--- loncom/interface/portfolio.pm	2006/08/24 17:38:21	1.161
+++ loncom/interface/portfolio.pm	2006/11/22 03:56:36	1.174
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # portfolio browser
 #
-# $Id: portfolio.pm,v 1.161 2006/08/24 17:38:21 banghart Exp $
+# $Id: portfolio.pm,v 1.174 2006/11/22 03:56:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -95,6 +95,12 @@ sub display_common {
 					 'createdir_label' => 
 					 'Create subdirectory in current directory:');
         my $escuri = &HTML::Entities::encode($r->uri,'&<>"');
+	my $help_fileupload = &Apache::loncommon::help_open_topic('Portfolio AddFiles');
+	my $help_createdir = &Apache::loncommon::help_open_topic('Portfolio CreateDirectory');
+		
+	# FIXME: This line should be deleted once Portfolio uses breadcrumbs
+	$r->print(&Apache::loncommon::help_open_topic('Portfolio About', 'Help on the portfolio'));
+
         $r->print(<<"TABLE"); 
 <table id="LC_portfolio_actions">
   <tr id="LC_portfolio_upload">
@@ -109,7 +115,7 @@ sub display_common {
 	<input type="hidden" name="action" value="$env{"form.action"}" />
 	<input type="hidden" name="fieldname" value="$env{"form.fieldname"}" />
 	<input type="hidden" name="mode" value="$env{"form.mode"}" />
-	<input type="submit" name="storeupl" value="$text{'upload'}" />
+	<input type="submit" name="storeupl" value="$text{'upload'}" />$help_fileupload
       </form>
     </td>
   </tr>
@@ -124,7 +130,7 @@ sub display_common {
         <input type="hidden" name="action" value="$env{"form.action"}" />
         <input type="hidden" name="fieldname" value="$env{"form.fieldname"}" />
         <input type="hidden" name="mode" value="$env{"form.mode"}" />
-        <input type="submit" name="createdir" value="$text{'createdir'}" />
+        <input type="submit" name="createdir" value="$text{'createdir'}" />$help_createdir
       </form>
     </td>
   </tr>
@@ -155,6 +161,7 @@ TABLE
         }
     }
     $r->print('</span>');
+    $r->print(&Apache::loncommon::help_open_topic('Portfolio ChangeDirectory'));
     &Apache::lonhtmlcommon::store_recent($namespace,$current_path,$current_path);
     $r->print('<br /><form method="post" action="'.$url.'?mode='.$env{"form.mode"}.'&amp;fieldname='.$env{"form.fieldname"}.&group_args());
     $r->print('">'.
@@ -236,7 +243,7 @@ sub display_directory {
                                                   $current_permissions,$group);
     my %access_controls = &Apache::lonnet::get_access_controls($current_permissions,$group);
     my $now = time;
-    if ($env{"form.mode"} eq 'selectfile'){
+    if ($env{"form.mode"} eq 'selectfile') {
 	&select_files($r);
 	$checked_files =&Apache::lonnet::files_in_path($uname,$env{'form.currentpath'});
 	$select_mode = 'true';
@@ -259,8 +266,16 @@ sub display_directory {
             '<tr><th>Select</th><th>&nbsp;</th><th>&nbsp;</th><th>Name</th><th>Size</th><th>Last Modified</th></tr>');
     } else {
         $r->print('<form method="post" action="'.$url.'">');
+	$r->print(&Apache::loncommon::help_open_topic('Portfolio FileList',
+						      'Using the portfolio file list'));
         $r->print('<table id="LC_browser">'.
-            '<tr><th colspan="2">Actions</th><th>&nbsp;</th><th>&nbsp;</th><th>Name</th><th>Size</th><th>Last Modified</th><th>Current Access Status</th></tr>');
+		  '<tr><th colspan="2">Actions'.
+		  &Apache::loncommon::help_open_topic('Portfolio FileAction').
+		  '</th><th>&nbsp;</th><th>&nbsp;</th><th>Name'.
+		  &Apache::loncommon::help_open_topic('Portfolio OpenFile').
+		  '</th><th>Size</th><th>Last Modified</th><th>Current Access Status'.
+		  &Apache::loncommon::help_open_topic('Portfolio ShareFile').
+		  '</th></tr>');
     }
     $r->print("\n".&group_form_data()."\n");
 
@@ -294,7 +309,7 @@ sub display_directory {
     	    my $version_flag;
     	    my $show_versions;
 	    my $fullpath =  &prepend_group($current_path.$filename);
-    	    if ($env{'form.showversions'} eq $filename) {
+    	    if ($env{'form.showversions'} =~ /$filename/) {
     	        $show_versions = 'true';
     	    }
     	    if (exists($versioned{$fullpath})) {
@@ -304,10 +319,15 @@ sub display_directory {
     	            'currentpath' => $current_path,
     	        );
     	        if ($show_versions) {
+    	            # Must preserve other possible showversion files
+    	            my $version_remainder = $env{'form.showversions'};
+    	            $version_remainder =~ s/$filename//g;    	            
+    	            $anchor_fields{'showversions'} = $version_remainder;
                     $version_flag = &make_anchor('portfolio',\%anchor_fields,
                         '<img class="LC_icon" alt="'.&mt('opened folder').'" src="'.$iconpath.'folder_pointer_opened.gif" />');
     	        } else {
-    	            $anchor_fields{'showversions'} = $filename;
+    	            # allow multiple files to show versioned
+    	            $anchor_fields{'showversions'} = $env{'form.showversions'}.','.$filename;
                     $version_flag = &make_anchor('portfolio',\%anchor_fields,
                         '<img class="LC_icon" alt="'.&mt('closed folder').'" src="'.$iconpath.'folder_pointer_closed.gif" />');
                 }
@@ -431,7 +451,8 @@ sub display_directory {
         $r->print('</table>');
         if ($can_delete) {
             $r->print('
-        <input type="submit" name="doit" value="Delete Checked Files" />
+        <input type="submit" name="doit" value="Delete Checked Files" />'.
+	&Apache::loncommon::help_open_topic('Portfolio DeleteFile').'
         <input type="hidden" name="action" value="delete" />
         <input type="hidden" name="currentpath" value="'.$current_path.'" />
         </form>'
@@ -518,7 +539,7 @@ sub delete {
     my @files=&Apache::loncommon::get_env_multiple('form.selectfile');
     my ($uname,$udom) = &get_name_dom();
     if (&Apache::lonnet::is_locked($file_name,$udom,$uname) eq 'true') {
-        $r->print ("The file is locked and cannot be deleted.<br />");
+        $r->print("The file is locked and cannot be deleted.<br />");
         $r->print(&done('Back',$url));
     } else {
         if (scalar(@files)) {
@@ -533,18 +554,55 @@ sub delete {
 } 
 
