
+use HTML::Entities;
+use LONCAPA;
 
 # receives a file name and path stub from username/userfiles/portfolio/
 # returns an anchor tag consisting encoding filename and currentpath
 sub make_anchor {
-    my ($filename, $current_path, $current_mode, $field_name, $continue_select) = @_;
+    my ($url, $filename, $current_path, $current_mode, $field_name,
+        $continue_select,$group) = @_;
     if ($continue_select ne 'true') {$continue_select = 'false'};
-    my $anchor = '<a href="/adm/portfolio?selectfile='.$filename.'&currentpath='.$current_path.'&mode='.$current_mode.'&continue='.$continue_select.'&fieldname='.$field_name.'">'.$filename.'</a>';
+    my $anchor = '<a href="'.$url.'?selectfile='.$filename.'&amp;currentpath='.$current_path.'&amp;mode='.$current_mode.'&amp;continue='.$continue_select.'&amp;fieldname='.$field_name;
+    if (defined($group)) {
+        $anchor .= '&amp;group='.$group;
+    }
+    $anchor .= '">'.$filename.'</a>';
     return $anchor;
 }
 my $dirptr=16384;
 sub display_common {
-    my ($r,$current_path,$is_empty,$dir_list)=@_;
-    my $iconpath= $r->dir_config('lonIconsURL') . "/";
-    my %text=&Apache::lonlocal::texthash('upload' => 'Upload',
+    my ($r,$url,$current_path,$is_empty,$dir_list,$group,$can_upload)=@_;
+    my $namespace = &get_namespace($group);
+    my $port_path = &get_port_path($group);
+    if ($can_upload) {
+        my $groupitem;
+        if (defined($group)) {
+            $groupitem = '<input type="hidden" name="group" value="'.$group.'" />';
+        } 
+        my $iconpath= $r->dir_config('lonIconsURL') . "/";
+        my %text=&Apache::lonlocal::texthash(
+					 'upload' => 'Upload',
 					 'upload_label' =>  
 					 'Upload file to current directory:',
 					 'createdir' => 'Create Subdirectory',
 					 'createdir_label' => 
 					 'Create subdirectory in current directory:');
-    $r->print(<<"TABLE"); 
-<table border="0" cellspacing="2" cellpadding="2">
-  <form method="post" enctype="multipart/form-data">
-    <tr valign="middle">
-      <td bgcolor="#ccddaa" align="right">
-        $text{'upload_label'}
-      </td>
-      <td bgcolor="#ccddaa" align="left">
+        my $escuri = &HTML::Entities::encode($r->uri,'&<>"');
+        $r->print(<<"TABLE"); 
+<table id="LC_portfolio_actions">
+  <tr id="LC_portfolio_upload">
+    <td class="LC_label">
+      $text{'upload_label'}
+    </td>
+    <td class="LC_value">
+      <form method="post" enctype="multipart/form-data" action="$escuri">
+        $groupitem 
         <input name="uploaddoc" type="file" />
 	<input type="hidden" name="currentpath" value="$current_path" />
 	<input type="hidden" name="action" value="$env{"form.action"}" />
 	<input type="hidden" name="fieldname" value="$env{"form.fieldname"}" />
 	<input type="hidden" name="mode" value="$env{"form.mode"}" />
 	<input type="submit" name="storeupl" value="$text{'upload'}" />
-      </td>
-    </tr>
-  </form>
-  <form method="post">
-    <tr>
-      <td bgcolor="#ccddaa" align="right">
-        $text{'createdir_label'}
-      </td>
-      <td bgcolor="#ccddaa" align="left">
-        <input name="newdir" type="input" />
+      </form>
+    </td>
+  </tr>
+  <tr id="LC_portfolio_createdir">
+    <td class="LC_label">
+      $text{'createdir_label'}
+    </td>
+    <td class="LC_value">
+      <form method="post" action="$escuri">
+        <input name="newdir" type="input" />$groupitem
         <input type="hidden" name="currentpath" value="$current_path" />
         <input type="hidden" name="action" value="$env{"form.action"}" />
         <input type="hidden" name="fieldname" value="$env{"form.fieldname"}" />
         <input type="hidden" name="mode" value="$env{"form.mode"}" />
         <input type="submit" name="createdir" value="$text{'createdir'}" />
-      </td>
-    </tr>
-  </form>
+      </form>
+    </td>
+  </tr>
 </table>
 TABLE
+    }
     my @tree = split (/\//,$current_path);
-    $r->print('<font size="+2">'.&make_anchor('portfolio','/',$env{"form.mode"},$env{"form.fieldname"},$env{"form.continue"}).'/');
+    $r->print('<span class="LC_current_location">'.&make_anchor($url,$port_path,'/',$env{"form.mode"},$env{"form.fieldname"},$env{"form.continue"},$group).'/');
     if (@tree > 1){
         my $newCurrentPath = '';
         for (my $i = 1; $i< @tree; $i++){
             $newCurrentPath .= $tree[$i].'/';
-            $r->print(&make_anchor($tree[$i],'/'.$newCurrentPath, $env{"form.mode"},$env{"form.fieldname"}, $env{"form.continue"}).'/');
+            $r->print(&make_anchor($url,$tree[$i],'/'.$newCurrentPath, $env{"form.mode"},$env{"form.fieldname"}, $env{"form.continue"},$group).'/');
         }
     }
-    $r->print('</font>');
-    &Apache::lonhtmlcommon::store_recent('portfolio',$current_path,$current_path);
-    $r->print('<br /><form method=post action="/adm/portfolio?mode='.$env{"form.mode"}.'&fieldname='.$env{"form.fieldname"}.'">'.
-	      &Apache::lonhtmlcommon::select_recent('portfolio','currentpath',
+    $r->print('</span>');
+    &Apache::lonhtmlcommon::store_recent($namespace,$current_path,$current_path);
+    $r->print('<br /><form method="post" action="'.$url.'?mode='.$env{"form.mode"}.'&amp;fieldname='.$env{"form.fieldname"});
+    if (defined($group)) {
+        $r->print('&amp;group='.$group);
+    }
+    $r->print('">'.
+	      &Apache::lonhtmlcommon::select_recent($namespace,'currentpath',
 						    'this.form.submit();'));
     $r->print("</form>");
 }
+sub display_directory_line {
+    my ($r,$select_mode,$fullpath, $css_class, $line, $access_controls, 
+            $now, $version_flag, $href_location, $url, $current_path, $groupecho, $access_admin_text)=@_;
+    my ($filename,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime,undef,undef,undef,$obs,undef)=split(/\&/,$line,16); 
+		$r->print('<tr class="'.$css_class.'">');
+		$r->print($line);
+		my $curr_access;
+		if ($select_mode ne 'true') {
+		    my $pub_access = 0;
+		    my $guest_access = 0;
+		    my $cond_access = 0;
+		    foreach my $key (sort(keys(%{$$access_controls{$fullpath}}))) {
+			my ($num,$scope,$end,$start) = &unpack_acc_key($key);
+			if (($now > $start) && (!$end || $end > $now)) {
+			    if ($scope eq 'public')  {
+				$pub_access = 1;
+			    } elsif ($scope eq 'guest') {
+				$guest_access = 1;
+			    } else {
+				$cond_access = 1;
+			    }
+			}
+		    }
+		    if (!$pub_access && !$guest_access && !$cond_access) {
+			$curr_access = &mt('Private');
+		    } else {
+			my @allaccesses; 
+			if ($pub_access) {
+			    push(@allaccesses,&mt('Public'));
+			}
+			if ($guest_access) {
+			    push(@allaccesses,&mt('Passphrase-protected'));
+			}
+			if ($cond_access) {
+			    push(@allaccesses,&mt('Conditional'));
+			}
+			$curr_access = join('+ ',@allaccesses);
+		    }
+		}
+		$r->print('<td><img alt="" src="'.&Apache::loncommon::icon($filename).'" /></td>');
+		$r->print('<td>'.$$version_flag{$filename}.'<a href="'.$href_location.$filename.'">'.
+			  $filename.'</a></td>'); 
+		$r->print('<td>'.$size.'</td>');
+		$r->print('<td>'.&Apache::lonlocal::locallocaltime($mtime).'</td>');
+		if ($select_mode ne 'true') {
+		    $r->print('<td><span style="white-space: nowrap">'.
+			      &mt($curr_access).'&nbsp;&nbsp;&nbsp;');
+		    $r->print('<a href="'.$url.'?access='.$filename.
+			      '&amp;currentpath='.$current_path.$groupecho.
+			      '">'.$access_admin_text.'</a></span></td>');
+		}
+		$r->print('</tr>'.$/);
+}
 sub display_directory {
-    my ($r,$current_path,$is_empty,$dir_list)=@_;
+    my ($r,$url,$current_path,$is_empty,$dir_list,$group,$can_upload,
+        $can_modify,$can_delete,$can_setacl)=@_;
     my $iconpath= $r->dir_config('lonIconsURL') . "/";
+    my ($groupitem,$groupecho);
     my $display_out;
     my $select_mode;
     my $checked_files;
-    my %locked_files = &Apache::lonnet::get_marked_as_readonly_hash ($env{'user.domain'},$env{'user.name'});
+    my $port_path = &get_port_path($group);
+    my ($uname,$udom) = &get_name_dom($group);
+    my $access_admin_text = &mt('View Status');
+    if ($can_setacl) {
+        $access_admin_text = &mt('View/Change Status');
+    }
+    if ((defined($group)) && (defined($env{'request.course.id'}))) {
+       $groupitem = '<input type="hidden" name="group" value="'.$group.'" />'; 
+       $groupecho = '&amp;group='.$group;
+    }
+
+    my $current_permissions = &Apache::lonnet::get_portfile_permissions($udom,
+                                                                        $uname);
+    my %locked_files = &Apache::lonnet::get_marked_as_readonly_hash(
+                                                  $current_permissions,$group);
+    my %access_controls = &Apache::lonnet::get_access_controls($current_permissions,$group);
+    my $now = time;
     if ($env{"form.mode"} eq 'selectfile'){
 	&select_files($r);
-	$checked_files =&Apache::lonnet::files_in_path($env{'user.name'},$env{'form.currentpath'});
+	$checked_files =&Apache::lonnet::files_in_path($uname,$env{'form.currentpath'});
 	$select_mode = 'true';
     } 
-    if ($is_empty && ($current_path ne '/')) {
-        $display_out = '<form method="post" action="/adm/portfolio">'.
+    if ($is_empty && ($current_path ne '/') && $can_delete) {
+        $display_out = '<form method="post" action="'.$url.'">'.$groupitem.
         '<input type="hidden" name="action" value="deletedir" />'.
         '<input type="submit" name="deletedir" value="'.&mt("Delete Directory").'" />'.
         '<input type="hidden" name="selectfile" value="" />'.
@@ -123,16 +223,22 @@ sub display_directory {
 	return;
     }
     if ($select_mode eq 'true') {
-        $r->print('<table border="0" cellspacing="2" cellpadding="2">'.
+        $r->print('<form method="post" name="checkselect" action="'.$url.'">');
+        $r->print('<table id="LC_browser">'.
             '<tr><th>Select</th><th>&nbsp;</th><th>Name</th><th>Size</th><th>Last Modified</th></tr>');
-        $r->print('<form method="post" name="checkselect" action="/adm/portfolio">');
     } else {
-        $r->print('<table border="0" cellspacing="2" cellpadding="2">'.
-            '<tr><th colspan="2">Actions</th><th>&nbsp;</th><th>Name</th><th>Size</th><th>Last Modified</th></tr>');
-        $r->print('<form method="post" action="/adm/portfolio">');
-    }
-    my $href_location="/uploaded/$env{'user.domain'}/$env{'user.name'}/portfolio$current_path";
-    my $href_edit_location="/editupload/$env{'user.domain'}/$env{'user.name'}/portfolio$current_path";
+        $r->print('<form method="post" action="'.$url.'">');
+        $r->print('<table id="LC_browser">'.
+            '<tr><th colspan="2">Actions</th><th>&nbsp;</th><th>Name</th><th>Size</th><th>Last Modified</th><th>Current Access Status</th></tr>');
+    }
+    if (defined($group)) {
+        $r->print("\n".$groupitem."\n");
+    }
+    my $href_location="/uploaded/$udom/$uname/$port_path".$current_path;
+    my $href_edit_location="/editupload/$udom/$uname/$port_path".$current_path;
+    my @dir_lines;
+    my @version_lines;
+    my %versioned;
     foreach my $line (sort 
 		      { 
 			  my ($afile)=split('&',$a,2);
@@ -143,67 +249,156 @@ sub display_directory {
     	#$dom 
     	my ($filename,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime,undef,undef,undef,$obs,undef)=split(/\&/,$line,16); 
     	$filename =~ s/\s+$//;
-    	if (($filename ne '.') && ($filename ne '..') && ($filename !~ /\.meta$/ ) && ($filename !~ /(.*)\.(.*)\.(.*)/)) {
+    	my ($fname,$version,$extension) = &Apache::grades::file_name_version_ext($filename);
+    	if ($version) {
+    	    push(@version_lines, [$filename,$dom,$testdir,$size,$mtime,$obs]);
+    	    $versioned{$fname.'.'.$extension} .= $version.",";
+    	} else {
+    	    push(@dir_lines, [$filename,$dom,$testdir,$size,$mtime,$obs]);
+    	}
+    }
+    foreach my $line (@dir_lines) {
+        my ($filename,$dom,$testdir,$size,$mtime,$obs) = @$line;
+        my ($fname,$version,$extension) = &Apache::grades::file_name_version_ext($filename);
+    	if (($filename ne '.') && ($filename ne '..') && ($filename !~ /\.meta$/ ) && ($filename !~ /(.*)\.(\d+)\.([^\.]*)$/)) {
+    	    my %version_flag;
+    	    my $show_versions;
+    	    if ($env{'form.showversions'} eq $filename) {
+    	        $show_versions = 'true';
+    	    }
+    	    if (exists($versioned{$filename})) {
+    	        if ($show_versions) {
+                    $version_flag{$filename} = '<a href="portfolio"><img alt="'.&mt('opened folder').'" src="'.$iconpath.'folder_pointer_opened.gif" /></a>';
+    	        } else {
+                    $version_flag{$filename} = '<a href="portfolio?showversions='.$filename.'"><img alt="'.&mt('closed folder').'" src="'.$iconpath.'folder_pointer_closed.gif" /></a>';
+                }
+    	    } else {
+    	        $version_flag{$filename} = '';
+    	    }
             if ($dirptr&$testdir) {
+		my $colspan='colspan="2"';
                 if ($select_mode eq 'true'){
-                    $r->print('<tr bgcolor="#FFAA99"><td><img src="'.$iconpath.'folder_closed.gif"></td>');
-                } else {
-                    $r->print('<tr bgcolor="#FFAA99"><td colspan="2"><img src="'.$iconpath.'folder_closed.gif"></td>');
+		    undef($colspan);
                 }
+		$r->print('<tr class="LC_browser_folder"><td '.$colspan.'><img alt="'.&mt('closed folder').'" src="'.$iconpath.'folder_closed.gif" /></td>');
                 $r->print('<td>Go to ...</td>');
-                $r->print('<td>'.&make_anchor($filename.'/',$current_path.$filename.'/',$env{'form.mode'},$env{"form.fieldname"},$env{'form.continue'}).'</td>'); 
+                $r->print('<td>'.$version_flag{$filename}.&make_anchor($url,$filename.'/',$current_path.$filename.'/',$env{'form.mode'},$env{"form.fieldname"},$env{'form.continue'},$group).'</td>'); 
                 $r->print('</tr>'); 
             } else {
-                $r->print('<tr bgcolor="#CCCCFF">');
-                if ($select_mode eq 'true'){
-                    $r->print('<td><input type="checkbox" name="checkfile" value="'.$filename.'"'); 
-                    if ($$checked_files{$filename} eq 'selected') {
-                        $r->print("CHECKED");
+		my $css_class = 'LC_browser_file';
+		my $line;
+                my $fullpath = $current_path.$filename;
+                $fullpath = &prepend_group($fullpath,$group);
+                if ($select_mode eq 'true') {
+                    $line='<td><input type="checkbox" name="checkfile" value="'.$filename.'"';
+		    if ($$checked_files{$filename} eq 'selected') {
+                        $line.=" checked ";
                     }
-                    $r->print('></td>');
+		    $line.=' /></td>';
                 } else {
-                    if (exists $locked_files{$current_path.$filename}){
-                        $r->print('<td colspan="2"><a href="portfolio?lockinfo='.$current_path.$filename.'">Locked</a></td>');
+                    if (exists $locked_files{$fullpath}) {
+                        $line.='<td colspan="2"><a href="'.$url.'?lockinfo='.$current_path.$filename.$groupecho.'">Locked</a></td>';
+			$css_class= 'LC_browser_file_locked';
                     } else {
-			my $cat='<img alt="'.&mt('Catalog Information').
-			    '" src="'.&Apache::loncommon::lonhttpdurl('/res/adm/pages/catalog.gif').'" />';
-                        $r->print('<td><input type="checkbox" name="selectfile" value="'.$filename.'" />
-                            <a href="/adm/portfolio?rename='.$filename.'&amp;currentpath='.$current_path.'">Rename</a></td>
-                            <td><a href="'.$href_edit_location.$filename.'.meta">'.$cat.'</a>
-                            </td>');
+                        if (!$can_modify) {
+                            $line .= '<td colspan="2">';
+                        } else {
+                            $line .= '<td>';
+                        }
+                        if ($can_delete) {
+                            $line .= '<input type="checkbox" name="selectfile" value="'.$filename.'" />';
+                        }
+                        if ($can_modify) {
+                            my $cat='<img alt="'.&mt('Catalog Information').
+                            '" src="'.&Apache::loncommon::lonhttpdurl('/res/adm/pages/catalog.gif').'" />';
+                            $line .= '<a href="'.$url.'?rename='.$filename.'&amp;currentpath='.$current_path.$groupecho.'">Rename</a>';
+                            $line .= '</td><td>'.$version_flag{$filename}.'<a href="'.$href_edit_location.$filename.'.meta">'.$cat.'</a>';
+                        }
+                        $line .= '</td>';
                     }
                 }
-                $r->print('<td><img src="'.&Apache::loncommon::icon($filename).'"></td>');
-                $r->print('<td><a href="'.$href_location.$filename.'">'.
-			    $filename.'</a></td>'); 
-                $r->print('<td>'.$size.'</td>');
-                $r->print('<td>'.&Apache::lonlocal::locallocaltime($mtime).'</td>');
-                $r->print('</tr>'); 
+#                &display_directory_line($r,$select_mode,$fullpath, $css_class, $line, \%access_controls, 
+#                        $now, \%version_flag, $href_location, $url, $current_path, $groupecho, $access_admin_text);
+		$r->print('<tr class="'.$css_class.'">');
+		$r->print($line);
+		my $curr_access;
+		if ($select_mode ne 'true') {
+		    my $pub_access = 0;
+		    my $guest_access = 0;
+		    my $cond_access = 0;
+		    foreach my $key (sort(keys(%{$access_controls{$fullpath}}))) {
+			my ($num,$scope,$end,$start) = &unpack_acc_key($key);
+			if (($now > $start) && (!$end || $end > $now)) {
+			    if ($scope eq 'public')  {
+				$pub_access = 1;
+			    } elsif ($scope eq 'guest') {
+				$guest_access = 1;
+			    } else {
+				$cond_access = 1;
+			    }
+			}
+		    }
+		    if (!$pub_access && !$guest_access && !$cond_access) {
+			$curr_access = &mt('Private');
+		    } else {
+			my @allaccesses; 
+			if ($pub_access) {
+			    push(@allaccesses,&mt('Public'));
+			}
+			if ($guest_access) {
+			    push(@allaccesses,&mt('Passphrase-protected'));
+			}
+			if ($cond_access) {
+			    push(@allaccesses,&mt('Conditional'));
+			}
+			$curr_access = join('+ ',@allaccesses);
+		    }
+		}
+		$r->print('<td><img alt="" src="'.&Apache::loncommon::icon($filename).'" /></td>');
+		$r->print('<td>'.$version_flag{$filename}.'<a href="'.$href_location.$filename.'">'.
+			  $filename.'</a></td>'); 
+		$r->print('<td>'.$size.'</td>');
+		$r->print('<td>'.&Apache::lonlocal::locallocaltime($mtime).'</td>');
+		if ($select_mode ne 'true') {
+		    $r->print('<td><span style="white-space: nowrap">'.
+			      &mt($curr_access).'&nbsp;&nbsp;&nbsp;');
+		    $r->print('<a href="'.$url.'?access='.$filename.
+			      '&amp;currentpath='.$current_path.$groupecho.
+			      '">'.$access_admin_text.'</a></span></td>');
+		}
+		$r->print('</tr>'.$/);
+		if ($show_versions) {
+		    
+		}
             }
         }
     }
     if ($select_mode eq 'true') {
         $r->print('</table>
-            <input type="hidden" name="continue" value="true">
-            <input type="hidden" name="fieldname" value="'.$env{'form.fieldname'}.'">
-            <input type="hidden" name="mode" value="selectfile">
+            <input type="hidden" name="continue" value="true" />
+            <input type="hidden" name="fieldname" value="'.$env{'form.fieldname'}.'" />
+            <input type="hidden" name="mode" value="selectfile" />
             <input type="submit" name="submit" value="Select checked files, and continue selecting." /><br />
             <input type="button" name="doit" onClick= "finishSelect();" value="Select checked files, and close window" />
             <input type="hidden" name="currentpath" value="'.$current_path.'" />
         </form>');        
     } else {
-        $r->print('</table>
+        $r->print('</table>');
+        if ($can_delete) {
+            $r->print('
         <input type="submit" name="doit" value="Delete Checked Files" />
         <input type="hidden" name="action" value="delete" />
         <input type="hidden" name="currentpath" value="'.$current_path.'" />
-        </form>');
+        </form>'
+            );
+        }
     }
 }
 
