--- loncom/lonnet/perl/lonnet.pm	2023/12/28 15:57:28	1.1521
+++ loncom/lonnet/perl/lonnet.pm	2024/03/29 17:32:03	1.1524
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1521 2023/12/28 15:57:28 raeburn Exp $
+# $Id: lonnet.pm,v 1.1524 2024/03/29 17:32:03 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -2975,6 +2975,17 @@ sub get_domain_defaults {
                 $domdefaults{'ltiprivhosts'} = $domconfig{'ltisec'}{'private'}{'keys'};
             }
         }
+        if (ref($domconfig{'ltisec'}{'suggested'}) eq 'HASH') {
+            my %suggestions = %{$domconfig{'ltisec'}{'suggested'}};
+            foreach my $item (keys(%{$domconfig{'ltisec'}{'suggested'}})) {
+                unless (ref($domconfig{'ltisec'}{'suggested'}{$item}) eq 'HASH') {
+                    delete($suggestions{$item});
+                }
+            }
+            if (keys(%suggestions)) {
+                $domdefaults{'linkprotsuggested'} = \%suggestions;
+            }
+        }
     }
     if (ref($domconfig{'toolsec'}) eq 'HASH') {
         if (ref($domconfig{'toolsec'}{'encrypt'}) eq 'HASH') {
@@ -6998,6 +7009,7 @@ sub rolesinit {
     my %allroles=();
     my %allgroups=();
     my %gotcoauconfig=();
+    my %domdefaults=();
 
     for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
         my $role = $rolesdump{$area};
@@ -7060,6 +7072,20 @@ sub rolesinit {
                             my $name = $item;
                             if ($item eq 'authoreditors') {
                                 $name = 'editors';
+                                unless ($info{'authoreditors'}) {
+                                    my %domdefs;
+                                    if (ref($domdefaults{$audom}) eq 'HASH') {
+                                        %domdefs = %{$domdefaults{$audom}};
+                                    } else {
+                                        %domdefs = &get_domain_defaults($audom);
+                                        $domdefaults{$audom} = \%domdefs;
+                                    }
+                                    if ($domdefs{$name} ne '') {
+                                        $info{'authoreditors'} = $domdefs{$name};
+                                    } else {
+                                        $info{'authoreditors'} = 'edit,xml';
+                                    }
+                                }
                             }
                             $coauthorenv{"environment.internal.$name.$area"} = $info{$item};
                         }
@@ -8004,7 +8030,7 @@ sub get_portfolio_access {
         $portaccess = &usertools_access($unum,$udom,'portaccess',undef,'tools');
     }
 
-    my ($public,$guest,@domains,@users,@courses,@groups,@ips);
+    my ($public,$guest,@domains,@users,@courses,@groups,@ips,@userips);
     my $now = time;
     if (ref($access_hash) eq 'HASH') {
         foreach my $key (keys(%{$access_hash})) {
@@ -8031,6 +8057,8 @@ sub get_portfolio_access {
                 push(@groups,$key);
             } elsif ($scope eq 'ip') {
                 push(@ips,$key);
+            } elsif ($scope eq 'userip') {
+                push(@userips,$key);
             }
         }
         if ($public) {
@@ -8045,6 +8073,19 @@ sub get_portfolio_access {
                     }
                 }
             }
+            if ($allowed) {
+                return 'ok';
+            }
+        } elsif (@userips > 0) {
+            my $allowed;
+            foreach my $useripkey (@userips) {
+                if (ref($access_hash->{$useripkey}{'ip'}) eq 'ARRAY') {
+                    if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$useripkey}{'ip'}}),$clientip)) {
+                        $allowed = 1;
+                        last;
+                    }
+                }
+            }
             if ($allowed) {
                 return 'ok';
             }