 sub delete_confirmed {
-    my ($r,$url)=@_;
+    my ($r,$url,$group)=@_;
     my @files=&Apache::loncommon::get_env_multiple('form.selectfile');
     my $result;
     my ($uname,$udom) = &get_name_dom();
     my $port_path = &get_port_path();
+    my $current_permissions = &Apache::lonnet::get_portfile_permissions($udom,
+                                                                        $uname);
     foreach my $delete_file (@files) {
         $result=&Apache::lonnet::removeuserfile($uname,$udom,$port_path.
 					       $env{'form.currentpath'}.
 					       $delete_file);
         if ($result ne 'ok') {
-	$r->print('<span class="LC_error"> An error occured ('.$result.
-		  ') while trying to delete '.&display_file(undef, $delete_file).'</span><br />');
+	    $r->print('<span class="LC_error">'.
+                     &mt('An error occured ([_1]) while trying to delete 
+                         [_2].',$result,&display_file(undef, $delete_file)).
+                      '</span><br /><br />');
+        } else {
+            $r->print(&mt('File: [_1] deleted.',
+                          &display_file(undef,$delete_file)));
+            my $file_name = $env{'form.currentpath'}.$delete_file;
+            $file_name = &prepend_group($file_name);
+            my %access_controls = 
+                    &Apache::lonnet::get_access_controls($current_permissions,
+                                                         $group,$file_name);
+            if (keys(%access_controls) > 0) {
+                my %changes; 
+                foreach my $key (keys(%{$access_controls{$file_name}})) {
+                    $changes{'delete'}{$key} = 1;
+                }
+                if (keys(%changes) > 0) {
+                    my ($outcome,$deloutcome,$new_values,$translation) =
+                    &Apache::lonnet::modify_access_controls($file_name,\%changes,
+                                                            $udom,$uname);
+                    if ($outcome ne 'ok') {
+                           $r->print('<br />'.&mt("An error occured ([_1]) while ".
+                               "trying to delete access controls for the file.",$outcome).
+                               '</span><br /><br />');
+                    } else {
+                        if ($deloutcome eq 'ok') {
+                            $r->print('<br />'.&mt('Access controls also deleted for the file.').'<br /><br />');
+                        } else {
+                            $r->print('<span class="LC_error">'.'<br />'.
+                               &mt("An error occured ([_1]) while ".
+                                   "trying to delete access controls for the file.",$deloutcome).
+                                   '</span><br /><br />');
+                        }
+                    }
+                }
+            }
         }
     }
     $r->print(&done(undef,$url));
@@ -592,7 +650,7 @@ sub rename {
     my ($uname,$udom) = &get_name_dom();
     $file_name = &prepend_group($file_name);
     if (&Apache::lonnet::is_locked($file_name,$udom,$uname) eq 'true') {
-        $r->print ("The file is locked and cannot be renamed.<br />");
+        $r->print("The file is locked and cannot be renamed.<br />");
         $r->print(&done(undef,$url));
     } else {
         &open_form($r,$url);
@@ -603,7 +661,7 @@ sub rename {
 }
 
 sub rename_confirmed {
-    my ($r,$url)=@_;
+    my ($r,$url,$group)=@_;
     my $filenewname=&Apache::lonnet::clean_filename($env{'form.filenewname'});
     my ($uname,$udom) = &get_name_dom();
     my $port_path = &get_port_path();
@@ -614,26 +672,81 @@ sub rename_confirmed {
 	$r->print(&done(undef,$url));
 	return;
     } 
+    my $chg_access;
     my $result=
 	&Apache::lonnet::renameuserfile($uname,$udom,
             $port_path.$env{'form.currentpath'}.$env{'form.selectfile'},
             $port_path.$env{'form.currentpath'}.$filenewname);
-    if ($result ne 'ok') {
+    if ($result eq 'ok') {
+        $chg_access = &access_for_renamed($filenewname,$group,$udom,$uname);
+    } else {      
 	$r->print('<span class="LC_error">'.
-		  &mt('An errror occured ([_1]) while trying to rename [_2]'
+		  &mt('An error occured ([_1]) while trying to rename [_2]'
 		      .' to [_3]',$result,&display_file(),
 		      &display_file('',$filenewname)).'</span><br />');
+        return;
     }
     if ($filenewname ne $env{'form.filenewname'}) {
         $r->print(&mt("The new file name was changed from:<br />[_1] to [_2]",
 		      '<strong>'.&display_file('',$env{'form.filenewname'}).'</strong>',
 		      '<strong>'.&display_file('',$filenewname).'</strong>'));
     }
+    $r->print($chg_access);
     $r->print(&done(undef,$url));
 }
 