 sub open_form {
-    my ($r)=@_;
+    my ($r,$url)=@_;
     my @files=&Apache::loncommon::get_env_multiple('form.selectfile');
-    $r->print('<form method="post" action="/adm/portfolio">');
+    $r->print('<form name="portform" method="post" action="'.$url.'">');
     $r->print('<input type="hidden" name="action" value="'.
 	      $env{'form.action'}.'" />');
     $r->print('<input type="hidden" name="confirmed" value="1" />');
@@ -216,107 +411,132 @@ sub open_form {
 }
 
 sub close_form {
-    my ($r)=@_;
-    $r->print('<p><input type="submit" value="'.&mt('Continue').
-	      '" /></p></form>');
-    $r->print('<form action="/adm/portfolio" method="POST">
+    my ($r,$url,$group,$button_text)=@_;
+    if (!defined($button_text)) {
+        $button_text = {
+                         'continue' => &mt('Continue'),
+                         'cancel'   => &mt('Cancel'),
+                       };
+    }
+    $r->print('<p><input type="submit" value="'.$button_text->{'continue'}.'" />');
+    if (defined($group)) {
+       $r->print("\n".'<input type="hidden" name="group" value="'.
+              $group.'" />');
+    }
+    $r->print('</p></form>');
+    $r->print('<form action="'.$url.'" method="post">
                <p>
               <input type="hidden" name="currentpath" value="'.
-	      $env{'form.currentpath'}.'" />
-                 <input type="submit" value="'.&mt('Cancel').'" />
-               </p></form>');
-
+	      $env{'form.currentpath'}.'" />');
+    if (defined($group)) {
+       $r->print("\n".'<input type="hidden" name="group" value="'.
+              $group.'" />');
+    }
+    $r->print("\n".'   <input type="submit" value="'.$button_text->{'cancel'}.'" />
+               </p></form>'); 
 }
 
