Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserManageAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserManageAction.java,v
diff -u -r1.6 -r1.7
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserManageAction.java	28 Jun 2006 23:43:46 -0000	1.6
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserManageAction.java	30 Jun 2006 06:35:58 -0000	1.7
@@ -40,6 +40,7 @@
 import org.apache.struts.action.ActionMessage;
 import org.apache.struts.action.ActionMessages;
 import org.lamsfoundation.lams.usermanagement.Organisation;
+import org.lamsfoundation.lams.usermanagement.Role;
 import org.lamsfoundation.lams.usermanagement.User;
 import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
 import org.lamsfoundation.lams.util.WebUtil;
@@ -87,11 +88,8 @@
 			saveErrors(request,errors);
 			return mapping.findForward("error");
 		}
-		log.debug("userlist orgId: "+orgId);
+		log.debug("orgId: "+orgId);
 		
-		// check user permission
-		//String username = request.getRemoteUser();
-		
 		// get org name
 		Organisation organisation = (Organisation)service.findById(Organisation.class,orgId);
 		if(organisation==null) {
@@ -100,8 +98,20 @@
 			return mapping.findForward("error");
 		}
 		String orgName = organisation.getName();
-		log.debug("userlist orgName: "+orgName);
+		log.debug("orgName: "+orgName);
 		
+		Integer userId = service.getUserByLogin(request.getRemoteUser()).getUserId();
+        // check permission
+		if(request.isUserInRole(Role.SYSADMIN)){
+			request.setAttribute("canAdd",true);
+		}else if(!service.isUserInRole(userId,orgId,Role.COURSE_ADMIN)){
+			errors.add("authorisation",new ActionMessage("error.authorisation"));
+			saveErrors(request,errors);
+			return mapping.findForward("error");
+		}else{
+			request.setAttribute("canAdd",organisation.getCourseAdminCanAddNewUsers());
+		}
+		
 		// get list of users in org
 		List<User> users = service.getUsersFromOrganisation(orgId);
 		if(users==null){
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserOrgAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserOrgAction.java,v
diff -u -r1.3 -r1.4
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserOrgAction.java	29 Jun 2006 23:49:11 -0000	1.3
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserOrgAction.java	30 Jun 2006 06:35:58 -0000	1.4
@@ -99,28 +99,23 @@
 		}
 		Integer orgType = organisation.getOrganisationType().getOrganisationTypeId();
 		request.setAttribute("orgType",orgType);
-		
-		// check user permission
-		//String username = request.getRemoteUser();
-		
+				
 		// get list of users in org
+		User user = (User)service.getUserByLogin(request.getRemoteUser());
 		List<User> users = new ArrayList<User>();
 		if(request.isUserInRole(Role.SYSADMIN)){
 			users = service.findAll(User.class);
-		}else if(request.isUserInRole(Role.COURSE_ADMIN)){
-			if(true){  // org allows admin to add users
-				if(true){  // org allows admin to browse all users
+		}else if(service.isUserInRole(user.getUserId(),orgId,Role.COURSE_ADMIN)){
+			if(organisation.getCourseAdminCanAddNewUsers()){
+				if(organisation.getCourseAdminCanBrowseAllUsers()){
 					users = service.findAll(User.class);
 				}else if(orgType.equals(new Integer(OrganisationType.CLASS_TYPE))){
 					users = service.getUsersFromOrganisation(parentOrg.getOrganisationId());
 				}else if(orgType.equals(new Integer(OrganisationType.COURSE_TYPE))){
 					users = service.getUsersFromOrganisation(orgId);
-					/*errors.add("permission",new ActionMessage("error.need.browse.permission"));
-					saveErrors(request,errors);
-					return mapping.findForward("userorg");*/
 				}
 			}else{
-				errors.add("permission",new ActionMessage("error.need.add.permission"));
+				errors.add("authorisation",new ActionMessage("error.authorisation"));
 				saveErrors(request,errors);
 				return mapping.findForward("error");
 			}
Index: lams_admin/web/userlist.jsp
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/web/userlist.jsp,v
diff -u -r1.7 -r1.8
--- lams_admin/web/userlist.jsp	28 Jun 2006 08:11:21 -0000	1.7
+++ lams_admin/web/userlist.jsp	30 Jun 2006 06:35:58 -0000	1.8
@@ -15,10 +15,12 @@
   <fmt:message key="admin.user.manage" />
 </h2>
 <p align="right">
-<input type="button" value='<fmt:message key="admin.user.create"/>' onclick=javascript:document.location='user.do?method=edit&orgId=1' />
-<logic:notEqual name="UserManageForm" property="orgId" value="1">
-  <input type="button" value='<fmt:message key="admin.user.add"/>' onclick=javascript:document.location='userorg.do?orgId=<bean:write name="UserManageForm" property="orgId"/>' /></p>
-</logic:notEqual>
+  <logic:equal name="canAdd" value="true">
+    <input type="button" value='<fmt:message key="admin.user.create"/>' onclick=javascript:document.location='user.do?method=edit&orgId=<bean:write name="UserManageForm" property="orgId"/>' />
+    <logic:notEqual name="UserManageForm" property="orgId" value="1">
+      <input type="button" value='<fmt:message key="admin.user.add"/>' onclick=javascript:document.location='userorg.do?orgId=<bean:write name="UserManageForm" property="orgId"/>' /></p>
+    </logic:notEqual>
+  </logic:equal>
 <table class="alternative-color" width=100%>
 <tr>
 	<th></th>