+sub access_for_renamed {
+    my ($filenewname,$group,$udom,$uname) = @_;
+    my $oldfile = $env{'form.currentpath'}.$env{'form.selectfile'};
+    $oldfile = &prepend_group($oldfile);
+    my $newfile = $env{'form.currentpath'}.$filenewname;
+    $newfile = &prepend_group($newfile);
+    my $current_permissions =
+	&Apache::lonnet::get_portfile_permissions($udom,$uname);
+    my %access_controls =
+	&Apache::lonnet::get_access_controls($current_permissions,
+					     $group,$oldfile);
+    my $chg_text;
+    if (keys(%access_controls) > 0) {
+        my %change_old;
+        my %change_new;
+        foreach my $key (keys(%{$access_controls{$oldfile}})) {
+            $change_old{'delete'}{$key} = 1;
+            $change_new{'activate'}{$key} = $access_controls{$oldfile}{$key};
+        }
+        my ($outcome,$deloutcome,$new_values,$translation) =
+            &Apache::lonnet::modify_access_controls($oldfile,\%change_old,
+						    $udom,$uname);
+        if ($outcome ne 'ok') {
+            $chg_text ='<br /><br />'.&mt("An error occured ([_1]) while ".
+                "trying to delete access control records for the old name.",$outcome).
+                '</span><br />';
+        } else {
+            if ($deloutcome ne 'ok') {
+                $chg_text = '<br /><br /><span class="LC_error"><br />'.
+		    &mt("An error occured ([_1]) while ".
+			"trying to delete access control records for the old name.",$deloutcome).
+			'</span><br />';
+            }
+        }
+        ($outcome,$deloutcome,$new_values,$translation) =
+            &Apache::lonnet::modify_access_controls($newfile,\%change_new,
+                                                    $udom,$uname);
+        if ($outcome ne 'ok') {
+            $chg_text .= '<br /><br />'.
+		&mt("An error occured ([_1]) while ".
+                "trying to update access control records for the new name.",$outcome).
+                '</span><br />';
+        }
+        if ($chg_text eq '') {
+            $chg_text = '<br /><br />'.&mt('Access controls updated to reflect the name change.');
+        }
+    }
+    return $chg_text;
+}
+
 sub display_access {
-    my ($r,$url,$group,$can_setacl,$port_path) = @_;
+    my ($r,$url,$group,$can_setacl,$port_path,$action) = @_;
     my ($uname,$udom) = &get_name_dom();
     my $file_name = $env{'form.currentpath'}.$env{'form.access'};
     $file_name = &prepend_group($file_name);
@@ -641,21 +754,36 @@ sub display_access {
                                                                         $uname);
     my %access_controls = &Apache::lonnet::get_access_controls($current_permissions,$group,$file_name);
     my $aclcount = keys(%access_controls);
-    my $header = '<h3>'.&mt('Allowing others to retrieve file: [_1]',$port_path.$env{'form.currentpath'}.$env{'form.access'}).'</h3>';
-    my $info .= &mt('Access to this file by others can be set to be one or more of the following types: public, passphrase-protected or conditional.');
-    $info .= '<br /><ul><li>'.&mt('Public files are available to anyone without the need for login.');
-    $info .= '</li><li>'.&mt('Passphrase-protected files do not require log-in, but will require the viewer to enter the passphrase you set.');
-    $info .= '</li><li>'.&mt('Conditional files are accessible to logged-in users with accounts in the LON-CAPA network, who satisfy the conditions you set.').'<br />';
-    $info .= &mt('The conditions can include affiliation with a particular course or group, or a user account in a specific domain.').'<br />';
-    $info .= &mt('Alternatively access can be granted to people with specific LON-CAPA usernames and domains.').'</li></ul>';
-    if ($group eq '') {
-        $info .= (&mt("A listing of files viewable without log-in is available at: <a href='/adm/$udom/$uname/aboutme/portfolio'>http://$ENV{'SERVER_NAME'}/adm/$udom/$uname/aboutme/portfolio</a>.<br />For logged in users a 'Display file listing' link will also appear (when there are viewable files) on your personal information page:<br /><a href='/adm/$udom/$uname/aboutme'>http://$ENV{'SERVER_NAME'}/adm/$udom/$uname/aboutme</a><br />"));
+    my ($header,$info);
+    if ($action eq 'chgaccess') {
+        $header = '<h3>'.&mt('Allowing others to retrieve file: [_1]',$port_path.$env{'form.currentpath'}.$env{'form.access'}).'</h3>';
+        $info .= &mt('Access to this file by others can be set to be one or more of the following types: public, passphrase-protected or conditional.');
+        $info .= '<br /><ul><li>'.&mt('Public files are available to anyone without the need for login.');
+        $info .= '</li><li>'.&mt('Passphrase-protected files do not require log-in, but will require the viewer to enter the passphrase you set.');
+        $info .= '</li><li>'.&explain_conditionals();
+        $info .= '</li></ul>'.
+                  &mt('A listing of files viewable without log-in is available at: ')."<a href=\"/adm/$udom/$uname/aboutme/portfolio\">http://$ENV{'SERVER_NAME'}/adm/$udom/$uname/aboutme/portfolio</a>.<br />";
+        if ($group eq '') {
+            $info .= &mt("For logged in users a 'Display file listing' link will also appear (when there are viewable files) on your personal information page:");
+        } else {
+            $info .= &mt("For logged in users a 'Display file listing' link will also appear (when there are viewable files) on the course information page:");
+        }
+        $info .= "<br /><a href=\"/adm/$udom/$uname/aboutme\">http://$ENV{'SERVER_NAME'}/adm/$udom/$uname/aboutme</a><br />";
+        if ($group ne '') {
+            $info .= &mt("Users with privileges to edit course contents may add a course information page to a course using the 'Course Info' button in DOCS").'<br />';
+        }
+    } else {
+        $header = '<h3>'.&mt('Conditional access controls for file: [_1]',$port_path.$env{'form.currentpath'}.$env{'form.access'}).'</h3>'.
+                  &explain_conditionals().'<br />';
     }
-    
     if ($can_setacl) {
         &open_form($r,$url);
         $r->print($header.$info);
-        &access_setting_table($r,$access_controls{$file_name});
+	$r->print('<br />'.&Apache::loncommon::help_open_topic('Portfolio ShareFile SetAccess', 'Help on setting up share access'));
+	$r->print(&Apache::loncommon::help_open_topic('Portfolio ShareFile ChangeSetting', 'Help on changing settings'));
+	$r->print(&Apache::loncommon::help_open_topic('Portfolio ShareFile StopAccess', 'Help on removing share access'));
+        &access_setting_table($r,$url,$file_name,$access_controls{$file_name},
+                              $action);
         my $button_text = {
                         'continue' => &mt('Proceed'),
                         'cancel' => &mt('Back to directory listing'),
@@ -670,6 +798,13 @@ sub display_access {
     }
 }
 