 sub display_file {
     my ($path,$filename)=@_;
     my $display_file_text;
+    my $file_start='<span class="LC_filename">';
+    my $file_end='</span>';
     if (!defined($path)) { $path=$env{'form.currentpath'}; }
     if (!defined($filename)) { 
         $filename=$env{'form.selectfile'};
-        $display_file_text = '<tt>'.$path.$filename.'</tt>';
+        $display_file_text = $file_start.$path.$filename.$file_end;
     } elsif (ref($filename) eq "ARRAY") {
-        foreach (@$filename) {
-            $display_file_text .= '<tt>'.$path.$_.'</tt><br />';
+        foreach my $file (@$filename) {
+            $display_file_text .= $file_start.$path.$file.$file_end.'<br />';
         }
     } elsif (ref($filename) eq "SCALAR") {
-        $display_file_text = '<tt>'.$path.$filename.'</tt>';        
+        $display_file_text = $file_start.$path.$$filename.$file_end;
+    } else {
+	$display_file_text = $file_start.$path.$filename.$file_end;
     }
     return $display_file_text;
 }
 
 sub done {
-    my ($message)=@_;
+    my ($message,$url,$group)=@_;
     unless (defined $message) {
         $message='Done';
     }
-    return ('<h3><a href="/adm/portfolio?currentpath='.
-	    $env{'form.currentpath'}.
-	    '&fieldname='.$env{'form.fieldname'}.
-	    '&mode='.$env{'form.mode'}.
-	    '">'.&mt($message).'</a></h3>');
+    my $result = '<h3><a href="'.$url.'?currentpath='.
+	         $env{'form.currentpath'}.
+	         '&fieldname='.$env{'form.fieldname'}.
+	         '&mode='.$env{'form.mode'};
+    if (defined($group)) {
+        $result .= '&group='.$group;
+    }
+    $result .= '">'.&mt($message).'</a></h3>';
+    return $result;
 }
 
 sub delete {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my @check;
     my $file_name = $env{'form.currentpath'}.$env{'form.selectfile'};
+    $file_name = &prepend_group($file_name,$group);
     my @files=&Apache::loncommon::get_env_multiple('form.selectfile');
-
-    if (&Apache::lonnet::is_locked($file_name,$env{'user.domain'},$env{'user.name'} ) eq 'true') {
+    my ($uname,$udom) = &get_name_dom($group);
+    if (&Apache::lonnet::is_locked($file_name,$udom,$uname) eq 'true') {
         $r->print ("The file is locked and cannot be deleted.<br />");
-        $r->print(&done('Back'));
+        $r->print(&done('Back',$url,$group));
     } else {
         if (scalar(@files)) {
-            &open_form($r);
+            &open_form($r,$url);
             $r->print('<p>'.&mt('Delete').' '.&display_file(undef,\@files).'?</p>');
-            &close_form($r);
+            &close_form($r,$url,$group);
         } else {
             $r->print("No file was checked to delete.<br />");
-            $r->print(&done());
+            $r->print(&done(undef,$url,$group));
         }
     }
 } 
 
 sub delete_confirmed {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my @files=&Apache::loncommon::get_env_multiple('form.selectfile');
     my $result;
+    my ($uname,$udom) = &get_name_dom($group);
+    my $port_path = &get_port_path($group);
     foreach my $delete_file (@files) {
-        $result=&Apache::lonnet::removeuserfile($env{'user.name'},
-					       $env{'user.domain'},'portfolio'.
+        $result=&Apache::lonnet::removeuserfile($uname,$udom,$port_path.
 					       $env{'form.currentpath'}.
 					       $delete_file);
         if ($result ne 'ok') {
-	$r->print('<font color="red"> An error occured ('.$result.
-		  ') while trying to delete '.&display_file(undef, $delete_file).'</font><br />');
+	$r->print('<span class="LC_error"> An error occured ('.$result.
+		  ') while trying to delete '.&display_file(undef, $delete_file).'</span><br />');
         }
     }
-    $r->print(&done());
+    $r->print(&done(undef,$url,$group));
 }
 
 sub delete_dir {
-    my ($r)=@_;
-    &open_form($r);
+    my ($r,$url,$group)=@_;
+    &open_form($r,$url);
     $r->print('<p>'.&mt('Delete').' '.&display_file().'?</p>');
-    &close_form($r);
+    &close_form($r,$url,$group);
 } 
 
 sub delete_dir_confirmed {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my $directory_name = $env{'form.currentpath'};
     $directory_name =~ s|/$||; # remove any trailing slash
-    my $result=&Apache::lonnet::removeuserfile($env{'user.name'},
-					       $env{'user.domain'},'portfolio'.
+    my ($uname,$udom) = &get_name_dom($group);
+    my $namespace = &get_namespace($group);
+    my $port_path = &get_port_path($group);
+    my $result=&Apache::lonnet::removeuserfile($uname,$udom,$port_path.
 					       $directory_name);
 					       
     if ($result ne 'ok') {
-	$r->print('<font color="red"> An error occured (dir) ('.$result.
-		  ') while trying to delete '.$directory_name.'</font><br />');
+	$r->print('<span class="LC_error"> An error occured (dir) ('.$result.
+		  ') while trying to delete '.$directory_name.'</span><br />');
     } else {
         # now remove from recent
 #        $r->print('<br /> removing '.$directory_name.'<br /');
-        &Apache::lonhtmlcommon::remove_recent('portfolio',[$directory_name.'/']);
+        &Apache::lonhtmlcommon::remove_recent($namespace,[$directory_name.'/']);
         my @dirs = split m!/!, $directory_name;
         
 #        $directory_name =~ m/^(\/*\/)(\/*.)$/;
@@ -326,49 +546,914 @@ sub delete_dir_confirmed {
         }
         $env{'form.currentpath'} = $directory_name;
     }
-    $r->print(&done());
+    $r->print(&done(undef,$url,$group));
 }
 
 sub rename {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my $file_name = $env{'form.currentpath'}.$env{'form.rename'};
-    if (&Apache::lonnet::is_locked($file_name,$env{'user.domain'},$env{'user.name'}) eq 'true') {
+    my ($uname,$udom) = &get_name_dom($group);
+    $file_name = &prepend_group($file_name,$group);
+    if (&Apache::lonnet::is_locked($file_name,$udom,$uname) eq 'true') {
         $r->print ("The file is locked and cannot be renamed.<br />");
-        $r->print(&done());
+        $r->print(&done(undef,$url,$group));
     } else {
-        &open_form($r);
+        &open_form($r,$url);
         $r->print('<p>'.&mt('Rename').' '.&display_file().' to 
                    <input name="filenewname" type="input" size="50" />?</p>');
-        &close_form($r);
+        &close_form($r,$url,$group);
     }
 }
 
