Index: lams_central/src/java/org/lamsfoundation/lams/web/DisplayGroupAction.java
===================================================================
diff -u -rdcf01dfa4123ad75233aabacb24e11807f2adbf5 -re99f2a23689fd7b7311fedb74b6d2c475d402cc4
--- lams_central/src/java/org/lamsfoundation/lams/web/DisplayGroupAction.java	(.../DisplayGroupAction.java)	(revision dcf01dfa4123ad75233aabacb24e11807f2adbf5)
+++ lams_central/src/java/org/lamsfoundation/lams/web/DisplayGroupAction.java	(.../DisplayGroupAction.java)	(revision e99f2a23689fd7b7311fedb74b6d2c475d402cc4)
@@ -92,11 +92,9 @@
 				Integer roleId = userOrganisationRole.getRole().getRoleId();
 				roles.add(roleId);
 				if (roleId.equals(Role.ROLE_GROUP_MANAGER) || roleId.equals(Role.ROLE_MONITOR)) {
-					log.debug("found roleId: "+roleId);
 					allowSorting = true;
 				}
 			}
-			log.debug("orgId: "+org.getOrganisationId()+" allowSorting: "+allowSorting);
 			IndexOrgBean iob = createOrgBean(org, roles, request.getRemoteUser(), request.isUserInRole(Role.SYSADMIN));
 			request.setAttribute("orgBean", iob);
 			request.setAttribute("allowSorting", allowSorting);
Index: lams_central/src/java/org/lamsfoundation/lams/web/LessonOrderServlet.java
===================================================================
diff -u -rb090a6262d9b6112946ecf59cbc9b13de7a1caad -re99f2a23689fd7b7311fedb74b6d2c475d402cc4
--- lams_central/src/java/org/lamsfoundation/lams/web/LessonOrderServlet.java	(.../LessonOrderServlet.java)	(revision b090a6262d9b6112946ecf59cbc9b13de7a1caad)
+++ lams_central/src/java/org/lamsfoundation/lams/web/LessonOrderServlet.java	(.../LessonOrderServlet.java)	(revision e99f2a23689fd7b7311fedb74b6d2c475d402cc4)
@@ -26,6 +26,7 @@
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Iterator;
 import java.util.List;
 
 import javax.servlet.ServletException;
@@ -34,7 +35,10 @@
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.log4j.Logger;
+import org.lamsfoundation.lams.lesson.Lesson;
 import org.lamsfoundation.lams.usermanagement.Organisation;
+import org.lamsfoundation.lams.usermanagement.Role;
+import org.lamsfoundation.lams.usermanagement.UserOrganisationRole;
 import org.lamsfoundation.lams.usermanagement.service.UserManagementService;
 import org.lamsfoundation.lams.util.WebUtil;
 import org.lamsfoundation.lams.web.util.HttpSessionManager;
@@ -67,7 +71,40 @@
 		if (orgId != null && ids != null) {
 			Organisation org = (Organisation)service.findById(Organisation.class, orgId);
 						
-			if (org != null) {					
+			if (org != null) {
+				// make sure user has permission to sort org lessons
+				boolean allowSorting = false;
+				List<Integer> roles = new ArrayList<Integer>();
+				List<UserOrganisationRole> userOrganisationRoles = service.getUserOrganisationRoles(orgId,request.getRemoteUser());
+				for(UserOrganisationRole userOrganisationRole:userOrganisationRoles){
+					Integer roleId = userOrganisationRole.getRole().getRoleId();
+					roles.add(roleId);
+					if (roleId.equals(Role.ROLE_GROUP_MANAGER) || roleId.equals(Role.ROLE_MONITOR)) {
+						allowSorting = true;
+					}
+				}
+				if (!allowSorting) {
+					log.warn("User " + request.getRemoteUser() + " tried to sort lessons in orgId " + orgId);
+					response.sendError(HttpServletResponse.SC_FORBIDDEN);
+					return;
+				}
+				
+				// make sure we record lesson ids that belong to this org
+				List<String> idList = Arrays.asList(ids.split(","));
+				List lessons = service.findByProperty(Lesson.class, "organisation", org);
+				for (String id : idList) {
+					try {
+						Long l = new Long(Long.parseLong(id));
+						if (!contains(lessons, l)) {
+							log.warn("Lesson with id " + l + " doesn't belong in org with id " + orgId);
+							response.sendError(HttpServletResponse.SC_FORBIDDEN);
+							return;
+						}
+					} catch(NumberFormatException e) {
+						continue;
+					}
+				}
+				
 				String oldIds = org.getOrderedLessonIds();
 				String updatedIds = mergeLessonIds((oldIds!=null ? oldIds : ""), ids);
 				org.setOrderedLessonIds(updatedIds);
@@ -77,6 +114,17 @@
 		