+sub explain_conditionals {
+    return
+        &mt('Conditional files are accessible to logged-in users with accounts in the LON-CAPA network, who satisfy the conditions you set.').'<br />'."\n".
+        &mt('The conditions can include affiliation with a particular course, or a user account in a specific domain.').'<br />'."\n".
+        &mt('Alternatively access can be granted to people with specific LON-CAPA usernames and domains.');
+}
+
 sub view_access_settings {
     my ($r,$url,$access_controls,$aclcount) = @_;
     my ($showstart,$showend);
@@ -708,9 +843,8 @@ sub build_access_summary {
                       domains => 'Conditional: domain-based',
                       users => 'Conditional: user-based',
                       course => 'Conditional: course-based',
-                      group => 'Conditional: group-based',
                      );
-    my @allscopes = ('public','guest','domains','users','course','group');
+    my @allscopes = ('public','guest','domains','users','course');
     foreach my $scope (@allscopes) {
         if ((!(exists($todisplay{$scope}))) || (ref($todisplay{$scope}) ne 'HASH')) {
             next;
@@ -733,7 +867,7 @@ sub build_access_summary {
                 }
             }
             $r->print('<td>'.&mt($scope_desc{$scope}));
-            if (($scope eq 'course') || ($scope eq 'group')) {
+            if ($scope eq 'course') {
                 if ($chg ne 'delete') {
                     my $cid = $content->{'domain'}.'_'.$content->{'number'};
                     my %course_description = &Apache::lonnet::coursedescription($cid);
@@ -745,16 +879,12 @@ sub build_access_summary {
             if ($chg ne 'delete') {
                 if ($scope eq 'guest') {
                     $r->print(&mt('Passphrase').': '.$content->{'password'});
-                } elsif ($scope eq 'course' || $scope eq 'group') {
-                    $r->print('<table><tr>');
+                } elsif ($scope eq 'course') {
+                    $r->print('<table width="100%"><tr>');
                     $r->print('<th>'.&mt('Roles').'</th><th>'.
                           &mt('Access').'</th><th>'.
                                           &mt('Sections').'</th>');
-                    if ($scope eq 'course') {
-                        $r->print('<th>'.&mt('Groups').'</th>');
-                    } else {
-                        $r->print('<th>'.&mt('Teams').'</th>');
-                    }
+                    $r->print('<th>'.&mt('Groups').'</th>');
                     $r->print('</tr>');
                     foreach my $id (sort(keys(%{$content->{'roles'}}))) {
                         $r->print('<tr>');
@@ -778,11 +908,11 @@ sub build_access_summary {
                             } else {
                                 $r->print(join(',',@{$content->{'roles'}{$id}{$item}}));
                             }
-                            $r->print('</tr>');
+                            $r->print('</td>');
                         }
-			$r->print("</table>");
+			$r->print('</tr>');
                     }
-		    $r->print("</tr></table>");
+		    $r->print('</table>');
                 } elsif ($scope eq 'domains') {
                     $r->print(&mt('Domains: ').join(',',@{$content->{'dom'}}));
                 } elsif ($scope eq 'users') {
@@ -896,14 +1026,14 @@ sub update_access {
     my $totalnew = 0;
     my $status = 'new';
     my ($firstitem,$lastitem);
-    foreach my $newitem ('course','group','domains','users') {
+    foreach my $newitem ('course','domains','users') {
         $allnew += $env{'form.new'.$newitem};
     }
     if ($allnew > 0) {
         my $now = time;
         my $then = $now + (60*60*24*180); # six months approx.
         &open_form($r,$url);
-        foreach my $newitem ('course','group','domains','users') {
+        foreach my $newitem ('course','domains','users') {
             if ($env{'form.new'.$newitem} > 0) {
                 $r->print('<br />'.&mt('Add new <b>[_1]-based</b> access control for portfolio file: <b>[_2]</b>',$newitem,$env{'form.currentpath'}.$env{'form.selectfile'}).'<br /><br />');
                 $firstitem = $totalnew;
@@ -942,7 +1072,7 @@ sub build_access_record {
 		
     if ($scope eq 'guest') {	
         $record->{'password'} = $env{'form.password'};
-    } elsif (($scope eq 'course') || ($scope eq 'group')) {
+    } elsif ($scope eq 'course') {
         $record->{'domain'} = $env{'form.crsdom_'.$num};
 	$record->{'number'} = $env{'form.crsnum_'.$num};
         my @role_ids;
@@ -1024,19 +1154,18 @@ sub sort_users {
 }
 