 sub rename_confirmed {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my $filenewname=&Apache::lonnet::clean_filename($env{'form.filenewname'});
+    my ($uname,$udom) = &get_name_dom($group);
+    my $port_path = &get_port_path($group);
     if ($filenewname eq '') {
-	$r->print('<font color="red">'.
+	$r->print('<span class="LC_error">'.
 		  &mt("Error: no valid filename was provided to rename to.").
-		  '</font><br />');
-	$r->print(&done());
+		  '</span><br />');
+	$r->print(&done(undef,$url,$group));
 	return;
     } 
     my $result=
-	&Apache::lonnet::renameuserfile($env{'user.name'},$env{'user.domain'},
-            'portfolio'.$env{'form.currentpath'}.$env{'form.selectfile'},
-            'portfolio'.$env{'form.currentpath'}.$filenewname);
+	&Apache::lonnet::renameuserfile($uname,$udom,
+            $port_path.$env{'form.currentpath'}.$env{'form.selectfile'},
+            $port_path.$env{'form.currentpath'}.$filenewname);
     if ($result ne 'ok') {
-	$r->print('<font color="red"> An errror occured ('.$result.
-		  ') while trying to rename '.&display_file().' to '.
-		  &display_file(undef,$filenewname).'</font><br />');
+	$r->print('<span class="LC_error">'.
+		  &mt('An errror occured ([_1]) while trying to rename [_2]'
+		      .' to [_3]',$result,&display_file(),
+		      &display_file('',$filenewname)).'</span><br />');
     }
     if ($filenewname ne $env{'form.filenewname'}) {
-        $r->print("The new file name was changed from:<br /><strong>".$env{'form.filenewname'}."</strong> to <strong>$filenewname </strong>");
+        $r->print(&mt("The new file name was changed from:<br />[_1] to [_2]",
+		      '<strong>'.&display_file('',$env{'form.filenewname'}).'</strong>',
+		      '<strong>'.&display_file('',$filenewname).'</strong>'));
+    }
+    $r->print(&done(undef,$url,$group));
+}
+
+sub display_access {
+    my ($r,$url,$group,$can_setacl,$port_path) = @_;
+    my ($uname,$udom) = &get_name_dom($group);
+    my $file_name = $env{'form.currentpath'}.$env{'form.access'};
+    $file_name = &prepend_group($file_name,$group);
+    my $current_permissions = &Apache::lonnet::get_portfile_permissions($udom,
+                                                                        $uname);
+    my %access_controls = &Apache::lonnet::get_access_controls($current_permissions,$group,$file_name);
+    my $aclcount = keys(%access_controls);
+    my $header = '<h3>'.&mt('Allowing others to retrieve portfolio file: [_1]',$port_path.$env{'form.currentpath'}.$env{'form.access'}).'</h3>';
+    my $info .= &mt('Access to this file by others can be set to be one or more of the following types: public, passphrase-protected or conditional.').'<br /><ul><li>'.&mt('Public files are available to anyone without the need for login.').'</li><li>'.&mt('Passphrase-protected files do not require log-in, but will require the viewer to enter the passphrase you set.').'</li><li>'.&mt('Conditional files are accessible to logged-in users with accounts in the LON-CAPA network, who satisfy the conditions you set.').'<br />'.&mt('The conditions can include affiliation with a particular course or group, or a user account in a specific domain.').'<br />'.&mt('Alternatively access can be granted to people with specific LON-CAPA usernames and domains.').'</li></ul>';
+    if ($can_setacl) {
+        &open_form($r,$url);
+        $r->print($header.$info);
+        &access_setting_table($r,$access_controls{$file_name});
+        my $button_text = {
+                        'continue' => &mt('Proceed'),
+                        'cancel' => &mt('Back to directory listing'),
+                      };
+        &close_form($r,$url,$group,$button_text);
+    } else {
+        $r->print($header);
+        if ($aclcount) {  
+            $r->print($info);
+        }
+        &view_access_settings($r,$url,$group,$access_controls{$file_name},
+                              $aclcount);
+    }
+}
+
+sub view_access_settings {
+    my ($r,$url,$group,$access_controls,$aclcount) = @_;
+    my ($showstart,$showend);
+    my %todisplay;
+    foreach my $key (sort(keys(%{$access_controls}))) {
+        my ($num,$scope,$end,$start) = &unpack_acc_key($key);
+        $todisplay{$scope}{$key} = $$access_controls{$key};
+    }
+    if ($aclcount) {
+        $r->print(&mt('<h4>Current access controls defined for this file:</h4>'));
+        $r->print(&Apache::loncommon::start_data_table());
+        $r->print(&Apache::loncommon::start_data_table_header_row());
+        $r->print('<th>'.&mt('Access control').'</th><th>'.&mt('Dates available').
+                  '</th><th>'.&mt('Additional information').'</th>');
+        $r->print(&Apache::loncommon::end_data_table_header_row());
+        my $count = 1;
+        my $chg = 'none';
+        &build_access_summary($r,$count,$chg,%todisplay);
+        $r->print(&Apache::loncommon::end_data_table());
+    } else {
+        $r->print(&mt('No access control settings currently exist for this file.<br />' ));
+    }
+    my $group_arg;
+    if ($group) {
+        $group_arg = '&amp;group='.$group;
+    }
+    $r->print('<br /><a href="'.$url.'?currentpath='.$env{'form.currentpath'}.
+              $group_arg.'">'.&mt('Return to directory listing').'</a>');
+    return;
+}
+
+sub build_access_summary {
+    my ($r,$count,$chg,%todisplay) = @_; 
+    my ($showstart,$showend);
+    my %scope_desc = (
+                      public => 'Public',
+                      guest => 'Passphrase-protected',
+                      domains => 'Conditional: domain-based',
+                      users => 'Conditional: user-based',
+                      course => 'Conditional: course-based',
+                      group => 'Conditional: group-based',
+                     );
+    my @allscopes = ('public','guest','domains','users','course','group');
+    foreach my $scope (@allscopes) {
+        if ((!(exists($todisplay{$scope}))) || (ref($todisplay{$scope}) ne 'HASH')) {
+            next;
+        }
+        foreach my $key (sort(keys(%{$todisplay{$scope}}))) {
+            if ($count) {
+                $r->print(&Apache::loncommon::start_data_table_row());
+            }
+            my ($num,$scope,$end,$start) = &unpack_acc_key($key);
+            my $content = $todisplay{$scope}{$key};
+            if ($chg eq 'delete') {
+                $showstart = &mt('Deleted');
+                $showend = $showstart;
+            } else {
+                $showstart = localtime($start);
+                if ($end == 0) {
+                    $showend = &mt('No end date');
+                } else {
+                    $showend = localtime($end);
+                }
+            }
+            $r->print('<td>'.&mt($scope_desc{$scope}));
+            if (($scope eq 'course') || ($scope eq 'group')) {
+                if ($chg ne 'delete') {
+                    my $cid = $content->{'domain'}.'_'.$content->{'number'};
+                    my %course_description = &Apache::lonnet::coursedescription($cid);
+                    $r->print('<br />('.$course_description{'description'}.')');
+                }
+            }
+            $r->print('</td><td>'.&mt('Start: ').$showstart.
+                  '<br />'.&mt('End: ').$showend.'</td><td>');
+            if ($chg ne 'delete') {
+                if ($scope eq 'guest') {
+                    $r->print(&mt('Passphrase').': '.$content->{'password'});
+                } elsif ($scope eq 'course' || $scope eq 'group') {
+                    $r->print('<table><tr>');
+                    $r->print('<th>'.&mt('Roles').'</th><th>'.
+                          &mt('Access').'</th><th>'.
+                                          &mt('Sections').'</th>');
+                    if ($scope eq 'course') {
+                        $r->print('<th>'.&mt('Groups').'</th>');
+                    } else {
+                        $r->print('<th>'.&mt('Teams').'</th>');
+                    }
+                    $r->print('</tr>');
+                    foreach my $id (sort(keys(%{$content->{'roles'}}))) {
+                        $r->print('<tr>');
+                        foreach my $item ('role','access','section','group') {
+                            $r->print('<td>');
+                            if ($item eq 'role') {
+                                my $ucscope = $scope;
+                                $ucscope =~ s/^(\w)/uc($1)/e;
+                                my $role_output;
+                                foreach my $role (@{$content->{'roles'}{$id}{$item}}) {
+                                    if ($role eq 'all') {
+                                        $role_output .= $role.',';
+                                    } elsif ($role =~ /^cr/) {
+                                        $role_output .= (split('/',$role))[3].',';
+                                    } else {
+                                        $role_output .= &Apache::lonnet::plaintext($role,$ucscope).',';
+                                    }
+                                }
+                                $role_output =~ s/,$//;
+                                $r->print($role_output);
+                            } else {
+                                $r->print(join(',',@{$content->{'roles'}{$id}{$item}}));
+                            }
+                            $r->print('</tr>');
+                        }
+			$r->print("</table>");
+                    }
+		    $r->print("</tr></table>");
+                } elsif ($scope eq 'domains') {
+                    $r->print(&mt('Domains: ').join(',',@{$content->{'dom'}}));
+                } elsif ($scope eq 'users') {
+                    my $curr_user_list = &sort_users($content->{'users'});
+                    $r->print(&mt('Users: ').$curr_user_list);
+                } else {
+                    $r->print('&nbsp;');
+                }
+            } else {
+                $r->print('&nbsp;');
+            }
+            $r->print('</td>');
+            $r->print(&Apache::loncommon::end_data_table_row());
+            $count ++;
+        }
+    }
+}
+
+
+sub update_access {
+    my ($r,$url,$group,$port_path) = @_;
+    my $totalprocessed = 0;
+    my %processing;
+    my %title  = (
+                         'activate' => 'New control(s) added',
+                         'delete'   => 'Existing control(s) deleted',
+                         'update'   => 'Existing control(s) modified',
+                     );
+    my $changes;
+    foreach my $chg (sort(keys(%title))) {     
+        @{$processing{$chg}} = &Apache::loncommon::get_env_multiple('form.'.$chg);
+        $totalprocessed += @{$processing{$chg}};
+        foreach my $num (@{$processing{$chg}}) {
+            my $scope = $env{'form.scope_'.$num};
+            my ($start,$end) = &get_dates_from_form($num);
+            my $newkey = $num.':'.$scope.'_'.$end.'_'.$start;
+            if ($chg eq 'delete') {
+                $$changes{$chg}{$newkey} = 1;
+            } else {
+                $$changes{$chg}{$newkey} = 
+                            &build_access_record($num,$scope,$start,$end,$chg);
+            }
+        }
+    }
+    my $file_name = $env{'form.currentpath'}.$env{'form.selectfile'};
+    $r->print('<h3>'.&mt('Allowing others to retrieve portfolio file: [_1]',
+              $port_path.$file_name).'</h3>'."\n");
+    $file_name = &prepend_group($file_name,$group);
+    my ($uname,$udom) = &get_name_dom($group);
+    my ($errors,$outcome,$deloutcome,$new_values,$translation);
+    if ($totalprocessed) {
+        ($outcome,$deloutcome,$new_values,$translation) =
+        &Apache::lonnet::modify_access_controls($file_name,$changes,$udom,
+                                                $uname);
+    }
+    my $current_permissions = &Apache::lonnet::get_portfile_permissions($udom,
+                                                                       $uname);
+    my %access_controls = 
+	&Apache::lonnet::get_access_controls($current_permissions,
+					     $group,$file_name);
+    if ($totalprocessed) {
+        if ($outcome eq 'ok') {
+            my $updated_controls = $access_controls{$file_name};
+            my ($showstart,$showend);
+            $r->print(&Apache::loncommon::start_data_table());
+            $r->print(&Apache::loncommon::start_data_table_header_row());
+            $r->print('<th>'.&mt('Type of change').'</th><th>'.
+                      &mt('Access control').'</th><th>'.&mt('Dates available').
+                      '</th><th>'.&mt('Additional information').'</th>');
+            $r->print(&Apache::loncommon::end_data_table_header_row());
+            foreach my $chg (sort(keys(%processing))) {
+                if (@{$processing{$chg}} > 0) {
+                    if ($chg eq 'delete') {
+                        if (!($deloutcome eq 'ok')) {
+                            $errors .='<span class="LC_error">'.
+				&mt('A problem occurred deleting access controls: [_1]',$deloutcome).
+				'</span>';
+                            next;
+                        }
+                    }
+                    my $numchgs = @{$processing{$chg}};
+                    $r->print(&Apache::loncommon::start_data_table_row());
+                    $r->print('<td rowspan="'.$numchgs.'">'.&mt($title{$chg}).
+                              '.</td>');
+                    my $count = 0;
+                    my %todisplay;
+                    foreach my $key (sort(keys(%{$$changes{$chg}}))) {
+                        my ($num,$scope,$end,$start) = &unpack_acc_key($key);
+                        my $newkey = $key;
+                        if ($chg eq 'activate') {
+                            $newkey =~ s/^(\d+)/$$translation{$1}/;
+                        }
+                        $todisplay{$scope}{$newkey} = $$updated_controls{$newkey};
+                    }
+                    &build_access_summary($r,$count,$chg,%todisplay);  
+                }
+            }
+            $r->print(&Apache::loncommon::end_data_table());
+        } else {
+            if ((@{$processing{'activate'}} > 0) || (@{$processing{'update'}} > 0)) {
+                $errors .= '<span class="LC_error">'.
+		    &mt('A problem occurred storing access control settings: [_1]',$outcome).
+		    '</span>';
+            }
+        }
+        if ($errors) { 
+            $r->print($errors);
+        }
     }
-    $r->print(&done());
+    my $allnew = 0;
+    my $totalnew = 0;
+    my $status = 'new';
+    my ($firstitem,$lastitem);
+    foreach my $newitem ('course','group','domains','users') {
+        $allnew += $env{'form.new'.$newitem};
+    }
+    if ($allnew > 0) {
+        my $now = time;
+        my $then = $now + (60*60*24*180); # six months approx.
+        &open_form($r,$url,$group);
+        foreach my $newitem ('course','group','domains','users') {
+            if ($env{'form.new'.$newitem} > 0) {
+                $r->print('<br />'.&mt('Add new <b>[_1]-based</b> access control for portfolio file: <b>[_2]</b>',$newitem,$env{'form.currentpath'}.$env{'form.selectfile'}).'<br /><br />');
+                $firstitem = $totalnew;
+                $lastitem = $totalnew + $env{'form.new'.$newitem};
+                $totalnew = $lastitem;
+                my @numbers;   
+                for (my $i=$firstitem; $i<$lastitem; $i++) {
+                    push (@numbers,$i);
+                }
+                &display_access_row($r,$status,$newitem,\@numbers,
+                                    $access_controls{$file_name},$now,$then);
+            }
+        }
+        &close_form($r,$url,$group);
+    } else {
+        my $group_arg;
+        if ($group) {
+            $group_arg = '&amp;group='.$group;
+        }
+        $r->print('<br /><a href="'.$url.'?access='.$env{'form.selectfile'}.
+                  '&amp;currentpath='.$env{'form.currentpath'}.$group_arg.'">'.
+                   &mt('Display all access settings for this file').'</a>'.
+                  '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'.
+                  '<a href="'.$url.'?currentpath='.$env{'form.currentpath'}.
+                  $group_arg.'">'.&mt('Return to directory listing').'</a>');
+    }
+    return;
+}
+
+sub build_access_record {
+    my ($num,$scope,$start,$end,$chg) = @_;
+    my $record = {
+	type => $scope,
+	time => {
+	    start => $start,
+	    end   => $end
+	    },
+	    };
+		
+    if ($scope eq 'guest') {	
+        $record->{'password'} = $env{'form.password'};
+    } elsif (($scope eq 'course') || ($scope eq 'group')) {
+        $record->{'domain'} = $env{'form.crsdom_'.$num};
+	$record->{'number'} = $env{'form.crsnum_'.$num};
+        my @role_ids;
+        my @delete_role_ids =
+            &Apache::loncommon::get_env_multiple('form.delete_role_'.$num);
+	my @preserves =
