Index: lams_common/src/java/org/lamsfoundation/lams/security/SecurityService.java
===================================================================
diff -u -r29a37489a63e5a95f42a5ef5fd8a7daeb65c53c5 -rebebf9adb849e783bc45d44a0a47bdc56006cc73
--- lams_common/src/java/org/lamsfoundation/lams/security/SecurityService.java	(.../SecurityService.java)	(revision 29a37489a63e5a95f42a5ef5fd8a7daeb65c53c5)
+++ lams_common/src/java/org/lamsfoundation/lams/security/SecurityService.java	(.../SecurityService.java)	(revision ebebf9adb849e783bc45d44a0a47bdc56006cc73)
@@ -44,7 +44,6 @@
     private static Logger log = Logger.getLogger(SecurityService.class);
 
     private static final String[] GROUP_MONITOR_ROLES = new String[] { Role.GROUP_MANAGER, Role.MONITOR };
-    private static final String[] EMPTY_STRING_ARRAY = new String[0];
 
     private ISecurityDAO securityDAO;
     private ILogEventService logEventService;
@@ -342,15 +341,15 @@
 	    }
 
 	    // check for super roles in the parent organisations
-	    List<String> roleList = new ArrayList<String>(Arrays.asList(roles));
-	    if (!roleList.contains(Role.GROUP_MANAGER)) {
+	    List<String> roleList = new ArrayList<>(Arrays.asList(roles));
+	    if (roleList.contains(Role.GROUP_MANAGER)) {
 		Organisation organisation = (Organisation) securityDAO.find(Organisation.class, orgId);
 		if (OrganisationType.CLASS_TYPE.equals(organisation.getOrganisationType().getOrganisationTypeId())) {
 		    organisation = organisation.getParentOrganisation();
 		}
 
 		if (securityDAO.hasOrgRole(organisation.getOrganisationId(), userId,
-			roleList.toArray(SecurityService.EMPTY_STRING_ARRAY))) {
+			new String[] { Role.GROUP_MANAGER })) {
 		    return true;
 		}
 	    }
Index: lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/web/controller/GradebookMonitoringController.java
===================================================================
diff -u -r29a37489a63e5a95f42a5ef5fd8a7daeb65c53c5 -rebebf9adb849e783bc45d44a0a47bdc56006cc73
--- lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/web/controller/GradebookMonitoringController.java	(.../GradebookMonitoringController.java)	(revision 29a37489a63e5a95f42a5ef5fd8a7daeb65c53c5)
+++ lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/web/controller/GradebookMonitoringController.java	(.../GradebookMonitoringController.java)	(revision ebebf9adb849e783bc45d44a0a47bdc56006cc73)
@@ -138,7 +138,8 @@
 	    }
 	    if (!securityService.hasOrgRole(organisationID, user.getUserID(), new String[] { Role.GROUP_MANAGER },
 		    "get course gradebook page", false)) {
-		response.sendError(HttpServletResponse.SC_FORBIDDEN, "User is not a monitor in the organisation");
+		response.sendError(HttpServletResponse.SC_FORBIDDEN,
+			"User is not a course manager in the organisation");
 		return null;
 	    }