 sub access_setting_table {
-    my ($r,$access_controls) = @_;
+    my ($r,$url,$filename,$access_controls,$action) = @_;
     my ($public,$publictext);
-    $publictext = &mt('Off');
+    $publictext ='Off';
     my ($guest,$guesttext);
-    $guesttext = &mt('Off');
+    $guesttext = 'Off';
     my @courses = ();
-    my @groups = ();
     my @domains = ();
     my @users = ();
     my $now = time;
     my $then = $now + (60*60*24*180); # six months approx.
     my ($num,$scope,$publicnum,$guestnum);
-    my (%acl_count,%end,%start);
+    my (%acl_count,%end,%start,%conditionals);
     foreach my $key (sort(keys(%{$access_controls}))) {
         ($num,$scope,$end{$key},$start{$key}) = &unpack_acc_key($key);
         if ($scope eq 'public') {
@@ -1047,19 +1176,34 @@ sub access_setting_table {
             $guest=$key;
             $guestnum = $num;  
             $guesttext = &acl_status($start{$key},$end{$key},$now);
-        } elsif ($scope eq 'course') {
-            push(@courses,$key);
-        } elsif ($scope eq 'group') {
-            push(@groups,$key);
-        } elsif ($scope eq 'domains') {
-            push(@domains,$key);
-        } elsif ($scope eq 'users') {
-            push(@users,$key);
+        } else {
+            $conditionals{$scope}{$key} = $$access_controls{$key};
+            if ($scope eq 'course') {
+                push(@courses,$key);
+            } elsif ($scope eq 'domains') {
+                push(@domains,$key);
+            } elsif ($scope eq 'users') {
+                push(@users,$key);
+            }
         }
         $acl_count{$scope} ++;
     }
     $r->print('<table border="0"><tr><td valign="top">');
-    $r->print('<h3>'.&mt('Public access:').' '.$publictext.'</h3>');
+    if ($action eq 'chgaccess') {
+        &standard_settings($r,$now,$then,$url,$filename,\%acl_count,\%start,
+                           \%end,$public,$publicnum,$publictext,$guest,$guestnum,
+                           $guesttext,$access_controls,%conditionals);
+    } else {
+        &condition_setting($r,$access_controls,$now,$then,\%acl_count,
+                           \@domains,\@users,\@courses);
+    }
+    $r->print('</td></tr></table>');
+}
+
+sub standard_settings {
+    my ($r,$now,$then,$url,$filename,$acl_count,$start,$end,$public,$publicnum,
+      $publictext,$guest,$guestnum,$guesttext,$access_controls,%conditionals)=@_;
+    $r->print('<h3>'.&mt('Public access: [_1]',$publictext).'</h3>');
     $r->print(&Apache::loncommon::start_data_table());
     $r->print(&Apache::loncommon::start_data_table_header_row());
     $r->print('<th>'.&mt('Action').'</th><th>'.&mt('Dates available').'</th>');
@@ -1067,7 +1211,7 @@ sub access_setting_table {
     $r->print(&Apache::loncommon::start_data_table_row());
     if ($public) {
         $r->print('<td>'.&actionbox('old',$publicnum,'public').'</td><td>'.
-                  &dateboxes($publicnum,$start{$public},$end{$public}).'</td>');
+             &dateboxes($publicnum,$start->{$public},$end->{$public}).'</td>');
     } else {
         $r->print('<td>'.&actionbox('new','0','public').'</td><td>'.
                   &dateboxes('0',$now,$then).'</td>');
@@ -1075,7 +1219,7 @@ sub access_setting_table {
     $r->print(&Apache::loncommon::end_data_table_row());
     $r->print(&Apache::loncommon::end_data_table());
     $r->print('</td><td width="40">&nbsp;</td><td valign="top">');
-    $r->print('<h3>'.&mt('Passphrase-protected access:').' '.$guesttext.'</h3>');
+    $r->print('<h3>'.&mt('Passphrase-protected access: [_1]',$guesttext).'</h3>');
     $r->print(&Apache::loncommon::start_data_table());
     $r->print(&Apache::loncommon::start_data_table_header_row());
     $r->print('<th>'.&mt('Action').'</th><th>'.&mt('Dates available').
@@ -1086,7 +1230,7 @@ sub access_setting_table {
     if ($guest) {
         $passwd = $$access_controls{$guest}{'password'};
         $r->print('<td>'.&actionbox('old',$guestnum,'guest').'</td><td>'.
-                  &dateboxes($guestnum,$start{$guest},$end{$guest}).'</td>');
+              &dateboxes($guestnum,$start->{$guest},$end->{$guest}).'</td>');
     } else {
         $r->print('<td>'.&actionbox('new','1','guest').'</td><td>'.
                   &dateboxes('1',$now,$then).'</td>');
@@ -1095,36 +1239,75 @@ sub access_setting_table {
               $passwd.'" /></td>');
     $r->print(&Apache::loncommon::end_data_table_row());
     $r->print(&Apache::loncommon::end_data_table());
-    $r->print('</td></tr><tr><td colspan="3">&nbsp;</td></tr><tr><td valign="top">');
-    &access_element($r,'domains',\%acl_count,\@domains,$access_controls,$now,$then);
+    $r->print('</td></tr><tr><td colspan="3">&nbsp;</td></tr>'.
+              '<tr><td colspan="3">');
+    my $numconditionals = 0;
+    my $conditionstext;
+    my %cond_status;
+    foreach my $scope ('domains','users','course') {
+        $numconditionals += $acl_count->{$scope}; 
+        if ($acl_count->{$scope} > 0) {
+            if ($conditionstext ne 'Active') { 
+                foreach my $key (keys(%{$conditionals{$scope}})) {
+                    $conditionstext = &acl_status($start->{$key},$end->{$key},$now);
+                    if ($conditionstext eq 'Active') {
+                       last;
+                    }
+                }
+            }
+        }
+    }
+    if ($conditionstext eq '') {
+        $conditionstext = 'Off';
+    }
+    my %anchor_fields = (
+            'access' => $env{'form.selectfile'},
+            'action' => 'chgconditions',
+            'currentpath' => $env{'form.currentpath'},
+        );
+    $r->print('<h3>'.&mt('Conditional access: [_1]',$conditionstext).'</h3>');
+    if ($numconditionals > 0) {
+        my $count = 1;
+        my $chg = 'none';
+        $r->print(&mt('You have previously set [_1] conditional access controls.',$numconditionals).' '.&make_anchor($url,\%anchor_fields,&mt('Change Conditions')).'<br /><br />');
+        $r->print(&Apache::loncommon::start_data_table());
+        $r->print(&Apache::loncommon::start_data_table_header_row());
+        $r->print('<th>'.&mt('Access control').'</th><th>'.&mt('Dates available').
+                  '</th><th>'.&mt('Additional information').'</th>');
+        $r->print(&Apache::loncommon::end_data_table_header_row());
+        &build_access_summary($r,$count,$chg,%conditionals);
+        $r->print(&Apache::loncommon::end_data_table());
+    } else {
+        $r->print(&make_anchor($url,\%anchor_fields,&mt('Add conditional access')).' '.&mt('based on domain, username, or course affiliation.'));
+    }
+}
+
+sub condition_setting {
+    my ($r,$access_controls,$now,$then,$acl_count,$domains,$users,$courses) = @_;
+    $r->print('<tr><td valign="top">');
+    &access_element($r,'domains',$acl_count,$domains,$access_controls,$now,$then);
     $r->print('</td><td>&nbsp;</td><td valign="top">');
-    &access_element($r,'users',\%acl_count,\@users,$access_controls,$now,$then);
+    &access_element($r,'users',$acl_count,$users,$access_controls,$now,$then);
     $r->print('</td></tr><tr><td colspan="3"></td></tr><tr>');
-    if (@courses > 0 || @groups > 0) {
+    if ($acl_count->{course} > 0) {
         $r->print('<td colspan="3" valign="top">');
     } else {
         $r->print('<td valign="top">');
     }
-    &access_element($r,'course',\%acl_count,\@courses,$access_controls,$now,$then);
+    &access_element($r,'course',$acl_count,$courses,$access_controls,$now,$then);
     $r->print('</td>');
-    if (@courses > 0 || @groups > 0) {
-        $r->print('</tr><tr><td colspan="3">&nbsp;</td></tr><tr><td colspan="3" valign="top">');
-    } else {
-        $r->print('<td>&nbsp;</td><td valign="top">');
-    }
-    &access_element($r,'group',\%acl_count,\@groups,$access_controls,$now,$then);
     $r->print('</td></tr></table>');
 }
 