+	    &Apache::loncommon::get_env_multiple('form.preserve_role_'.$num);
+	if (@delete_role_ids) {
+	    foreach my $id (@preserves) {
+		if (grep {$_ = $id} (@delete_role_ids)) {
+		    next;
+		}
+		push(@role_ids,$id); 
+	    }
+	} else {
+	    push(@role_ids,@preserves);
+	}
+
+	my $next_id = $env{'form.add_role_'.$num};
+	if ($next_id) {
+	    push(@role_ids,$next_id);
+	}
+
+        foreach my $id (@role_ids) {
+            my (@roles,@accesses,@sections,@groups);
+            if (($id == $next_id) && ($chg eq 'update')) {
+                @roles    = split(/,/,$env{'form.role_'.$num.'_'.$next_id});
+                @accesses = split(/,/,$env{'form.access_'.$num.'_'.$next_id});
+                @sections = split(/,/,$env{'form.section_'.$num.'_'.$next_id});
+                @groups   = split(/,/,$env{'form.group_'.$num.'_'.$next_id});
+            } else {
+                @roles = &Apache::loncommon::get_env_multiple('form.role_'.$num.'_'.$id);
+                @accesses = &Apache::loncommon::get_env_multiple('form.access_'.$num.'_'.$id);
+                @sections = &Apache::loncommon::get_env_multiple('form.section_'.$num.'_'.$id);
+                @groups = &Apache::loncommon::get_env_multiple('form.group_'.$num.'_'.$id);
+            }
+	    $record->{'roles'}{$id}{'role'}    = \@roles;
+	    $record->{'roles'}{$id}{'access'}  = \@accesses;
+	    $record->{'roles'}{$id}{'section'} = \@sections;
+	    $record->{'roles'}{$id}{'group'}   = \@groups;
+        }
+    } elsif ($scope eq 'domains') {
+        my @doms = &Apache::loncommon::get_env_multiple('form.dom_'.$num);
+	$record->{'dom'} = \@doms;
+    } elsif ($scope eq 'users') {
+        my $userlist = $env{'form.users_'.$num};
+        $userlist =~ s/\s+//sg;
+	my %userhash = map { ($_,1) } (split(/,/,$userlist));
+        foreach my $user (keys(%userhash)) {
+            my ($uname,$udom) = split(/:/,$user);
+	    push(@{$record->{'users'}}, {
+		'uname' => $uname,
+		'udom'  => $udom
+		});
+	}
+    }
+    return $record;
+}
+
+sub get_dates_from_form {
+    my ($id) = @_;
+    my $startdate;
+    my $enddate;
+    $startdate = &Apache::lonhtmlcommon::get_date_from_form('startdate_'.$id);
+    $enddate   = &Apache::lonhtmlcommon::get_date_from_form('enddate_'.$id);
+    if ( exists ($env{'form.noend_'.$id}) ) {
+        $enddate = 0;
+    }
+    return ($startdate,$enddate);
+}
+
+sub sort_users {
+    my ($users) = @_; 
+    my @curr_users = map {
+	$_->{'uname'}.':'.$_->{'udom'}
+    } (@{$users});
+    my $curr_user_list = join(",\n",sort(@curr_users));
+    return $curr_user_list;
+}
+
+sub access_setting_table {
+    my ($r,$access_controls) = @_;
+    my ($public,$publictext);
+    $publictext = &mt('Off');
+    my ($guest,$guesttext);
+    $guesttext = &mt('Off');
+    my @courses = ();
+    my @groups = ();
+    my @domains = ();
+    my @users = ();
+    my $now = time;
+    my $then = $now + (60*60*24*180); # six months approx.
+    my ($num,$scope,$publicnum,$guestnum);
+    my (%acl_count,%end,%start);
+    foreach my $key (sort(keys(%{$access_controls}))) {
+        ($num,$scope,$end{$key},$start{$key}) = &unpack_acc_key($key);
+        if ($scope eq 'public') {
+            $public = $key;
+            $publicnum = $num;
+            $publictext = &acl_status($start{$key},$end{$key},$now);
+        } elsif ($scope eq 'guest') {
+            $guest=$key;
+            $guestnum = $num;  
+            $guesttext = &acl_status($start{$key},$end{$key},$now);
+        } elsif ($scope eq 'course') {
+            push(@courses,$key);
+        } elsif ($scope eq 'group') {
+            push(@groups,$key);
+        } elsif ($scope eq 'domains') {
+            push(@domains,$key);
+        } elsif ($scope eq 'users') {
+            push(@users,$key);
+        }
+        $acl_count{$scope} ++;
+    }
+    $r->print('<table border="0"><tr><td valign="top">');
+    $r->print('<h3>'.&mt('Public access:').' '.$publictext.'</h3>');
+    $r->print(&Apache::loncommon::start_data_table());
+    $r->print(&Apache::loncommon::start_data_table_header_row());
+    $r->print('<th>'.&mt('Action').'</th><th>'.&mt('Dates available').'</th>');
+    $r->print(&Apache::loncommon::end_data_table_header_row());
+    $r->print(&Apache::loncommon::start_data_table_row());
+    if ($public) {
+        $r->print('<td>'.&actionbox('old',$publicnum,'public').'</td><td>'.
+                  &dateboxes($publicnum,$start{$public},$end{$public}).'</td>');
+    } else {
+        $r->print('<td>'.&actionbox('new','0','public').'</td><td>'.
+                  &dateboxes('0',$now,$then).'</td>');
+    }
+    $r->print(&Apache::loncommon::end_data_table_row());
+    $r->print(&Apache::loncommon::end_data_table());
+    $r->print('</td><td width="40">&nbsp;</td><td valign="top">');
+    $r->print('<h3>'.&mt('Passphrase-protected access:').' '.$guesttext.'</h3>');
+    $r->print(&Apache::loncommon::start_data_table());
+    $r->print(&Apache::loncommon::start_data_table_header_row());
+    $r->print('<th>'.&mt('Action').'</th><th>'.&mt('Dates available').
+              '</th><th>'. &mt('Passphrase').'</th>');
+    $r->print(&Apache::loncommon::end_data_table_header_row());
+    $r->print(&Apache::loncommon::start_data_table_row());
+    my $passwd;
+    if ($guest) {
+        $passwd = $$access_controls{$guest}{'password'};
+        $r->print('<td>'.&actionbox('old',$guestnum,'guest').'</td><td>'.
+                  &dateboxes($guestnum,$start{$guest},$end{$guest}).'</td>');
+    } else {
+        $r->print('<td>'.&actionbox('new','1','guest').'</td><td>'.
+                  &dateboxes('1',$now,$then).'</td>');
+    }
+    $r->print('<td><input type="text" size="15" name="password" value="'.
+              $passwd.'" /></td>');
+    $r->print(&Apache::loncommon::end_data_table_row());
+    $r->print(&Apache::loncommon::end_data_table());
+    $r->print('</td></tr><tr><td colspan="3">&nbsp;</td></tr><tr><td valign="top">');
+    &access_element($r,'domains',\%acl_count,\@domains,$access_controls,$now,$then);
+    $r->print('</td><td>&nbsp;</td><td valign="top">');
+    &access_element($r,'users',\%acl_count,\@users,$access_controls,$now,$then);
+    $r->print('</td></tr><tr><td colspan="3"></td></tr><tr>');
+    if (@courses > 0 || @groups > 0) {
+        $r->print('<td colspan="3" valign="top">');
+    } else {
+        $r->print('<td valign="top">');
+    }
+    &access_element($r,'course',\%acl_count,\@courses,$access_controls,$now,$then);
+    $r->print('</td>');
+    if (@courses > 0 || @groups > 0) {
+        $r->print('</tr><tr><td colspan="3">&nbsp;</td></tr><tr><td colspan="3" valign="top">');
+    } else {
+        $r->print('<td>&nbsp;</td><td valign="top">');
+    }
+    &access_element($r,'group',\%acl_count,\@groups,$access_controls,$now,$then);
+    $r->print('</td></tr></table>');
+}
+
+sub acl_status {
+    my ($start,$end,$now) = @_;
+    if ($start > $now) {
+        return &mt('Inactive');
+    }
+    if ($end && $end<$now) {
+        return &mt('Inactive');
+    }
+    return &mt('Active');
+}
+
+sub access_element {
+    my ($r,$type,$acl_count,$items,$access_controls,$now,$then) = @_;
+    my $title = $type;
+    $title =~ s/s$//;
+    $title =~ s/^(\w)/uc($1)/e;
+    $r->print('<h3>'.&mt('[_1]-based conditional access: ',$title));
+    if ($$acl_count{$type}) {
+        $r->print($$acl_count{$type}.' ');
+        if ($$acl_count{$type} > 1) {
+            $r->print(&mt('conditions'));
+        } else {
+            $r->print(&mt('condition'));
+        }
+    } else {
+        $r->print(&mt('Off'));
+    }
+    $r->print('</h3>');
+    &display_access_row($r,'old',$type,$items,$access_controls,$now,$then);
+    return;
+}
+
+sub display_access_row {
+    my ($r,$status,$type,$items,$access_controls,$now,$then) = @_;
+    if (@{$items} > 0) {
+        my @all_doms;
+        my $colspan = 3;
+        my $uctype = $type;
+        $uctype =~ s/^(\w)/uc($1)/e;
+        $r->print(&Apache::loncommon::start_data_table());
+        $r->print(&Apache::loncommon::start_data_table_header_row());
+        $r->print('<th>'.&mt('Action?').'</th><th>'.&mt($uctype).'</th><th>'.
+              &mt('Dates available').'</th>');
+        if (($type eq 'course') || ($type eq 'group')) {
+            $r->print('<th>'.&mt('Allowed [_1] member affiliations',$type).
+                      '</th>');
+            $colspan ++;
+        } elsif ($type eq 'domains') {
+            @all_doms = &Apache::loncommon::get_domains();
+        }
+        $r->print(&Apache::loncommon::end_data_table_header_row());
+        foreach my $key (@{$items}) {
+	    $r->print(&Apache::loncommon::start_data_table_row());
+            if (($type eq 'course') || ($type eq 'group')) {
+                &course_row($r,$status,$type,$key,$access_controls,$now,$then);
+            } elsif ($type eq 'domains') {
+                &domains_row($r,$status,$key,\@all_doms,$access_controls,$now,
+                            $then);
+            } elsif ($type eq 'users') {
+                &users_row($r,$status,$key,$access_controls,$now,$then);
+            }
+	    $r->print(&Apache::loncommon::end_data_table_row());
+        }
+        if ($status eq 'old') {
+	    $r->print(&Apache::loncommon::start_data_table_row());
+            $r->print('<td colspan="',$colspan.'">'.&additional_item($type).
+                      '</td>');
+	    $r->print(&Apache::loncommon::end_data_table_row());
+        }
+        $r->print(&Apache::loncommon::end_data_table());
+    } else {
+        $r->print(&mt('No [_1]-based conditions defined.<br />',$type).
+                  &additional_item($type));
+    }
+    return;
+}
+
+sub course_js {
+    return qq|
+<script type="text/javascript">
+function setRoleOptions(caller,num,cdom,cnum,type) {
+    addIndexnum = getCallerIndex(caller);
+    updateIndexnum = getIndex('update',num);
+    if (caller.checked) {
+        document.portform.elements[updateIndexnum].checked = true;
+        var url = '/adm/portfolio?action=rolepicker&setroles='+addIndexnum+'&cnum='+cnum+'&cdom='+cdom+'&type='+type;
+        var title = 'Roles_Chooser';
+        var options = 'scrollbars=1,resizable=1,menubar=0';
+        options += ',width=700,height=600';
+        rolebrowser = open(url,title,options,'1');
+        rolebrowser.focus();
+    } else {
+        for (var j=0;j<5;j++) {
+            document.portform.elements[addIndexnum+j].value = '';
+        }
+    }
+}
+
+function getCallerIndex(caller) {
+    for (var i=0;i<document.portform.elements.length;i++) {
+        if (document.portform.elements[i] == caller) {
+            return i;
+        }
+    }
+    return -1;
+}
+
+function getIndex(name,value) {
+    for (var i=0;i<document.portform.elements.length;i++) {
+        if (document.portform.elements[i].name == name && document.portform.elements[i].value == value) {
+            return i;
+        }
+    }
+    return -1;
+}
+
+</script>
+|;
 }
+
+sub course_row {
+    my ($r,$status,$type,$item,$access_controls,$now,$then) = @_;
+    my $content;
+    my $defdom = $env{'user.domain'};
+    if ($status eq 'old') {
+        $content = $$access_controls{$item}; 
+        $defdom =  $content->{'domain'};
+    }
+    my $js = &Apache::loncommon::coursebrowser_javascript($defdom)
+	.&course_js();
+    my $crsgrptext = 'Groups';
+    if ($type eq 'group') {
+        $crsgrptext = 'Teams';
+    }
+    my $uctype = $type;
+    $uctype =~ s/^(\w)/uc($1)/e;
+    my ($num,$scope,$end,$start) = &set_identifiers($status,$item,$now,$then,
+                                                    $type);
+    $r->print('<td>'.$js.&actionbox($status,$num,$scope).'</td>');
+    if ($status eq 'old') {
+        my $cid = $content->{'domain'}.'_'.$content->{'number'};
+        my %course_description = &Apache::lonnet::coursedescription($cid);
+        $r->print('<td><input type="hidden" name="crsdom_'.$num.'" value="'.$content->{'domain'}.'" /><input type="hidden" name="crsnum_'.$num.'" value="'.$content->{'number'}.'" />'.$course_description{'description'}.'</td>');
+    } elsif ($status eq 'new') {
+        $r->print('<td>'.&Apache::loncommon::selectcourse_link('portform','crsnum_'.$num,'crsdom_'.$num,'description_'.$num,undef,undef,$uctype).'&nbsp;&nbsp;<input type="text" name="description_'.$num.'" size="30" /><input type="hidden" name="crsdom_'.$num.'" /><input type="hidden" name="crsnum_'.$num.'" /></td>');
+    }
+    $r->print('<td>'.&dateboxes($num,$start,$end).'</td>');
+    $r->print('<td><table><tr>');
+    $r->print('<th>'.&mt('Action').'</th><th>'.&mt('Roles').'</th><th>'.
+              &mt('Access').'</th><th>'.&mt('Sections').'</th><th>'.
+              &mt($crsgrptext).'</th></tr>');
+    if ($status eq 'old') {
+        my $max_id = 0;
+        foreach my $role_id (sort(keys(%{$content->{'roles'}}))) {
+            if ($role_id > $max_id) {
+                $max_id = $role_id;
+            }
+            $max_id ++;
+            my $role_selects = &role_selectors($num,$role_id,$status,$type,$content,'display');
+            $r->print('<tr><td><span style="white-space: nowrap"><label><input type="checkbox" name="delete_role_'.$num.'" value="'.$role_id.'" />'.&mt('Delete').'</label></span><br /><input type="hidden" name="preserve_role_'.$num.'" value="'.$role_id.'" /></td>'.$role_selects.'</tr>');
+        }
+        $r->print('</table><br />'.&mt('Add a roles-based condition').'&nbsp;<input type="checkbox" name ="add_role_'.$num.'" onClick="javascript:setRoleOptions(this,'."'$num','$content->{'domain'}','$content->{'number'}','$uctype'".')" value="'.$max_id.'" /><input type="hidden" name="role_'.$num.'_'.$max_id.'" /><input type="hidden" name="access_'.$num.'_'.$max_id.'" /><input type="hidden" name="section_'.$num.'_'.$max_id.'" /><input type="hidden" name="group_'.$num.'_'.$max_id.'" /></td>');
+    } elsif ($status eq 'new') {
+        my $role_id = 1;
+        my $role_selects = &role_selectors($num,$role_id,$status,$type,undef,'display');
+        $r->print('<tr><td><input type="checkbox" name="add_role_'.$num.'" value="'.$role_id.'" checked="checked" />'.&mt('Add').'<input type="hidden" name="grplist_'.$num.'_'.$role_id.'" /></td>'.$role_selects);
+        $r->print('</tr></table></td>');
+    }
+    return;
+}
+
+sub domains_row {
+    my ($r,$status,$item,$all_doms,$access_controls,$now,$then) = @_;
+    my ($num,$scope,$end,$start) = &set_identifiers($status,$item,$now,$then,
+                                                    'domains');
+    my $dom_select = '<select name="dom_'.$num.'" size="4" multiple="true">'.
+                     ' <option value="">'.&mt('Please select').'</option>';
+    if ($status eq 'old') {
+        my $content =  $$access_controls{$item};
+	foreach my $dom (@{$all_doms}) {
+            if ((@{$content->{'dom'}} > 0) 
+		&& (grep(/^\Q$dom\E$/,@{$content->{'dom'}}))) {
+                $dom_select .= '<option value="'.$dom.'" selected>'.
+                               $dom.'</option>';
+            } else {
+                $dom_select .= '<option value="'.$dom.'">'.$dom.'</option>';
+            }
+        }
+    } else {
+        foreach my $dom (@{$all_doms}) {
+            $dom_select .= '<option value="'.$dom.'">'.$dom.'</option>';
+        }
+    }
+    $dom_select .= '</select>';
+    $r->print('<td>'.&actionbox($status,$num,$scope).'</td><td>'.$dom_select.
+              '</td><td>'.&dateboxes($num,$start,$end).'</td>');
+}
+
+sub users_row {
+    my ($r,$status,$item,$access_controls,$now,$then) = @_;
+    my ($num,$scope,$end,$start) = &set_identifiers($status,$item,$now,$then,
+                                                    'users');
+    my $curr_user_list;
+    if ($status eq 'old') {
+        my $content = $$access_controls{$item};
+        $curr_user_list = &sort_users($content->{'users'});
+    }
+    $r->print('<td>'.&actionbox($status,$num,$scope).'</td><td>'.&mt("Format for users' username:domain information:").'<br /><tt>sparty:msu,illini:uiuc  ... etc.</tt><br /><textarea name="users_'.$num.'" cols="30"  rows="5">'.$curr_user_list.'</textarea></td><td>'.&dateboxes($num,$start,$end).'</td>');
+}
+
+sub additional_item {
+    my ($type) = @_;
+    my $output = &mt('Add new [_1] condition(s)?',$type).'&nbsp;'.&mt('Number to add: ').'<input type="text" name="new'.$type.'" size="3" value="0" />';
+    return $output;
+}
+
+sub actionbox {
+    my ($status,$num,$scope) = @_;
+    my $output = '<span style="white-space: nowrap"><label>';
+    if ($status eq 'new') {
+        $output .= '<input type="checkbox" name="activate" value="'.$num.'" />'.
+        &mt('Activate');
+    } else {
+        $output .= '<input type="checkbox" name="delete" value="'.$num.
+                   '" />'.&mt('Delete').'</label></span><br /><span style="white-space: nowrap">'.