 	}
 	
+	private boolean contains(List lessons, Long id) {
+		if (lessons != null) {
+			Iterator it = lessons.iterator();
+			while (it.hasNext()) {
+				Lesson lesson = (Lesson)it.next();
+				if (lesson.getLessonId().equals(id)) return true;
+			}
+		}
+		return false;
+	}
+	
 	// take the updated list and insert elements of the old list that don't exist in it;
 	private String mergeLessonIds(String old, String updated) {
 		List<String> oldIds = Arrays.asList(old.split(","));
Index: lams_central/web/css/defaultHTML.css
===================================================================
diff -u -ra40b65249c5db04eb51f42fa87d28542a6273ffc -re99f2a23689fd7b7311fedb74b6d2c475d402cc4
--- lams_central/web/css/defaultHTML.css	(.../defaultHTML.css)	(revision a40b65249c5db04eb51f42fa87d28542a6273ffc)
+++ lams_central/web/css/defaultHTML.css	(.../defaultHTML.css)	(revision e99f2a23689fd7b7311fedb74b6d2c475d402cc4)
@@ -1121,12 +1121,12 @@
 
 .sequence-description-tooltip {
 	border: 1px solid #d2d2d2;
-	background-color: #85aacd;
+	background-color: #ffffff;
 	padding: 4px;
-	color: #ccc;
+	color: #000000;
 	font-family: Arial, Helvetica, sans-serif;
 	font-size: 12px;
-	width: 150px;
+	width: 250px;
 }
 .sequence-description-tooltip #tooltipURL {
 	display: none;
Index: lams_central/web/css/defaultHTML_rtl.css
===================================================================
diff -u -ra40b65249c5db04eb51f42fa87d28542a6273ffc -re99f2a23689fd7b7311fedb74b6d2c475d402cc4
--- lams_central/web/css/defaultHTML_rtl.css	(.../defaultHTML_rtl.css)	(revision a40b65249c5db04eb51f42fa87d28542a6273ffc)
+++ lams_central/web/css/defaultHTML_rtl.css	(.../defaultHTML_rtl.css)	(revision e99f2a23689fd7b7311fedb74b6d2c475d402cc4)
@@ -1141,12 +1141,12 @@
 
 .sequence-description-tooltip {
 	border: 1px solid #d2d2d2;
-	background-color: #85aacd;
+	background-color: #ffffff;
 	padding: 4px;
-	color: #ccc;
+	color: #000000;
 	font-family: Arial, Helvetica, sans-serif;
 	font-size: 12px;
-	width: 150px;
+	width: 250px;
 }
 .sequence-description-tooltip #tooltipURL {
 	display: none;
Index: lams_central/web/group.jsp
===================================================================
diff -u -ra40b65249c5db04eb51f42fa87d28542a6273ffc -re99f2a23689fd7b7311fedb74b6d2c475d402cc4
--- lams_central/web/group.jsp	(.../group.jsp)	(revision a40b65249c5db04eb51f42fa87d28542a6273ffc)
+++ lams_central/web/group.jsp	(.../group.jsp)	(revision e99f2a23689fd7b7311fedb74b6d2c475d402cc4)
@@ -24,7 +24,7 @@
 		<div class="j-course-contents">
 		
 		<div class="sequence-name">
-			<div id="<c:out value="${orgBean.id}"/>" class="j-lessons"><c:forEach var="lesson" items="${orgBean.lessons}">
+			<div id="<c:out value="${orgBean.id}"/>-lessons" class="j-lessons"><c:forEach var="lesson" items="${orgBean.lessons}">
 				<p id="<c:out value="${lesson.id}"/>" class="j-single-lesson">
 					<c:if test="${empty lesson.url}">
 						<a title="<c:out value="${lesson.description}"/>" class="disabled-sequence-name-link"> <c:out value="${lesson.name}" /></a> 
@@ -42,7 +42,7 @@
 						</a>
 					</c:forEach>
 				</p>
-			</c:forEach><p class="j-single-lesson"></p></div>
+			</c:forEach></div>
 		</div>
 		
 		<c:forEach var="childOrg" items="${orgBean.childIndexOrgBeans}">
@@ -62,8 +62,8 @@
 			</p>
 			
