Index: lams_central/src/java/org/lamsfoundation/lams/web/planner/PedagogicalPlannerAction.java
===================================================================
diff -u -r161f204afffd06f77a17fa45ce069d7eae00f04e -re6d81fcf6b1b324494762b681d8287bf00a07b7e
--- lams_central/src/java/org/lamsfoundation/lams/web/planner/PedagogicalPlannerAction.java	(.../PedagogicalPlannerAction.java)	(revision 161f204afffd06f77a17fa45ce069d7eae00f04e)
+++ lams_central/src/java/org/lamsfoundation/lams/web/planner/PedagogicalPlannerAction.java	(.../PedagogicalPlannerAction.java)	(revision e6d81fcf6b1b324494762b681d8287bf00a07b7e)
@@ -673,7 +673,7 @@
 			filteredNodes.add(subnode);
 		    }
 
-		    dto = new PedagogicalPlannerSequenceNodeDTO(node, filteredNodes);
+		    dto = new PedagogicalPlannerSequenceNodeDTO(node, filteredNodes, hasRole, getPedagogicalPlannerDAO());
 		    for (PedagogicalPlannerSequenceNodeDTO subnodeDTO : dto.getSubnodes()) {
 			List<String[]> titlePath = getPedagogicalPlannerDAO().getTitlePath(subnodeDTO.getUid());
 			subnodeDTO.setTitlePath(titlePath);
@@ -690,7 +690,7 @@
 
 	if (dto == null) {
 	    // No filtering or something went wrong in filtering
-	    dto = new PedagogicalPlannerSequenceNodeDTO(node, node.getSubnodes());
+	    dto = new PedagogicalPlannerSequenceNodeDTO(node, node.getSubnodes(), hasRole, getPedagogicalPlannerDAO());
 	    if (nodeUid == null) {
 		dto.setRecentlyModifiedNodes(getRecentlyModifiedLearnindDesignsAsNodes());
 	    }
@@ -924,14 +924,21 @@
      * @return
      * @throws IOException
      * @throws ServletException
+     * @throws UserAccessDeniedException
      */
     public ActionForward removeSequenceNode(ActionMapping mapping, ActionForm form, HttpServletRequest request,
-	    HttpServletResponse response) throws IOException, ServletException {
+	    HttpServletResponse response) throws IOException, ServletException, UserAccessDeniedException {
 	Long nodeUid = WebUtil.readLongParam(request, CentralConstants.PARAM_UID);
 	PedagogicalPlannerSequenceNode node = getPedagogicalPlannerDAO().getByUid(nodeUid);
 	Long parentUid = node.getParent() == null ? null : node.getParent().getUid();
-	PedagogicalPlannerAction.log.debug("Removing sequence node with UID" + nodeUid);
-	getPedagogicalPlannerDAO().removeNode(node);
+	
+	if (hasRole(request, nodeUid)) {
+	    PedagogicalPlannerAction.log.debug("Removing sequence node with UID" + nodeUid);
+	    getPedagogicalPlannerDAO().removeNode(node);
+	} else {
+	    log.debug("Unauthorised attempt to removeSequenceNode");
+	    throw new UserAccessDeniedException();
+	}
 	return openSequenceNode(mapping, form, request, parentUid);
     }
 
@@ -1619,7 +1626,7 @@
     public ActionForward addRemoveEditors(ActionMapping mapping, ActionForm form, HttpServletRequest request,
 	    HttpServletResponse response) throws Exception {
 	Long nodeUid = WebUtil.readLongParam(request, CentralConstants.PARAM_UID, true);
-	
+
 	if (hasRole(request, nodeUid)) {
 	    List existingUsers = getPedagogicalPlannerDAO().getNodeUsers(nodeUid, Role.ROLE_AUTHOR_ADMIN);
 
@@ -1639,6 +1646,7 @@
 		    continue;
 		}
 		potentialUsers.add(u);
+		// TODO filter nodeEditor of parent node
 	    }
 
 	    request.setAttribute("existingUsers", existingUsers);
@@ -1683,9 +1691,23 @@
 
     // only these roles can edit nodes and give this role on this node to others
     private Boolean hasRole(HttpServletRequest request, Long nodeUid) {
+	if (request.isUserInRole(Role.SYSADMIN)) {
+	    // sysadmins have all permission
+	    return true;
+	} else {
+	    if (nodeUid == null) {
+		// all global author admins (GAA) can create and edit at the root level
+		return getUserManagementService().isUserGlobalAuthorAdmin();
+	    } else {
+		// at any other node, a GAA needs to be linked to that node or one of its parents
+		return isNodeEditor(request, nodeUid);
+	    }
+	}
+    }
+    
+    private Boolean isNodeEditor(HttpServletRequest request, Long nodeUid) {
 	User user = (User) getUserManagementService().getUserByLogin(request.getRemoteUser());
-	return request.isUserInRole(Role.SYSADMIN) 
-		|| getPedagogicalPlannerDAO().isEditor(user.getUserId(), nodeUid, Role.ROLE_AUTHOR_ADMIN);
+	return getPedagogicalPlannerDAO().isEditor(user.getUserId(), nodeUid, Role.ROLE_AUTHOR_ADMIN);
     }
     