+                   '<label><input type="checkbox" name="update" value="'.
+                   $num.'" />'.&mt('Update');
+    }
+    $output .= '</label></span><input type="hidden" name="scope_'.$num.                '" value="'.$scope.'" />';
+    return $output;
+}
+                                                                                   
+sub dateboxes {
+    my ($num,$start,$end) = @_;
+    my $noend;
+    if ($end == 0) {
+        $noend = 'checked="checked"';
+    }
+    my $startdate = &Apache::lonhtmlcommon::date_setter('portform',
+                           'startdate_'.$num,$start,undef,undef,undef,1,undef,
+                            undef,undef,1);
+    my $enddate = &Apache::lonhtmlcommon::date_setter('portform',
+                               'enddate_'.$num,$end,undef,undef,undef,1,undef,
+                                undef,undef,1). '&nbsp;&nbsp;<span style="white-space: nowrap"><label>'.
+                                '<input type="checkbox" name="noend_'.
+                                $num.'" '.$noend.' />'.&mt('No end date').
+                                '</label></span>';
+                                                                                   
+    my $output = &mt('Start: ').$startdate.'<br />'.&mt('End: ').$enddate;
+    return $output;
+}
+
+sub unpack_acc_key {
+    my ($acc_key) = @_;
+    my ($num,$scope,$end,$start) = ($acc_key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
+    return ($num,$scope,$end,$start);
+}
+
+sub set_identifiers {
+    my ($status,$item,$now,$then,$scope) = @_;
+    if ($status eq 'old') {
+        return(&unpack_acc_key($item));
+    } else {
+        return($item,$scope,$then,$now);
+    }
+} 
+
+sub role_selectors {
+    my ($num,$role_id,$status,$type,$content,$caller) = @_;
+    my ($output,$cdom,$cnum,$longid);
+    if ($caller eq 'display') {
+        $longid = '_'.$num.'_'.$role_id;
+        if ($status eq 'new') {
+            foreach my $item ('role','access','section','group') {
+                $output .= '<td><select name="'.$item.$longid.'">'.
+                           '<option value="">'.&mt('Pick [_1] first',$type).
+                           '</option></select></td>';
+            }
+            return $output;
+        } else {
+            $cdom = $$content{'domain'};
+            $cnum = $$content{'number'};
+        }
+    } elsif ($caller eq 'rolepicker') {
+         $cdom = $env{'form.cdom'};
+         $cnum = $env{'form.cnum'};
+    }
+    my $uctype = $type;
+    $uctype =~ s/^(\w)/uc($1)/e;
+    my ($sections,$groups,$allroles,$rolehash,$accesshash) =
+            &Apache::loncommon::get_secgrprole_info($cdom,$cnum,1,$uctype);
+    if (!@{$sections}) {
+        @{$sections} = ('none');
+    } else {
+        unshift(@{$sections},('all','none'));
+    }
+    if (!@{$groups}) {
+        @{$groups} = ('none');
+    } else {
+        unshift(@{$groups},('all','none'));
+    }
+    my @allacesses = sort(keys(%{$accesshash}));
+    my (%sectionhash,%grouphash);
+    foreach my $sec (@{$sections}) {
+        $sectionhash{$sec} = $sec;
+    }
+    foreach my $grp (@{$groups}) {
+        $grouphash{$grp} = $grp;
+    }
+    my %lookup = (
+                   'role' => $rolehash,
+                   'access' => $accesshash,
+                   'section' => \%sectionhash,
+                   'group' => \%grouphash,
+                 );
+    my @allaccesses = sort(keys(%{$accesshash}));
+    my %allitems = (
+                    'role' => $allroles,
+                    'access' => \@allaccesses,
+                    'section' => $sections,
+                    'group' => $groups, 
+                   );
+    foreach my $item ('role','access','section','group') {
+        $output .= '<td><select name="'.$item.$longid.'" multiple="true" size="4">'."\n";
+        foreach my $entry (@{$allitems{$item}}) {
+            if ($caller eq 'display') {
+                if ((@{$$content{'roles'}{$role_id}{$item}} > 0) && 
+                    (grep(/^\Q$entry\E$/,@{$$content{'roles'}{$role_id}{$item}}))) {
+                    $output .= '  <option value="'.$entry.'" selected>'.
+                                  $lookup{$item}{$entry}.'</option>';
+                    next;
+                }
+            }
+            $output .= '  <option value="'.$entry.'">'.
+                       $lookup{$item}{$entry}.'</option>';
+        }
+        $output .= '</select>';
+    }
+    $output .= '</td>';
+    return $output;
+}
+
+sub role_options_window {
+    my ($r) = @_;
+    my $cdom = $env{'form.cdom'};
+    my $cnum = $env{'form.cnum'};
+    my $type = $env{'form.type'};
+    my $addindex = $env{'form.setroles'};
+    my $grouptitle = 'Groups';
+    if ($type eq 'Group') {
+         $grouptitle = 'Teams';
+    } 
+    my $role_selects = &role_selectors(1,1,'new',$type,undef,'rolepicker');
+    $r->print(<<"END_SCRIPT");
+<script type="text/javascript">
+function setRoles() {
+    var addidx = $addindex+1;
+    for (var i=0; i<4; i++) {
+        var copylist = '';
+        for (var j=0; j<document.rolepicker.elements[i].length; j++) {
+            if (document.rolepicker.elements[i].options[j].selected) {
+                copylist = copylist + document.rolepicker.elements[i].options[j].value + ',';
+            }
+        }
+        copylist = copylist.substr(0,copylist.length-1);
+        opener.document.portform.elements[addidx+i].value = copylist;
+    }
+    self.close();
+}
+</script>
+END_SCRIPT
+    $r->print(&mt('Select roles, course status, section(s) and group(s) for users who will be able to access the portfolio file.'));
+    $r->print('<form name="rolepicker" action="/adm/portfolio" method="post"><table><tr><th>'.&mt('Roles').'</th><th>'.&mt('[_1] status',$type).'</th><th>'.&mt('Sections').'</th><th>'.&mt($grouptitle).'</th></tr><tr>'.$role_selects.'</tr></table><br /><input type="button" name="rolepickbutton" value="Save selections" onclick="setRoles()" />');
+    return;
+}
+
 sub select_files {
-    my ($r)=@_;
+    my ($r,$group) = @_;
     if ($env{'form.continue'} eq 'true') {
         # here we update the selections for the currentpath
         # eventually, have to handle removing those not checked, but . . . 
@@ -386,7 +1471,7 @@ sub select_files {
         $java_files.=',';
     }
     my $javascript =(<<ENDSMP);
-        <script language='javascript'>
+        <script type="text/javascript">
         function finishSelect() {
 ENDSMP
     $javascript .= 'fileList = "'.$java_files.'";';
@@ -396,11 +1481,7 @@ ENDSMP
                     fileList = fileList + document.forms.checkselect.currentpath.value + document.forms.checkselect[i].value + "," ;
                 }
             }
-            opener.document.forms.lonhomework.
-ENDSMP
-    $javascript .= $env{'form.fieldname'};
-    $javascript .= (<<ENDSMP);
-        .value=fileList;
+            opener.document.forms.lonhomework.$env{'form.fieldname'}.value=fileList;
             self.close();
         }
         </script>
@@ -417,94 +1498,114 @@ ENDSMP
     }
 }
 sub upload {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my $fname=$env{'form.uploaddoc.filename'};
     my $filesize = (length($env{'form.uploaddoc'})) / 1000; #express in k (1024?)
     my $disk_quota = 20000; # expressed in k
+    if (defined($group)) {
+        my $grp_quota = &get_group_quota($group); # quota expressed in k 
+        if ($grp_quota ne '') {
+            $disk_quota = $grp_quota;
+        } else {
+            $disk_quota = 0;
+        }
+    }
     $fname=&Apache::lonnet::clean_filename($fname);
-    my $portfolio_root = &Apache::loncommon::propath($env{'user.domain'},
-						 $env{'user.name'}).
-						'/userfiles/portfolio';
+
+    my $portfolio_root=&get_portfolio_root($group);
+    my ($uname,$udom) = &get_name_dom($group);
+    my $port_path = &get_port_path($group);
     # Fixme --- Move the checking for existing file to LOND error return
-    my @dir_list=&Apache::lonnet::dirlist($env{'form.currentpath'},
-					  $env{'user.domain'},
-					  $env{'user.name'},$portfolio_root);
+    my @dir_list=&get_dir_list($portfolio_root,$group);
     my $found_file = 0;
     my $locked_file = 0;
     foreach my $line (@dir_list) {
         my ($file_name)=split(/\&/,$line,2);
         if ($file_name eq $fname){
+            $file_name = $env{'form.currentpath'}.$file_name;
+            $file_name = &prepend_group($file_name,$group);
             $found_file = 1;
-            if (&Apache::lonnet::is_locked($env{'form.currentpath'}.$file_name,$env{'user.domain'},$env{'user.name'} ) eq 'true') {
+            if (defined($group)) {
+                $file_name = $group.'/'.$file_name;
+            }
+            if (&Apache::lonnet::is_locked($file_name,$udom,$uname) eq 'true') {
                 $locked_file = 1;
             } 
         }
     }
-    my $current_disk_usage = &Apache::lonnet::diskusage($env{'user.domain'}, $env{'user.name'},$portfolio_root);
+    my $current_disk_usage = &Apache::lonnet::diskusage($udom,$uname,$portfolio_root);
     if (($current_disk_usage + $filesize) > $disk_quota){
-        $r->print('<font color="red">Unable to upload <strong>'.$fname.' (size = '.$filesize.' kilobytes)</strong>. Disk quota will be exceeded.'.
+        $r->print('<span class="LC_error">Unable to upload <strong>'.$fname.' (size = '.$filesize.' kilobytes)</strong>. Disk quota will be exceeded.</span>'.
                   '<br />Disk quota is '.$disk_quota.' kilobytes. Your current disk usage is '.$current_disk_usage.' kilobytes.');
-        $r->print(&done('Back'));
+        $r->print(&done('Back',$url,$group));
     } 
     elsif ($found_file){
         if ($locked_file){
-            $r->print('<font color="red">Unable to upload <strong>'.$fname.'</strong>, a <strong>locked</strong> file by that name was found in <strong>portfolio'.$env{'form.currentpath'}.'</strong></font>'.
+            $r->print('<span class="LC_error">'.'Unable to upload <strong>'.$fname.'</strong>, a <strong>locked</strong> file by that name was found in <strong>'.$port_path.$env{'form.currentpath'}.'</strong></span>'.
                   '<br />You will be able to rename or delete existing '.$fname.' after a grade has been assigned.');
-            $r->print(&done('Back'));      
+            $r->print(&done('Back',$url,$group));      
         } else {   
-            $r->print('<font color="red">Unable to upload <strong>'.$fname.'</strong>, a file by that name was found in <strong>portfolio'.$env{'form.currentpath'}.'</strong></font>'.
-                  '<br />To upload, rename or delete existing '.$fname.' in portfolio'.$env{'form.currentpath'});
-            $r->print(&done('Back'));
+            $r->print('<span class="LC_error">'.'Unable to upload <strong>'.$fname.'</strong>, a file by that name was found in <strong>'.$port_path.$env{'form.currentpath'}.'</strong></span>'.
+                  '<br />To upload, rename or delete existing '.$fname.' in '.$port_path.$env{'form.currentpath'});
+            $r->print(&done('Back',$url,$group));
         }
     } else {
         my $result=&Apache::lonnet::userfileupload('uploaddoc','',
-	        	 'portfolio'.$env{'form.currentpath'});
+	        	 $port_path.$env{'form.currentpath'});
         if ($result !~ m|^/uploaded/|) {
-            $r->print('<font color="red"> An errror occured ('.$result.
-	              ') while trying to upload '.&display_file().'</font><br />');
-	    $r->print(&done('Back'));
+            $r->print('<span class="LC_error">'.'An errror occured ('.$result.
+	              ') while trying to upload '.&display_file().'</span><br />');
+	    $r->print(&done('Back',$url,$group));
         } else {
-            $r->print(&done());
+            $r->print(&done(undef,$url,$group));
         }
     }
 }
+
 sub lock_info {
-    my ($r) = @_;
-    my %current_permissions = &Apache::lonnet::dump('file_permissions',$env{'user.domain'},$env{'user.name'});
+    my ($r,$url,$group) = @_;
+    my ($uname,$udom) = &get_name_dom($group);
+    my $current_permissions = &Apache::lonnet::get_portfile_permissions($udom,
+                                                                       $uname);
     my $file_name = $env{'form.lockinfo'};
-    foreach my $key(keys(%current_permissions)) {
-        if ($file_name eq $key) {
-            foreach my $array_item (@{$current_permissions{$key}}) {
-                if (ref($array_item)) {
-                    $r->print('<strong>'.$key.'</strong> was submitted in response to problem: <strong>'.
-                            &Apache::lonnet::gettitle($$array_item[0]).'</strong><br />');
-                    my %course_description = &Apache::lonnet::coursedescription($$array_item[1]);
-                    $r->print('In the course: <strong>'.$course_description{'description'}.'</strong><br />');
-                    # $r->print('the third is '.$$array_item[2].'<br>');
-                    # $r->print("item is $$array_item[0]<br> and $$array_item[0]");
-                }
+    $file_name = &prepend_group($file_name,$group);
+    if (defined($file_name) && defined($$current_permissions{$file_name})) {
+        foreach my $array_item (@{$$current_permissions{$file_name}}) {
+            if (ref($array_item) eq 'ARRAY') {
+                my $filetext;
+                if (defined($group)) {
+                    $filetext = '<strong>'.$env{'form.lockinfo'}.
+                                    '</strong> (group: '.$group.')'; 
+                } else {
+                    $filetext = '<strong>'.$file_name.'</strong>';
+                } 
+                $r->print(&mt('[_1] was submitted in response to problem: ',
+                              $filetext).
+                          '<strong>'.&Apache::lonnet::gettitle($$array_item[0]).
+                          '</strong><br />');
+                my %course_description = &Apache::lonnet::coursedescription($$array_item[1]);
+                $r->print(&mt('In the course: <strong>[_1]</strong><br />',
+                              $course_description{'description'}));
+                # $r->print('the third is '.$$array_item[2].'<br>');
+                # $r->print("item is $$array_item[0]<br> and $$array_item[0]");
             }
-        }    
+        }
     }
-    $r->print(&done('Back'));
+    $r->print(&done('Back',$url,$group));
     return 'ok';
 }
 sub createdir {
-    my ($r)=@_;
+    my ($r,$url,$group)=@_;
     my $newdir=&Apache::lonnet::clean_filename($env{'form.newdir'});
     if ($newdir eq '') {
-    	$r->print('<font color="red">'.
+    	$r->print('<span class="LC_error">'.
 	    	  &mt("Error: no directory name was provided.").
-		      '</font><br />');
-	    $r->print(&done());
+		      '</span><br />');
+	    $r->print(&done(undef,$url,$group));
 	    return;
-    } 
-    my $portfolio_root = &Apache::loncommon::propath($env{'user.domain'},
-						 $env{'user.name'}).
-						'/userfiles/portfolio';
-    my @dir_list=&Apache::lonnet::dirlist($env{'form.currentpath'},
-					  $env{'user.domain'},
-					  $env{'user.name'},$portfolio_root);
+    }
+    my $portfolio_root = &get_portfolio_root($group); 
+    my @dir_list=&get_dir_list($portfolio_root,$group);
     my $found_file = 0;
     foreach my $line (@dir_list) {
         my ($filename)=split(/\&/,$line,2);
@@ -513,94 +1614,347 @@ sub createdir {
         }
     }
     if ($found_file){
-    	    $r->print('<font color="red"> Unable to create a directory named <strong>'.$newdir.
-    	            ' </strong>a file or directory by that name already exists.</font><br />');
+    	    $r->print('<span class="LC_error">'.'Unable to create a directory named <strong>'.$newdir.
+    	            ' </strong>a file or directory by that name already exists.</span><br />');
     } else {
-        my $result=&Apache::lonnet::mkdiruserfile($env{'user.name'},
-	         $env{'user.domain'},'portfolio'.$env{'form.currentpath'}.$newdir);
+        my ($uname,$udom) = &get_name_dom($group);
+        my $port_path = &get_port_path($group);
+        my $result=&Apache::lonnet::mkdiruserfile($uname,$udom,
+	         $port_path.$env{'form.currentpath'}.$newdir);
         if ($result ne 'ok') {
-    	    $r->print('<font color="red"> An errror occured ('.$result.
-	    	      ') while trying to create a new directory '.&display_file().'</font><br />');
+    	    $r->print('<span class="LC_error">'.'An errror occured ('.$result.
+	    	      ') while trying to create a new directory '.&display_file().'</span><br />');
         }
     }
     if ($newdir ne $env{'form.newdir'}) {
         $r->print("The new directory name was changed from:<br /><strong>".$env{'form.newdir'}."</strong> to <strong>$newdir </strong>");  
     }
-    $r->print(&done());
+    $r->print(&done(undef,$url,$group));
 }
 