 sub acl_status {
     my ($start,$end,$now) = @_;
     if ($start > $now) {
-        return &mt('Inactive');
+        return 'Inactive';
     }
     if ($end && $end<$now) {
-        return &mt('Inactive');
+        return 'Inactive';
     }
-    return &mt('Active');
+    return 'Active';
 }
 
 sub access_element {
@@ -1159,7 +1342,7 @@ sub display_access_row {
         $r->print(&Apache::loncommon::start_data_table_header_row());
         $r->print('<th>'.&mt('Action?').'</th><th>'.&mt($uctype).'</th><th>'.
               &mt('Dates available').'</th>');
-        if (($type eq 'course') || ($type eq 'group')) {
+        if ($type eq 'course' && $status eq 'old') {
             $r->print('<th>'.&mt('Allowed [_1] member affiliations',$type).
                       '</th>');
             $colspan ++;
@@ -1169,7 +1352,7 @@ sub display_access_row {
         $r->print(&Apache::loncommon::end_data_table_header_row());
         foreach my $key (@{$items}) {
 	    $r->print(&Apache::loncommon::start_data_table_row());
-            if (($type eq 'course') || ($type eq 'group')) {
+            if ($type eq 'course') {
                 &course_row($r,$status,$type,$key,$access_controls,$now,$then);
             } elsif ($type eq 'domains') {
                 &domains_row($r,$status,$key,\@all_doms,$access_controls,$now,
@@ -1196,34 +1379,37 @@ sub display_access_row {
 sub course_js {
     return qq|
 <script type="text/javascript">
-function setRoleOptions(caller,num,cdom,cnum,type) {
-    addIndexnum = getCallerIndex(caller);
-    updateIndexnum = getIndex('update',num);
-    if (caller.checked) {
-        document.portform.elements[updateIndexnum].checked = true;
-        var url = '/adm/portfolio?action=rolepicker&setroles='+addIndexnum+'&cnum='+cnum+'&cdom='+cdom+'&type='+type;
+function setRoleOptions(num,roleid,cdom,cnum,type) {
+    updateIndexNum = getIndexByValue('update',num);
+    var addItem = 'add_role_'+num;
+    var addIndexNum = getIndexByName(addItem);
+    if (document.portform.elements[addItem].checked) {
+        document.portform.elements[updateIndexNum].checked = true;
+        var url = '/adm/portfolio?action=rolepicker&setroles='+num+'_'+roleid+'&cnum='+cnum+'&cdom='+cdom+'&type='+type;
         var title = 'Roles_Chooser';
         var options = 'scrollbars=1,resizable=1,menubar=0';
         options += ',width=700,height=600';
         rolebrowser = open(url,title,options,'1');
         rolebrowser.focus();
     } else {
-        for (var j=0;j<5;j++) {
-            document.portform.elements[addIndexnum+j].value = '';
+        addArray = new Array ('role','access','section','group');
+        for (var j=0;j<addArray.length;j++) {
+            var itemIndex = getIndexByName(addArray[j]+'_'+num+'_'+roleid);
+            document.portform.elements[itemIndex].value = '';
         }
     }
 }
 
-function getCallerIndex(caller) {
+function getIndexByName(item) {
     for (var i=0;i<document.portform.elements.length;i++) {
-        if (document.portform.elements[i] == caller) {
+        if (document.portform.elements[i].name == item) {
             return i;
         }
     }
     return -1;
 }
 
-function getIndex(name,value) {
+function getIndexByValue(name,value) {
     for (var i=0;i<document.portform.elements.length;i++) {
         if (document.portform.elements[i].name == name && document.portform.elements[i].value == value) {
             return i;
@@ -1246,10 +1432,6 @@ sub course_row {
     }
     my $js = &Apache::loncommon::coursebrowser_javascript($defdom)
 	.&course_js();
-    my $crsgrptext = 'Groups';
-    if ($type eq 'group') {
-        $crsgrptext = 'Teams';
-    }
     my $uctype = $type;
     $uctype =~ s/^(\w)/uc($1)/e;
     my ($num,$scope,$end,$start) = &set_identifiers($status,$item,$now,$then,
@@ -1260,33 +1442,53 @@ sub course_row {
         my %course_description = &Apache::lonnet::coursedescription($cid);
         $r->print('<td><input type="hidden" name="crsdom_'.$num.'" value="'.$content->{'domain'}.'" /><input type="hidden" name="crsnum_'.$num.'" value="'.$content->{'number'}.'" />'.$course_description{'description'}.'</td>');
     } elsif ($status eq 'new') {
-        $r->print('<td>'.&Apache::loncommon::selectcourse_link('portform','crsnum_'.$num,'crsdom_'.$num,'description_'.$num,undef,undef,$uctype).'&nbsp;&nbsp;<input type="text" name="description_'.$num.'" size="30" /><input type="hidden" name="crsdom_'.$num.'" /><input type="hidden" name="crsnum_'.$num.'" /></td>');
+        $r->print('<td>'.&Apache::loncommon::selectcourse_link('portform','crsnum_'.$num,'crsdom_'.$num,'description_'.$num,$num.'_1',undef,$uctype).'&nbsp;&nbsp;<input type="text" name="description_'.$num.'" size="30" /><input type="hidden" name="crsdom_'.$num.'" /><input type="hidden" name="crsnum_'.$num.'" /></td>');
     }
-    $r->print('<td>'.&dateboxes($num,$start,$end).'</td>');
-    $r->print('<td><table><tr>');
-    $r->print('<th>'.&mt('Action').'</th><th>'.&mt('Roles').'</th><th>'.
-              &mt('Access').'</th><th>'.&mt('Sections').'</th><th>'.
-              &mt($crsgrptext).'</th></tr>');
+    $r->print('<td>'.&dateboxes($num,$start,$end));
+    my $newrole_id = 1;
     if ($status eq 'old') {
+        $r->print('</td><td>');
         my $max_id = 0;
-        foreach my $role_id (sort(keys(%{$content->{'roles'}}))) {
-            if ($role_id > $max_id) {
-                $max_id = $role_id;
-            }
-            $max_id ++;
-            my $role_selects = &role_selectors($num,$role_id,$status,$type,$content,'display');
-            $r->print('<tr><td><span style="white-space: nowrap"><label><input type="checkbox" name="delete_role_'.$num.'" value="'.$role_id.'" />'.&mt('Delete').'</label></span><br /><input type="hidden" name="preserve_role_'.$num.'" value="'.$role_id.'" /></td>'.$role_selects.'</tr>');
-        }
-        $r->print('</table><br />'.&mt('Add a roles-based condition').'&nbsp;<input type="checkbox" name ="add_role_'.$num.'" onClick="javascript:setRoleOptions(this,'."'$num','$content->{'domain'}','$content->{'number'}','$uctype'".')" value="'.$max_id.'" /><input type="hidden" name="role_'.$num.'_'.$max_id.'" /><input type="hidden" name="access_'.$num.'_'.$max_id.'" /><input type="hidden" name="section_'.$num.'_'.$max_id.'" /><input type="hidden" name="group_'.$num.'_'.$max_id.'" /></td>');
-    } elsif ($status eq 'new') {
-        my $role_id = 1;
-        my $role_selects = &role_selectors($num,$role_id,$status,$type,undef,'display');
-        $r->print('<tr><td><input type="checkbox" name="add_role_'.$num.'" value="'.$role_id.'" checked="checked" />'.&mt('Add').'<input type="hidden" name="grplist_'.$num.'_'.$role_id.'" /></td>'.$role_selects);
-        $r->print('</tr></table></td>');
+        if (keys(%{$content->{'roles'}}) > 0) {
+            $r->print('<table><tr><th>'.&mt('Action').'</th>'.
+                      '<th>'.&mt('Roles').'</th>'.
+                      '<th>'.&mt('Access').'</th>'.
+                      '<th>'.&mt('Sections').'</th>'.
+                      '<th>'.&mt('Groups').'</th></tr>');
+            foreach my $role_id (sort(keys(%{$content->{'roles'}}))) {
+                if ($role_id > $max_id) {
+                    $max_id = $role_id;
+                }
+                $max_id ++;
+                my $role_selects = &role_selectors($num,$role_id,$type,$content,'display');
+                $r->print('<tr><td><span style="white-space: nowrap"><label><input type="checkbox" name="delete_role_'.$num.'" value="'.$role_id.'" />'.&mt('Delete').'</label></span><br /><input type="hidden" name="preserve_role_'.$num.'" value="'.$role_id.'" /></td>'.$role_selects.'</tr>');
+            }
+            $r->print('</table>');
+        }
+        $r->print('<br />'.&mt('Add a roles-based condition').
+                  '&nbsp;<input type="checkbox" name ="add_role_'.
+                  $num.'" onClick="javascript:setRoleOptions('."'$num',
+                  '$max_id','$content->{'domain'}','$content->{'number'}',
+                  '$uctype'".')" value="" />');
+        $newrole_id = $max_id;
+    } else {
+        $r->print('<input type="hidden" name ="add_role_'.$num.'" value="" />');
     }
+    $r->print(&add_course_role($num,$newrole_id));
+    $r->print('</td>');
     return;
 }
 