 			<div class="sequence-name">
-				<div id="<c:out value="${childOrg.id}"/>" class="j-lessons"><c:forEach var="childLesson" items="${childOrg.lessons}">
-					<p id="<c:out value="${childLesson.id}"/>" class="j-single-lesson">
+				<div id="<c:out value="${childOrg.id}"/>" class="j-subgroup-lessons"><c:forEach var="childLesson" items="${childOrg.lessons}">
+					<p id="<c:out value="${childLesson.id}"/>" class="j-single-subgroup-lesson">
 						<c:if test="${empty childLesson.url}">
 							<a title="<c:out value="${childLesson.description}"/>" class="disabled-sequence-name-link"> <c:out value="${childLesson.name}" /></a>
 							<c:if test="${childLesson.state eq 4}">&nbsp;(<fmt:message key="label.disabled"/>)</c:if>
@@ -83,17 +83,19 @@
 				</c:forEach></div>
 			</div>
 		</div>
-		<script language="javascript" type="text/javascript">
-			makeSortable(jQuery("#<c:out value="${childOrg.id}"/>"));
-		</script>
 		</c:forEach>
 		
 		</div>
 	</div>
+	 
 	<c:if test="${allowSorting}">
 	<script language="javascript" type="text/javascript">
-		makeSortable(jQuery("#<c:out value="${orgBean.id}"/>"));
+		makeSortable(jQuery("div#<c:out value="${orgBean.id}"/>-lessons"), "j-single-lesson");
+		<c:forEach items="${orgBean.childIndexOrgBeans}" var="childOrg">
+		makeSortable(jQuery("div#<c:out value="${childOrg.id}"/>"), "j-single-subgroup-lesson");
+		</c:forEach>
 	</script>
 	</c:if>
+	
 </c:if>
 
Index: lams_central/web/main.jsp
===================================================================
diff -u -ra40b65249c5db04eb51f42fa87d28542a6273ffc -re99f2a23689fd7b7311fedb74b6d2c475d402cc4
--- lams_central/web/main.jsp	(.../main.jsp)	(revision a40b65249c5db04eb51f42fa87d28542a6273ffc)
+++ lams_central/web/main.jsp	(.../main.jsp)	(revision e99f2a23689fd7b7311fedb74b6d2c475d402cc4)
@@ -39,34 +39,52 @@
 						jQuery(this).load("displayGroup.do", {stateId: 1, orgId: this.id}, function() {
 							jQuery("a.disabled-sequence-name-link, a.sequence-name-link", this).ToolTip({
 								className: 'sequence-description-tooltip',
-								position: 'mouse'
+								position: 'mouse',
+								delay: 300
 							});
+							jQuery("a.disabled-sequence-name-link, a.sequence-name-link", this).each(function(i, element) {
+								var title = jQuery(element).attr("title");
+								if (title!=null) {
+									var newTitle = title.replace(/\r\n/g,"<BR>").replace(/\n/g,"<BR>")
+									jQuery(element).attr("title", newTitle);
+								}
+							});
 						});
 					});
 					jQuery("body").click(function(event) {
 						if (jQuery(event.target).is("a.j-group-header")){
-							jQuery(event.target).parent("h2").parent("div.left-buttons").parent("div.row").next("div.j-course-contents").toggle("fast");
+							var course = jQuery(event.target).parent("h2").parent("div.left-buttons").parent("div.row").next("div.j-course-contents");
+							if (jQuery.browser.msie) {
+								if (jQuery.browser.version == '6.0') {
+									course.slideToggle("fast");
+								}
+							} else {
+								course.toggle("fast");
+							}
 							return false;
 						}
 					});
 				});
 				
-				function makeSortable(element) {
+				function makeSortable(element, acceptClass) {
 					jQuery(element).Sortable({
-						accept: "j-single-lesson",
+						accept: acceptClass,
 						axis: "vertically",
 						containment: [jQuery(element).offset().left,
 							jQuery(element).offset().top,
 							jQuery(element).width(),
 							jQuery(element).height()],
-						onStop: function s() {
+						onStop: function() {
 							var ids = [];
 							jQuery(this).parent().children("p").each(function(i, element) {
 								ids.push(element.id);
 							});
+							var jLessonsId = jQuery(this).parent().attr("id");
+							var dashIndex = jLessonsId.indexOf("-");
+							var orgId = (dashIndex>0 ? jLessonsId.substring(0, dashIndex) : jLessonsId);
 							$.ajax({
 								url: "servlet/saveLessonOrder",
-								data: {orgId: jQuery(this).parent().attr("id"), 
+								data: {orgId: orgId, 
 									ids: ids.join(",")
 								},
 								error: function(a,b) {