+sub get_portfolio_root {
+    my ($group) = @_;
+    my ($portfolio_root,$udom,$uname,$path);
+    ($uname,$udom) = &get_name_dom($group);
+    if (defined($group)) {
+        $path = '/userfiles/groups/'.$group.'/portfolio';
+    } else {
+        $path = '/userfiles/portfolio';
+    }
+    return (&Apache::loncommon::propath($udom,$uname).$path);
+}
+
+sub get_group_quota {
+    my ($group) = @_;
+    my $group_quota; 
+    my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+    my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+    my %curr_groups = &Apache::longroup::coursegroups($cdom,$cnum,$group);
+    if (%curr_groups) {
+        my %group_info =  &Apache::longroup::get_group_settings(
+                                                    $curr_groups{$group});
+        $group_quota = $group_info{'quota'}; #expressed in Mb
+        if ($group_quota) {
+            $group_quota = 1000 * $group_quota; #expressed in k
+        } 
+    }
+    return $group_quota;
+} 
+
+sub get_dir_list {
+    my ($portfolio_root,$group) = @_;
+    my ($uname,$udom) = &get_name_dom($group);
+    return &Apache::lonnet::dirlist($env{'form.currentpath'},
+                                          $udom,$uname,$portfolio_root);
+}
+
+sub get_name_dom {
+    my ($group) = @_;
+    my ($uname,$udom);
+    if (defined($group)) {
+        $udom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+        $uname = $env{'course.'.$env{'request.course.id'}.'.num'};
+    } else {
+        $udom = $env{'user.domain'};
+        $uname = $env{'user.name'};
+    }
+    return ($uname,$udom);
+}
+
+sub prepend_group {
+    my ($filename,$group) = @_;
+    if (defined($group)) {
+        $filename = $group.$filename;
+    }
+    return $filename;
+}
+
+sub get_namespace {
+    my ($group) = @_;
+    my $namespace = 'portfolio';
+    if (defined($group)) {
+        my ($uname,$udom) = &get_name_dom($group);
+        $namespace .= '_'.$udom.'_'.$uname.'_'.$group;
+    }
+    return $namespace;
+}
+
+sub get_port_path {
+    my ($group) = @_;
+    my $port_path;
+    if (defined($group)) {
+       $port_path = "groups/$group/portfolio";
+    } else {
+       $port_path = 'portfolio';
+    }
+    return $port_path;
+}
+
+sub missing_priv {
+    my ($r,$url,$priv,$group) = @_;
+    my $longtext = {
+                      upload => 'upload files',
+                      delete => 'delete files',
+                      rename => 'rename files',
+                      setacl => 'set access controls for files',
+                   };
+    my $escpath = &HTML::Entities::encode($env{'form.currentpath'},'&<>"');
+    my $rtnlink = '<a href="'.$url;
+    if ($url =~ /\?/) {
+        $rtnlink .= '&';
+    } else {
+        $rtnlink .= '?';
+    }
+    $rtnlink .= 'currentpath='.$escpath;
+    $r->print(&mt('<h3>Action disallowed</h3>'));
+    $r->print(&mt('You do not have sufficient privileges to [_1] ',
+                  $longtext->{$priv}));
+    if ($group) {
+        $r->print(&mt("in the group's file repository."));
+        $rtnlink .= '&group='.$group;
+    } else {
+        $r->print(&mt('in this portfolio.'));
+    }
+    $rtnlink .= '">'.&mt('Return to directory listing page').'</a>';
+    $r->print('<br />'.$rtnlink);
+    $r->print(&Apache::loncommon::end_page());
+    return;
+}
+
+sub coursegrp_portfolio_header {
+    my ($cdom,$cnum,$group,$grp_desc)=@_;
+    my $gpterm  = &Apache::loncommon::group_term();
+    my $ucgpterm = $gpterm;
+    $ucgpterm =~ s/^(\w)/uc($1)/e;
+    &Apache::lonhtmlcommon::add_breadcrumb
+        ({href=>"/adm/$cdom/$cnum/$group/smppg",
+          text=>"$ucgpterm: $grp_desc",
+          title=>"Go to group's home page"},
+         {href=>"//?group=$group",
+          text=>"Group Portfolio",
+          title=>"Display group portfolio"},);
+    my $output = &Apache::lonhtmlcommon::breadcrumbs(
+                         &mt('[_1] portfolio files - [_2]',$gpterm,$grp_desc));
+    return $output;
+}
+
+
 sub handler {
     # this handles file management
     my $r = shift;
-    my $portfolio_root = &Apache::loncommon::propath($env{'user.domain'},
-							 $env{'user.name'}).
-							'/userfiles/portfolio';
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
-                                            ['selectfile','currentpath','meta','lockinfo',
-					     'currentfile','action','fieldname','mode','rename','continue']);
+         ['selectfile','currentpath','meta','lockinfo','currentfile','action',
+	  'fieldname','mode','rename','continue','group','access','setnum',
+          'cnum','cdom','type','setroles','showversions']);
+    my ($uname,$udom,$portfolio_root,$url,$group,$caller,$title,$grp_desc);
+    if ($r->uri =~ m|^(/adm/)([^/]+)|) {
+        $url = $1.$2;
+        $caller = $2;
+    }
+    my ($can_modify,$can_delete,$can_upload,$can_setacl);
+    if ($caller eq 'coursegrp_portfolio') {
+    #  Needs to be in a course
+        if (! ($env{'request.course.fn'})) {
+        # Not in a course
+            $env{'user.error.msg'}=
+     "/adm/coursegrp_portfolio:rgf:0:0:Cannot view group portfolio";
+            return HTTP_NOT_ACCEPTABLE;
+        }
+        my $earlyout = 0;
+        my $view_permission = &Apache::lonnet::allowed('vcg',
+                                                $env{'request.course.id'});
+        $group = $env{'form.group'};
+        $group =~ s/\W//g;
+        if ($group) {
+            ($uname,$udom) = &get_name_dom($group);
+            my %curr_groups = &Apache::longroup::coursegroups($udom,$uname,
+							       $group); 
+            if (%curr_groups) {
+                my %grp_content = &Apache::longroup::get_group_settings(
+                                                         $curr_groups{$group});
+                $grp_desc = &unescape($grp_content{'description'});
+                if (($view_permission) || (&Apache::lonnet::allowed('rgf',
+                                      $env{'request.course.id'}.'/'.$group))) {
+                    $portfolio_root = &get_portfolio_root($group);
+                } else {
+                    $r->print('You do not have the privileges required to access the shared files space for this group.');
+                    $earlyout = 1;
+                }
+            } else {
+                $r->print('Not a valid group for this course');
+                $earlyout = 1;
+            }
+            $title = &mt('Group files').' for '.$group; 
+        } else {
+            $r->print('Invalid group');
+            $earlyout = 1;
+        }
+        if ($earlyout) { return OK; }
+        if (&Apache::lonnet::allowed('mdg',$env{'request.course.id'})) {
+            $can_modify = 1;
+            $can_delete = 1;
+            $can_upload = 1;
+            $can_setacl = 1;
+        } else {
+            if (&Apache::lonnet::allowed('agf',$env{'request.course.id'}.'/'.$group)) {
+                $can_setacl = 1;
+            }
+            if (&Apache::lonnet::allowed('ugf',$env{'request.course.id'}.'/'.$group)) {
+                $can_upload = 1;
+            }
+            if (&Apache::lonnet::allowed('mgf',$env{'request.course.id'}.'/'.$group)) {
+                $can_modify = 1;
+            }
+            if (&Apache::lonnet::allowed('dgf',$env{'request.course.id'}.'/'.$group)) {
+                $can_delete = 1;
+            }
+        }
+    } else {
+        ($uname,$udom) = &get_name_dom();
+        $portfolio_root = &get_portfolio_root();
+        $title = &mt('Portfolio Manager');
+        $can_modify = 1;
+        $can_delete = 1;
+        $can_upload = 1;
+        $can_setacl = 1;
+    }
+
+    my $port_path = &get_port_path($group);
     &Apache::loncommon::no_cache($r);
     &Apache::loncommon::content_type($r,'text/html');
     $r->send_http_header;
     # Give the LON-CAPA page header
-    my $html=&Apache::lonxml::xmlbegin();
-    $r->print($html.'<head><title>'.
-              &mt('Portfolio Manager').
-              "</title></head>\n");
     if ($env{"form.mode"} eq 'selectfile'){
-        $r->print(&Apache::loncommon::bodytag('Portfolio Manager',undef,undef,1));
+        $r->print(&Apache::loncommon::start_page($title,undef,
+						 {'only_body' => 1}));
+    } elsif ($env{'form.action'} eq 'rolepicker') {
+        $r->print(&Apache::loncommon::start_page('New role-based condition',undef,
+                                                 {'no_nav_bar'  => 1, }));
     } else {
-        $r->print(&Apache::loncommon::bodytag('Portfolio Manager'));
+        $r->print(&Apache::loncommon::start_page($title));
     }
     $r->rflush();
 	if (($env{'form.storeupl'}) & (!$env{'form.uploaddoc.filename'})){
-   	    $r->print('<font color="red"> No file was selected to upload.'.
-   	            'To upload a file, click <strong>Browse...</strong>'.
-   	            ', select a file, then click <strong>Upload</strong>,</font>');
+   	    $r->print('<span class="LC_error">'.
+		      'No file was selected to upload.'.
+		      'To upload a file, click <strong>Browse...</strong>'.
+		      ', select a file, then click <strong>Upload</strong>.'.
+		      '</span>');
 	}
     if ($env{'form.meta'}) {
-        &open_form($r);
+        &open_form($r,$url);
 #        $r->print(&edit_meta_data($r, $env{'form.currentpath'}.$env{'form.selectfile'}));
         $r->print('Edit the meta data<br />');
-        &close_form($r);
+        &close_form($r,$url,$group);
     }
     if ($env{'form.store'}) {
     }
 
