Index: lams_admin/conf/xdoclet/struts-forms.xml
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/conf/xdoclet/struts-forms.xml,v
diff -u -r1.16 -r1.17
--- lams_admin/conf/xdoclet/struts-forms.xml	24 Aug 2006 01:54:01 -0000	1.16
+++ lams_admin/conf/xdoclet/struts-forms.xml	13 Sep 2006 06:08:22 -0000	1.17
@@ -13,6 +13,12 @@
 	<form-property name="courseAdminCanChangeStatusOfCourse" type="java.lang.Boolean" initial="false"/>
 </form-bean>
 
+<form-bean name="UserRolesForm" type="org.apache.struts.action.DynaActionForm">
+    <form-property name="orgId" type="java.lang.Integer" />
+	<form-property name="userId" type="java.lang.Integer" />
+    <form-property name="roles" type="java.lang.String[]" />
+</form-bean>
+
 <form-bean name="UserForm" type="org.apache.struts.action.DynaActionForm">
     <form-property name="orgId" type="java.lang.Integer" />
 	<form-property name="userId" type="java.lang.Integer" />
@@ -35,7 +41,6 @@
 	<form-property name="fax" type="java.lang.String" />
 	<form-property name="email" type="java.lang.String" />
 	<form-property name="localeId" type="java.lang.Byte" />
-    <form-property name="roles" type="java.lang.String[]" />
 </form-bean>
 
 <form-bean name="UserOrgForm" type="org.apache.struts.action.DynaActionForm">
@@ -45,10 +50,10 @@
 </form-bean>
 
 <form-bean name="UserSearchForm" type="org.apache.struts.action.DynaActionForm">
-	<form-property name="userId" type="java.lang.String" />
-    <form-property name="login" type="java.lang.String" />
-    <form-property name="firstName" type="java.lang.String" />
-    <form-property name="lastName" type="java.lang.String" />
+	<form-property name="sUserId" type="java.lang.String" />
+    <form-property name="sLogin" type="java.lang.String" />
+    <form-property name="sFirstName" type="java.lang.String" />
+    <form-property name="sLastName" type="java.lang.String" />
     <form-property name="searched" type="java.lang.Boolean" initial="false" />
 </form-bean>
 
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserAction.java,v
diff -u -r1.32 -r1.33
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserAction.java	7 Sep 2006 05:56:02 -0000	1.32
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserAction.java	13 Sep 2006 06:08:22 -0000	1.33
@@ -24,9 +24,7 @@
 /* $Id$ */
 package org.lamsfoundation.lams.admin.web;
 
-import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Iterator;
 import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
@@ -37,17 +35,13 @@
 import org.apache.struts.action.ActionForm;
 import org.apache.struts.action.ActionForward;
 import org.apache.struts.action.ActionMapping;
-import org.apache.struts.action.ActionMessage;
-import org.apache.struts.action.ActionMessages;
 import org.apache.struts.action.DynaActionForm;
 import org.lamsfoundation.lams.admin.AdminConstants;
 import org.lamsfoundation.lams.usermanagement.Organisation;
 import org.lamsfoundation.lams.usermanagement.OrganisationType;
 import org.lamsfoundation.lams.usermanagement.Role;
 import org.lamsfoundation.lams.usermanagement.SupportedLocale;
 import org.lamsfoundation.lams.usermanagement.User;
-import org.lamsfoundation.lams.usermanagement.UserOrganisation;
-import org.lamsfoundation.lams.usermanagement.UserOrganisationRole;
 import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
 import org.lamsfoundation.lams.util.Configuration;
 import org.lamsfoundation.lams.util.ConfigurationKeys;
@@ -75,87 +69,66 @@
  * @struts:action-forward name="userlist" path="/usermanage.do"
  * @struts:action-forward name="remove" path=".remove"
  * @struts:action-forward name="disabledlist" path="/disabledmanage.do"
+ * @struts:action-forward name="usersearch" path="/usersearch.do"
  */
 public class UserAction extends LamsDispatchAction {
 
 	private static Logger log = Logger.getLogger(UserAction.class);
 	private static IUserManagementService service;
 	private static MessageService messageService;
 	private static IAuditService auditService;
-	private static List<Role> rolelist;
 	private static List<SupportedLocale> locales;
 	