+sub add_course_role {
+    my ($num,$max_id) = @_;
+    my $output;
+    $output .='<input type="hidden" name="role_'.$num.'_'.$max_id.'" />'.
+              '<input type="hidden" name="access_'.$num.'_'.$max_id.'" />'.
+              '<input type="hidden" name="section_'.$num.'_'.$max_id.'" />'.
+              '<input type="hidden" name="group_'.$num.'_'.$max_id.'" />';
+    return $output;
+}
+
 sub domains_row {
     my ($r,$status,$item,$all_doms,$access_controls,$now,$then) = @_;
     my ($num,$scope,$end,$start) = &set_identifiers($status,$item,$now,$then,
@@ -1336,7 +1538,12 @@ sub actionbox {
     my ($status,$num,$scope) = @_;
     my $output = '<span style="white-space: nowrap"><label>';
     if ($status eq 'new') {
-        $output .= '<input type="checkbox" name="activate" value="'.$num.'" />'.
+        my $checkstate;
+        if ($scope eq 'domains' || $scope eq 'users' || $scope eq 'course') {
+            $checkstate = 'checked="checked"';
+        }
+        $output .= '<input type="checkbox" name="activate" value="'.$num.'" '.
+                   $checkstate.'  />'.
         &mt('Activate');
     } else {
         $output .= '<input type="checkbox" name="delete" value="'.$num.
@@ -1384,21 +1591,12 @@ sub set_identifiers {
 } 
 
 sub role_selectors {
-    my ($num,$role_id,$status,$type,$content,$caller) = @_;
+    my ($num,$role_id,$type,$content,$caller) = @_;
     my ($output,$cdom,$cnum,$longid);
     if ($caller eq 'display') {
         $longid = '_'.$num.'_'.$role_id;
-        if ($status eq 'new') {
-            foreach my $item ('role','access','section','group') {
-                $output .= '<td><select name="'.$item.$longid.'">'.
-                           '<option value="">'.&mt('Pick [_1] first',$type).
-                           '</option></select></td>';
-            }
-            return $output;
-        } else {
-            $cdom = $$content{'domain'};
-            $cnum = $$content{'number'};
-        }
+        $cdom = $$content{'domain'};
+        $cnum = $$content{'number'};
     } elsif ($caller eq 'rolepicker') {
          $cdom = $env{'form.cdom'};
          $cnum = $env{'form.cnum'};
@@ -1436,7 +1634,7 @@ sub role_selectors {
                     'role' => $allroles,
                     'access' => \@allaccesses,
                     'section' => $sections,
-                    'group' => $groups, 
+                    'group' => $groups,
                    );
     foreach my $item ('role','access','section','group') {
         $output .= '<td><select name="'.$item.$longid.'" multiple="true" size="4">'."\n";
@@ -1460,20 +1658,21 @@ sub role_selectors {
 