     private IExportToolContentService getExportService() {
Index: lams_common/src/java/org/lamsfoundation/lams/planner/dto/PedagogicalPlannerSequenceNodeDTO.java
===================================================================
diff -u -r3a1ae19ae51ede32cec920fc9bb07f6787f562ff -re6d81fcf6b1b324494762b681d8287bf00a07b7e
--- lams_common/src/java/org/lamsfoundation/lams/planner/dto/PedagogicalPlannerSequenceNodeDTO.java	(.../PedagogicalPlannerSequenceNodeDTO.java)	(revision 3a1ae19ae51ede32cec920fc9bb07f6787f562ff)
+++ lams_common/src/java/org/lamsfoundation/lams/planner/dto/PedagogicalPlannerSequenceNodeDTO.java	(.../PedagogicalPlannerSequenceNodeDTO.java)	(revision e6d81fcf6b1b324494762b681d8287bf00a07b7e)
@@ -27,8 +27,15 @@
 import java.util.List;
 import java.util.Set;
 
+import javax.servlet.http.HttpSession;
+
 import org.apache.commons.lang.StringUtils;
 import org.lamsfoundation.lams.planner.PedagogicalPlannerSequenceNode;
+import org.lamsfoundation.lams.planner.dao.PedagogicalPlannerDAO;
+import org.lamsfoundation.lams.usermanagement.Role;
+import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
+import org.lamsfoundation.lams.web.session.SessionManager;
+import org.lamsfoundation.lams.web.util.AttributeNames;
 
 public class PedagogicalPlannerSequenceNodeDTO {
     private Long uid;
@@ -50,14 +57,16 @@
     private Boolean importNode = false;
     // for the list on the main screen
     private List<PedagogicalPlannerSequenceNodeDTO> recentlyModifiedNodes;
+    // for the 1st level nodes on the main screen
+    private Boolean displayAddRemoveEditorsLink = true;
 
     private static final String FULL_DESCRIPTION_NOT_EMPTY = "FULL";
 
     public PedagogicalPlannerSequenceNodeDTO() {
     }
-
+    
     public PedagogicalPlannerSequenceNodeDTO(PedagogicalPlannerSequenceNode node,
-	    Set<PedagogicalPlannerSequenceNode> subnodes) {
+	    Set<PedagogicalPlannerSequenceNode> subnodes, Boolean displayAddRemoveEditorsLink, PedagogicalPlannerDAO dao) {
 	uid = node.getUid();
 	title = node.getTitle();
 	briefDescription = node.getBriefDescription();
@@ -66,9 +75,13 @@
 	locked = node.getLocked();
 	if (node.getParent() != null) {
 	    parentUid = node.getParent().getUid();
+	} else {
+	    this.displayAddRemoveEditorsLink = displayAddRemoveEditorsLink;
 	}
 	this.subnodes = new LinkedList<PedagogicalPlannerSequenceNodeDTO>();
 	if (subnodes != null) {
+	    HttpSession s = SessionManager.getSession();
+	    UserDTO u = (UserDTO) s.getAttribute(AttributeNames.USER);
 	    for (PedagogicalPlannerSequenceNode subnode : subnodes) {
 		PedagogicalPlannerSequenceNodeDTO subnodeDTO = new PedagogicalPlannerSequenceNodeDTO();
 		subnodeDTO.setTitle(subnode.getTitle());
@@ -79,6 +92,9 @@
 		subnodeDTO.setLocked(subnode.getLocked());
 		subnodeDTO.setFileName(subnode.getFileName());
 		subnodeDTO.setUid(subnode.getUid());
+		if (u != null) {
+		    subnodeDTO.setDisplayAddRemoveEditorsLink(dao.isEditor(u.getUserID(), subnode.getUid(), Role.ROLE_AUTHOR_ADMIN));
+		}
 		this.subnodes.add(subnodeDTO);
 	    }
 	}
@@ -203,4 +219,12 @@
     public void setRecentlyModifiedNodes(List<PedagogicalPlannerSequenceNodeDTO> recentlyModifiedNodes) {
 	this.recentlyModifiedNodes = recentlyModifiedNodes;
     }
+
+    public Boolean getDisplayAddRemoveEditorsLink() {
+        return displayAddRemoveEditorsLink;
+    }
+
+    public void setDisplayAddRemoveEditorsLink(Boolean displayAddRemoveEditorsLink) {
+        this.displayAddRemoveEditorsLink = displayAddRemoveEditorsLink;
+    }
 }
\ No newline at end of file