 	public ActionForward edit(ActionMapping mapping,
             ActionForm form,
             HttpServletRequest request,
             HttpServletResponse response) throws Exception {
-		// retain orgId to return to userlist
-		Integer orgId = WebUtil.readIntParam(request,"orgId");
-		Organisation org = (Organisation)getService().findById(Organisation.class,orgId);
-		OrganisationType orgType = org.getOrganisationType();
-		Boolean isSysadmin = request.isUserInRole(Role.SYSADMIN);
-		User requestor = (User)getService().getUserByLogin(request.getRemoteUser());
-		Boolean hasRole = getService().isUserInRole(requestor.getUserId(), orgId, Role.COURSE_ADMIN)
-							|| getService().isUserInRole(requestor.getUserId(), orgId, Role.COURSE_MANAGER);
-		Boolean canEdit = org.getCourseAdminCanAddNewUsers() && hasRole;
 		
-		ActionMessages errors = new ActionMessages();
+		DynaActionForm userForm = (DynaActionForm)form;
+		Integer orgId = WebUtil.readIntParam(request,"orgId",true);
+		Integer userId = WebUtil.readIntParam(request,"userId",true);
 		
-		request.setAttribute("rolelist",filterRoles(rolelist,isSysadmin, orgType));
-		// set canEdit for whether user should be able to edit anything other than roles
-		request.setAttribute("canEdit",isSysadmin || canEdit);
-		request.setAttribute("locales",locales);
+		// test requestor's permission
+		Organisation org = null;
+		Boolean requestorHasRole = false;
+		if (orgId!=null) {
+			org = (Organisation)getService().findById(Organisation.class,orgId);
+			OrganisationType orgType = org.getOrganisationType();
+			Integer orgIdOfCourse = (orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE)) 
+				? org.getParentOrganisation().getOrganisationId() : orgId;
+			User requestor = (User)getService().getUserByLogin(request.getRemoteUser());
+			requestorHasRole = getService().isUserInRole(requestor.getUserId(), orgIdOfCourse, Role.COURSE_ADMIN)
+				|| getService().isUserInRole(requestor.getUserId(), orgIdOfCourse, Role.COURSE_MANAGER);
+		}
+		Boolean isSysadmin = request.isUserInRole(Role.SYSADMIN);
+		
+		if (!(requestorHasRole || isSysadmin)) {
+			request.setAttribute("errorName", "UserAction");
+			request.setAttribute("errorMessage", getMessageService().getMessage("error.authorisation"));
+			return mapping.findForward("error");
+		}
 
 		// editing a user
-		Integer userId = WebUtil.readIntParam(request,"userId",true);
-		DynaActionForm userForm = (DynaActionForm)form;
-		if(userId != null) {
+		if (userId!=null) {
+			User user = (User)getService().findById(User.class, userId);
 			log.debug("got userid to edit: "+userId);
-			User user = (User)getService().findById(User.class,userId);
 			BeanUtils.copyProperties(userForm, user);
-			userForm.set("password",null);
-			
-			String[] roles = null;
-		    UserOrganisation uo = getService().getUserOrganisation(userId, orgId);
-		    if (uo != null) {
-		    	Iterator iter2 = uo.getUserOrganisationRoles().iterator();
-		    	roles = new String[uo.getUserOrganisationRoles().size()];
-		    	int i=0;
-		    	while(iter2.hasNext()){
-		    		UserOrganisationRole uor = (UserOrganisationRole)iter2.next();
-		    		roles[i]=uor.getRole().getRoleId().toString();
-		    		log.debug("got roleid: "+roles[i]);
-		    		i++;
-		    	}
-		    } else {
-		    	errors.add("roles", new ActionMessage("error.not.member"));
-		    	saveErrors(request,errors);
-		    }
-	        userForm.set("roles",roles);
+			userForm.set("password", null);
 	        SupportedLocale locale = user.getLocale();
-			userForm.set("localeId",locale.getLocaleId());
-			
-		}else{
-			String[] roles = new String[0];
-			userForm.set("roles",roles);
-			try{
+			userForm.set("localeId", locale.getLocaleId());
+		} else {  // create a user
+			try {
 				String defaultLocale = Configuration.get(ConfigurationKeys.SERVER_LANGUAGE);
-				log.debug("defaultLocale: "+defaultLocale);
+				log.debug("using defaultLocale: "+defaultLocale);
 				SupportedLocale locale = getService().getSupportedLocale(defaultLocale.substring(0,2),defaultLocale.substring(3));
-				userForm.set("localeId",locale.getLocaleId());
-			}catch(Exception e){
+				userForm.set("localeId", locale.getLocaleId());
+			} catch(Exception e) {
                 log.debug(e);				
 			}
 		}
-		userForm.set("orgId", org.getOrganisationId());
+		userForm.set("orgId", (org==null ? null : org.getOrganisationId()));
+		request.setAttribute("locales",locales);
 
