Index: lams_central/conf/security/Owasp.CsrfGuard.properties
===================================================================
diff -u -r6481b3403e4e91e51c67207de071ba83335103de -r374bf624aba202edb107a054eef3dde19000e0b4
--- lams_central/conf/security/Owasp.CsrfGuard.properties	(.../Owasp.CsrfGuard.properties)	(revision 6481b3403e4e91e51c67207de071ba83335103de)
+++ lams_central/conf/security/Owasp.CsrfGuard.properties	(.../Owasp.CsrfGuard.properties)	(revision 374bf624aba202edb107a054eef3dde19000e0b4)
@@ -81,6 +81,7 @@
 org.owasp.csrfguard.protected.centralAddCollection=/lams/qb/collection/addCollection.do
 org.owasp.csrfguard.protected.centralAddCollectionQuestion=/lams/qb/collection/addCollectionQuestion.do
 org.owasp.csrfguard.protected.centralRemoveCollectionQuestion=/lams/qb/collection/removeCollectionQuestion.do
+org.owasp.csrfguard.protected.centralPrintCollectionQuestions=/lams/qb/printQbCollectionQuestions.do
 org.owasp.csrfguard.protected.centralMergeQuestions=/lams/qb/stats/merge.do
 org.owasp.csrfguard.protected.centralExportQuestionsXml=/lams/xmlQuestions/exportQuestionsXml.do
 org.owasp.csrfguard.protected.centralImportQuestionsXml=/lams/xmlQuestions/importQuestionsXml.do
@@ -301,4 +302,4 @@
 # Actions to take when a CSRF attack is attempted
 org.owasp.csrfguard.action.Log=org.owasp.csrfguard.action.Log
 org.owasp.csrfguard.Logger=org.owasp.csrfguard.log.JavaLogger
-org.owasp.csrfguard.action.Log.Message=CSRF attack (user: %user%, ip: %remote_ip%, uri: %request_uri%, error: %exception_message%)
+org.owasp.csrfguard.action.Log.Message=CSRF attack (user: %user%, ip: %remote_ip%, uri: %request_uri%, error: %exception_message%)
\ No newline at end of file
Index: lams_central/src/java/org/lamsfoundation/lams/web/qb/PrintQbQuestionController.java
===================================================================
diff -u -rcb84acde58155494dc2cdf1bae82eac746dadfe2 -r374bf624aba202edb107a054eef3dde19000e0b4
--- lams_central/src/java/org/lamsfoundation/lams/web/qb/PrintQbQuestionController.java	(.../PrintQbQuestionController.java)	(revision cb84acde58155494dc2cdf1bae82eac746dadfe2)
+++ lams_central/src/java/org/lamsfoundation/lams/web/qb/PrintQbQuestionController.java	(.../PrintQbQuestionController.java)	(revision 374bf624aba202edb107a054eef3dde19000e0b4)
@@ -20,6 +20,7 @@
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
 
@@ -40,15 +41,28 @@
     }
 
     @GetMapping("/printQbCollectionQuestions")
-    public String printQbCollectionQuestions(@RequestParam Long collectionUid, Model model,
+    public String printQbCollectionQuestions(@RequestParam Long collectionUid,
+	    @RequestParam(name = "qbQuestionUids", required = false) long[] qbQuestionUids, Model model,
 	    HttpServletResponse response) throws IOException {
 	if (!qbService.hasUserAccessToCollection(collectionUid)) {
 	    response.sendError(HttpServletResponse.SC_FORBIDDEN, "The user does not have access to given collection");
 	    return null;
 	}
 