     if ($env{'form.uploaddoc.filename'}) {
-	&upload($r);
+        if ($can_upload) {
+	    &upload($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'upload',$group),
+        }
     } elsif ($env{'form.action'} eq 'delete' && $env{'form.confirmed'}) {
-	&delete_confirmed($r);
+        if ($can_delete) {
+	    &delete_confirmed($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'delete',$group);
+        }
     } elsif ($env{'form.action'} eq 'delete') {
-	&delete($r);
+        if ($can_delete) {
+	    &delete($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'delete',$group);
+        }
     } elsif ($env{'form.action'} eq 'deletedir' && $env{'form.confirmed'}) {
-	&delete_dir_confirmed($r);
-    } elsif ($env{'form.action'} eq 'deletedir'){
-	&delete_dir($r);
+        if ($can_delete) {
+	    &delete_dir_confirmed($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'delete',$group);
+        }
+    } elsif ($env{'form.action'} eq 'deletedir') {
+        if ($can_delete) {
+	    &delete_dir($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'delete',$group);
+        }
     } elsif ($env{'form.action'} eq 'rename' && $env{'form.confirmed'}) {
-	&rename_confirmed($r);
+        if ($can_modify) {
+	    &rename_confirmed($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'rename',$group);
+        }
     } elsif ($env{'form.rename'}) {
         $env{'form.selectfile'} = $env{'form.rename'};
         $env{'form.action'} = 'rename';
-	&rename($r);
+        if ($can_modify) {
+	    &rename($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'rename',$group);
+        }
+    } elsif ($env{'form.access'}) {
+        $env{'form.selectfile'} = $env{'form.access'};
+        $env{'form.action'} = 'chgaccess';
+        &display_access($r,$url,$group,$can_setacl,$port_path);
+    } elsif ($env{'form.action'} eq 'chgaccess') {
+        if ($can_setacl) {
+            &update_access($r,$url,$group,$port_path);
+        } else {
+            &missing_priv($r,$url,'setacl',$group);
+        }
+    } elsif ($env{'form.action'} eq 'rolepicker') {
+        if ($can_setacl) { 
+            &role_options_window($r);
+        } else {
+            &missing_priv($r,$url,'setacl',$group);
+        }
     } elsif ($env{'form.createdir'}) {
-	&createdir($r);
+        if ($can_upload) {
+	    &createdir($r,$url,$group);
+        } else {
+            &missing_priv($r,$url,'upload',$group);
+        }
     } elsif ($env{'form.lockinfo'}) {
-        &lock_info($r);
+        &lock_info($r,$url,$group);
     } else {
 	my $current_path='/';
 	if ($env{'form.currentpath'}) {
 	    $current_path = $env{'form.currentpath'};
 	}
-	my @dir_list=&Apache::lonnet::dirlist($current_path,
-					    $env{'user.domain'},
-					    $env{'user.name'},$portfolio_root);
+        if ($caller eq 'coursegrp_portfolio') {
+            &Apache::lonhtmlcommon::clear_breadcrumbs();
+            $r->print(&coursegrp_portfolio_header($udom,$uname,$group,$grp_desc));
+        }
+        my @dir_list=&get_dir_list($portfolio_root,$group);
 	if ($dir_list[0] eq 'no_such_dir'){
 	    # two main reasons for this:
             #    1) never been here, so directory structure not created
 	    #    2) back-button navigation after deleting a directory
 	    if ($current_path eq '/'){
-	        &Apache::lonnet::mkdiruserfile($env{'user.name'},
-					       $env{'user.domain'},'portfolio');
+	        &Apache::lonnet::mkdiruserfile($uname,$udom,
+					       &get_port_path($group));
 	    } else {
                 # some directory that snuck in get rid of the directory
                 # from the recent pulldown, just in case
@@ -610,16 +1964,18 @@ sub handler {
 	    }
 	    # now grab the directory list again, for the first time
 	    @dir_list=&Apache::lonnet::dirlist($current_path,
-					    $env{'user.domain'},
-					    $env{'user.name'},$portfolio_root);
+					    $udom,$uname,$portfolio_root);
         }
 	# need to know if directory is empty so it can be removed if desired
 	my $is_empty=(@dir_list == 2);
-	&display_common($r,$current_path,$is_empty,\@dir_list);
-        &display_directory($r,$current_path,$is_empty,\@dir_list);
-	$r->print("</body>\n</html>\n");
+	&display_common($r,$url,$current_path,$is_empty,\@dir_list,$group,
+                        $can_upload);
+        &display_directory($r,$url,$current_path,$is_empty,\@dir_list,$group,
+                           $can_upload,$can_modify,$can_delete,$can_setacl);
+	$r->print(&Apache::loncommon::end_page());
     }
     return OK;
 }
+
 1;
 __END__
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>