-		Organisation parentOrg = org.getParentOrganisation();
-		if(parentOrg!=null){
-			request.setAttribute("pOrgId",parentOrg.getOrganisationId());
-			request.setAttribute("pOrgName", parentOrg.getName());
-		}
-		request.setAttribute("orgName",org.getName());
-		request.setAttribute("orgType",orgType.getOrganisationTypeId());
 		return mapping.findForward("user");
 	}
 	
@@ -171,8 +144,8 @@
 			return mapping.findForward("error");
 		}
 		
-		Integer orgId = WebUtil.readIntParam(request,"orgId");
-		Integer userId = WebUtil.readIntParam(request,"userId",true);
+		Integer orgId = WebUtil.readIntParam(request,"orgId",true);
+		Integer userId = WebUtil.readIntParam(request,"userId");
 		User user = (User)getService().findById(User.class,userId);
 		
 		Boolean hasData = getService().userHasData(user);
@@ -194,16 +167,20 @@
 			return mapping.findForward("error");
 		}
 		
-		Integer orgId = WebUtil.readIntParam(request,"orgId");
-		Integer userId = WebUtil.readIntParam(request,"userId",true);
+		Integer orgId = WebUtil.readIntParam(request,"orgId",true);
+		Integer userId = WebUtil.readIntParam(request,"userId");
 		getService().disableUser(userId);
 		String[] args = new String[1];
 		args[0] = userId.toString();
 		String message = getMessageService().getMessage("audit.user.disable", args);
 		getAuditService().log(AdminConstants.MODULE_NAME, message);
 		
-		request.setAttribute("org",orgId);
-		return mapping.findForward("userlist");
+		if (orgId==null || orgId==0) {
+			return mapping.findForward("usersearch");
+		} else {
+			request.setAttribute("org",orgId);
+			return mapping.findForward("userlist");
+		}
 	}
 	
 	public ActionForward delete(ActionMapping mapping,
@@ -217,8 +194,8 @@
 			return mapping.findForward("error");
 		}
 		
-		Integer orgId = WebUtil.readIntParam(request,"orgId");
-		Integer userId = WebUtil.readIntParam(request,"userId",true);
+		Integer orgId = WebUtil.readIntParam(request,"orgId",true);
+		Integer userId = WebUtil.readIntParam(request,"userId");
 		try {
 			getService().removeUser(userId);
 		} catch (Exception e) {
@@ -231,8 +208,12 @@
 		String message = getMessageService().getMessage("audit.user.delete", args);
 		getAuditService().log(AdminConstants.MODULE_NAME, message);
 		
-		request.setAttribute("org",orgId);
-		return mapping.findForward("userlist");
+		if (orgId==null || orgId==0) {
+			return mapping.findForward("usersearch");
+		} else {
+			request.setAttribute("org",orgId);
+			return mapping.findForward("userlist");
+		}
 	}
 	
 	// called from disabled users screen
@@ -257,32 +238,15 @@
 		return mapping.findForward("disabledlist");
 	}
 	