+
+	Collection<QbQuestion> questions = null;
+	if (qbQuestionUids == null || qbQuestionUids.length == 0) {
+	    questions = qbService.getCollectionQuestions(collectionUid);
+	} else {
+	    questions = new LinkedHashSet<>();
+	    for (long qbQuestionUid : qbQuestionUids) {
+		QbQuestion question = qbService.getQuestionByUid(qbQuestionUid);
+		if (question != null) {
+		    questions.add(question);
+		}
+	    }
+	}
 	Map<String, Object> input = new HashMap<>();
-	Collection<QbQuestion> questions = qbService.getCollectionQuestions(collectionUid);
 	input.put("printQuestions", questions);
 	QbCollection collection = qbService.getCollectionByUid(collectionUid);
 	input.put("printTitleSuffix", collection.getName());
Index: lams_central/src/java/org/lamsfoundation/lams/web/qb/QbCollectionController.java
===================================================================
diff -u -rcb84acde58155494dc2cdf1bae82eac746dadfe2 -r374bf624aba202edb107a054eef3dde19000e0b4
--- lams_central/src/java/org/lamsfoundation/lams/web/qb/QbCollectionController.java	(.../QbCollectionController.java)	(revision cb84acde58155494dc2cdf1bae82eac746dadfe2)
+++ lams_central/src/java/org/lamsfoundation/lams/web/qb/QbCollectionController.java	(.../QbCollectionController.java)	(revision 374bf624aba202edb107a054eef3dde19000e0b4)
@@ -159,10 +159,13 @@
     @ResponseBody
     public String removeCollectionQuestions(@RequestParam long collectionUid,
 	    @RequestParam("qbQuestionIds[]") int[] qbQuestionIds, HttpServletResponse response) throws IOException {
-	if (!qbService.hasUserAccessToCollection(collectionUid)) {
+	QbCollection collection = qbService.getCollection(collectionUid);
+	if (!qbService.hasUserAccessToCollection(collectionUid) || (collection.getUserId() == null
+		&& !securityService.isAppadmin(getUserId(), "remove questions from QB collection", true))) {
 	    response.sendError(HttpServletResponse.SC_FORBIDDEN, "The user does not have access to given collection");
 	    return null;
 	}
+
 	boolean allQuestionsRemoved = true;
 	for (int qbQuestionId : qbQuestionIds) {
 	    allQuestionsRemoved &= qbService.removeQuestionFromCollectionByQuestionId(collectionUid, qbQuestionId,
Index: lams_central/web/qb/collection.jsp
===================================================================
diff -u -rcb84acde58155494dc2cdf1bae82eac746dadfe2 -r374bf624aba202edb107a054eef3dde19000e0b4
--- lams_central/web/qb/collection.jsp	(.../collection.jsp)	(revision cb84acde58155494dc2cdf1bae82eac746dadfe2)
+++ lams_central/web/qb/collection.jsp	(.../collection.jsp)	(revision 374bf624aba202edb107a054eef3dde19000e0b4)
@@ -100,9 +100,8 @@
 					height: "100%",
 					autowidth:true,
 					shrinkToFit: true,
-					<%-- Do not allow batch removing questions from the public collection --%>
-					multiselect: !isPublicCollection,
-					multiPageSelection: !isPublicCollection,
+					multiselect: true,
+					multiPageSelection: true,
 					viewrecords: true,
 					cellEdit: false,
 					cmTemplate: { title: false, search: false },
@@ -135,10 +134,6 @@
 						{name:'actions', index:'actions', classes: "stats-cell", sortable:false, width: 13, align: "center", formatter: actionsFormatter},
 						{name:'hasVersions', index:'hasVersions', width:0, hidden: true}
 					],
-					beforeSelectRow: function(rowid, e) {
-						// do not select rows at all
-						return !isPublicCollection;
-					},
 					loadComplete: function(data) {
 						//init thickbox
 						tb_init('a.thickbox');
@@ -470,8 +465,10 @@
 			};
 
 			function showQuestionsPrintPage() {
-				let url = '<c:url value="/qb/printQbCollectionQuestions.do?collectionUid=${collection.uid}"/>';
-				window.open(url, "_blank");
+				let questionsToPrint = $('#collection-grid').jqGrid('getGridParam','selarrrow'),
+						form = $('#print-questions-form');
+				$('input[name="qbQuestionUids"]', form).val(questionsToPrint);
+				form.submit();
 			}
 		</script>
 	</lams:head>
@@ -511,11 +508,13 @@
 					<fmt:message key="label.print" />
 				</button>
 
-				<a class="btn btn-default btn-xs loffset10 pull-right"
-				   onClick="javascript:removeQuestions()"
-				   title="<fmt:message key="label.qb.collection.remove.questions.tooltip" />">
-					<fmt:message key="label.qb.collection.remove.questions" />&nbsp;<i class="fa fa-trash"></i>
-				</a>
+				<c:if test="${isAppadmin or not empty collection.userId}">
+					<a class="btn btn-default btn-xs loffset10 pull-right"
+					   onClick="javascript:removeQuestions()"
+					   title="<fmt:message key="label.qb.collection.remove.questions.tooltip" />">
+						<fmt:message key="label.qb.collection.remove.questions" />&nbsp;<i class="fa fa-trash"></i>
+					</a>
+				</c:if>
 
 					<%-- Do not display button for public and private collections --%>
 				<c:if test="${not empty collection.userId and not collection.personal}">
@@ -664,5 +663,12 @@
 		<!-- Dummy div for question save to work properly -->
 		<div id="itemArea" class="hidden"></div>
 	</lams:Page>
+
+	<form id="print-questions-form" class="hidden" type="post" target="_blank"
+		  action="<c:url value="/qb/printQbCollectionQuestions.do"/>">
+		<input type="hidden" name="collectionUid" value="${collection.uid}"/>
+		<input type="hidden" name="qbQuestionUids" />
+		<input type="hidden" name="<csrf:tokenname/>" value="<csrf:tokenvalue/>" />
+	</form>
 	</body>
 </lams:html>
\ No newline at end of file