 sub role_options_window {
     my ($r) = @_;
-    my $cdom = $env{'form.cdom'};
-    my $cnum = $env{'form.cnum'};
     my $type = $env{'form.type'};
-    my $addindex = $env{'form.setroles'};
-    my $grouptitle = 'Groups';
-    if ($type eq 'Group') {
-         $grouptitle = 'Teams';
-    } 
-    my $role_selects = &role_selectors(1,1,'new',$type,undef,'rolepicker');
+    my $rolenum = $env{'form.setroles'};
+    my ($num,$role_id) = ($rolenum =~ /^([\d_]+)_(\d+)$/);
+    my $role_elements;
+    foreach my $item ('role','access','section','group') {
+        $role_elements .= "'".$item.'_'.$rolenum."',";
+    }
+    $role_elements =~ s/,$//; 
+    my $role_selects = &role_selectors($num,$role_id,$type,undef,
+                                       'rolepicker');
     $r->print(<<"END_SCRIPT");
 <script type="text/javascript">
 function setRoles() {
-    var addidx = $addindex+1;
-    for (var i=0; i<4; i++) {
+    var role_elements = new Array($role_elements);
+    for (var i=0; i<role_elements.length; i++) {
         var copylist = '';
         for (var j=0; j<document.rolepicker.elements[i].length; j++) {
             if (document.rolepicker.elements[i].options[j].selected) {
@@ -1481,14 +1680,27 @@ function setRoles() {
             }
         }
         copylist = copylist.substr(0,copylist.length-1);
-        opener.document.portform.elements[addidx+i].value = copylist;
+        var openerItem = getIndexByName(role_elements[i]);
+        opener.document.portform.elements[openerItem].value = copylist; 
     }
+    var roleAdder = getIndexByName('add_role_$num');
+    opener.document.portform.elements[roleAdder].value = '$role_id';
     self.close();
 }
+
+function getIndexByName(item) {
+    for (var i=0;i<opener.document.portform.elements.length;i++) {
+        if (opener.document.portform.elements[i].name == item) {
+            return i;
+        }
+    }
+    return -1;
+}
+
 </script>
 END_SCRIPT
     $r->print(&mt('Select roles, course status, section(s) and group(s) for users who will be able to access the portfolio file.'));
-    $r->print('<form name="rolepicker" action="/adm/portfolio" method="post"><table><tr><th>'.&mt('Roles').'</th><th>'.&mt('[_1] status',$type).'</th><th>'.&mt('Sections').'</th><th>'.&mt($grouptitle).'</th></tr><tr>'.$role_selects.'</tr></table><br /><input type="button" name="rolepickbutton" value="Save selections" onclick="setRoles()" />');
+    $r->print('<form name="rolepicker" action="/adm/portfolio" method="post"><table><tr><th>'.&mt('Roles').'</th><th>'.&mt('[_1] status',$type).'</th><th>'.&mt('Sections').'</th><th>'.&mt('Groups').'</th></tr><tr>'.$role_selects.'</tr></table><br /><input type="button" name="rolepickbutton" value="Save selections" onclick="setRoles()" />');
     return;
 }
 
@@ -1542,15 +1754,7 @@ sub upload {
     my ($r,$url,$group)=@_;
     my $fname=$env{'form.uploaddoc.filename'};
     my $filesize = (length($env{'form.uploaddoc'})) / 1000; #express in k (1024?)
-    my $disk_quota = 20000; # expressed in k
-    if (defined($group)) {
-        my $grp_quota = &get_group_quota($group); # quota expressed in k 
-        if ($grp_quota ne '') {
-            $disk_quota = $grp_quota;
-        } else {
-            $disk_quota = 0;
-        }
-    }
+    my $disk_quota = &get_quota($group);
     $fname=&Apache::lonnet::clean_filename($fname);
 
     my $portfolio_root=&get_portfolio_root();
@@ -1683,16 +1887,19 @@ sub createdir {
 }
 
 sub get_portfolio_root {
-    my ($udom,$uname) = @_;
+    my ($udom,$uname,$group) = @_;
     if (!(defined($udom)) || !(defined($uname))) {
         ($uname,$udom) = &get_name_dom();
     }
-    my $path;
-    if (defined($env{'form.group'})) {
-        $path = '/userfiles/groups/'.$env{'form.group'}.'/portfolio';
-    } else {
-        $path = '/userfiles/portfolio';
+    my $path = '/userfiles/portfolio';
+    if (!defined($group)) { 
+        if (defined($env{'form.group'})) {
+            $group = $env{'form.group'};      
+        }
     }
+    if (defined($group)) {
+        $path = '/userfiles/groups/'.$group.'/portfolio';
+    } 
     return (&Apache::loncommon::propath($udom,$uname).$path);
 }
 
@@ -1813,6 +2020,24 @@ sub coursegrp_portfolio_header {
     return $output;
 }
 
+sub get_quota {
+    my ($group) = @_;
+    my $disk_quota;
+    if (defined($group)) {
+        my $grp_quota = &get_group_quota($group); # quota expressed in k
+        if ($grp_quota ne '') {
+            $disk_quota = $grp_quota;
+        } else {
+            $disk_quota = 0;
+        }
+    } else {
+        $disk_quota = &Apache::loncommon::get_user_quota($env{'user.name'},
+                                    $env{'user.domain'}); #expressed in Mb
+        $disk_quota = 1000 * $disk_quota; # convert from Mb to kb
+    }
+    return $disk_quota;
+}
+
 
 sub handler {
     # this handles file management
@@ -1933,7 +2158,7 @@ sub handler {
         }
     } elsif ($env{'form.action'} eq 'delete' && $env{'form.confirmed'}) {
         if ($can_delete) {
-	    &delete_confirmed($r,$url);
+	    &delete_confirmed($r,$url,$group);
         } else {
             &missing_priv($r,$url,'delete');
         }
@@ -1957,7 +2182,7 @@ sub handler {
         }
     } elsif ($env{'form.action'} eq 'rename' && $env{'form.confirmed'}) {
         if ($can_modify) {
-	    &rename_confirmed($r,$url);
+	    &rename_confirmed($r,$url,$group);
         } else {
             &missing_priv($r,$url,'rename');
         }
@@ -1971,9 +2196,12 @@ sub handler {
         }
     } elsif ($env{'form.access'}) {
         $env{'form.selectfile'} = $env{'form.access'};
-        $env{'form.action'} = 'chgaccess';
-        &display_access($r,$url,$group,$can_setacl,$port_path);
-    } elsif ($env{'form.action'} eq 'chgaccess') {
+        if (!defined($env{'form.action'})) { 
+            $env{'form.action'} = 'chgaccess';
+        }
+        &display_access($r,$url,$group,$can_setacl,$port_path,$env{'form.action'});
+    } elsif (($env{'form.action'} eq 'chgaccess') || 
+             ($env{'form.action'} eq 'chgconditions')) {
         if ($can_setacl) {
             &update_access($r,$url,$group,$port_path);
         } else {