-	private List<Role> filterRoles(List<Role> rolelist, Boolean isSysadmin, OrganisationType orgType){
-		List<Role> allRoles = new ArrayList<Role>();
-		allRoles.addAll(rolelist);
-		Role role = new Role();
-		if(!isSysadmin) {
-			role.setRoleId(Role.ROLE_SYSADMIN);
-			allRoles.remove(role);
-		}
-		if(orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE)) {
-			role.setRoleId(Role.ROLE_COURSE_ADMIN);
-			allRoles.remove(role);
-			role.setRoleId(Role.ROLE_COURSE_MANAGER);
-			allRoles.remove(role);
-		}
-		return allRoles;
-	}
-	
 	@SuppressWarnings("unchecked")
 	private IUserManagementService getService(){
 		if(service==null){
 			WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
 			service = (IUserManagementService) ctx.getBean("userManagementServiceTarget");
 			locales = service.findAll(SupportedLocale.class);
 			Collections.sort(locales);
-			rolelist = service.findAll(Role.class);
-			Collections.sort(rolelist);
+			//rolelist = service.findAll(Role.class);
+			//Collections.sort(rolelist);
 		}
 		return service;
 	}
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserRolesAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserRolesAction.java,v
diff -u
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserRolesAction.java	13 Sep 2006 06:08:22 -0000	1.1
@@ -0,0 +1,179 @@
+/****************************************************************
+ * Copyright (C) 2005 LAMS Foundation (http://lamsfoundation.org)
+ * =============================================================
+ * License Information: http://lamsfoundation.org/licensing/lams/2.0/
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2.0
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
+ * USA
+ *
+ * http://www.gnu.org/licenses/gpl.txt
+ * ****************************************************************
+ */
+
+/* $Id: UserRolesAction.java,v 1.1 2006/09/13 06:08:22 jliew Exp $ */
+package org.lamsfoundation.lams.admin.web;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.apache.struts.action.Action;
+import org.apache.struts.action.ActionForm;
+import org.apache.struts.action.ActionForward;
+import org.apache.struts.action.ActionMapping;
+import org.apache.struts.action.ActionMessage;
+import org.apache.struts.action.ActionMessages;
+import org.apache.struts.action.DynaActionForm;
+import org.lamsfoundation.lams.usermanagement.Organisation;
+import org.lamsfoundation.lams.usermanagement.OrganisationType;
+import org.lamsfoundation.lams.usermanagement.Role;
+import org.lamsfoundation.lams.usermanagement.User;
+import org.lamsfoundation.lams.usermanagement.UserOrganisation;
+import org.lamsfoundation.lams.usermanagement.UserOrganisationRole;
+import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
+import org.lamsfoundation.lams.util.MessageService;
+import org.lamsfoundation.lams.util.WebUtil;
+import org.springframework.web.context.WebApplicationContext;
+import org.springframework.web.context.support.WebApplicationContextUtils;
+
+/**
+ * @author jliew
+ *
+ * @struts:action path="/userroles"
+ *              name="UserRolesForm"
+ *              scope="request"
+ *              parameter="method"
+ * 				validate="false"
+ * 
+ * @struts:action-forward name="userrole" path=".userrole"
+ * @struts:action-forward name="userlist" path="/usermanage.do"
+ */
+public class UserRolesAction extends Action {
+	
+	private static Logger log = Logger.getLogger(UserRolesAction.class);
+	private static IUserManagementService service;
+	private static MessageService messageService;
+	private static List<Role> rolelist;
+	
+	public ActionForward execute(ActionMapping mapping,
+            ActionForm form,
+            HttpServletRequest request,
+            HttpServletResponse response) throws Exception {
+		
+		ActionMessages errors = new ActionMessages();
+		DynaActionForm userRolesForm = (DynaActionForm)form;
+		Integer orgId = WebUtil.readIntParam(request,"orgId",true);
+		Integer userId = WebUtil.readIntParam(request,"userId",true);
+		
+		// user and org ids passed as attributes by UserSaveAction
+		if (orgId==null) orgId = (Integer)request.getAttribute("orgId");
+		if (orgId==null) {
+			errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("error.org.invalid"));
+			saveErrors(request,errors);
+			return mapping.findForward("userrole");
+		}
+		if (userId==null) userId = (Integer)request.getAttribute("userId");
+		if (userId==null) {
+			errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("error.userid.invalid"));
+			saveErrors(request,errors);
+			return mapping.findForward("userrole");
+		}
+		log.debug("editing roles for userId: "+userId+" and orgId: "+orgId);
+		
+		// test requestor's permission
+		Organisation org = (Organisation)getService().findById(Organisation.class,orgId);
+		User user = (User)getService().findById(User.class, userId);
+		OrganisationType orgType = org.getOrganisationType();
+		Integer orgIdOfCourse = (orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE)) 
+			? org.getParentOrganisation().getOrganisationId() : orgId;
+		Boolean isSysadmin = request.isUserInRole(Role.SYSADMIN);
+		User requestor = (User)getService().getUserByLogin(request.getRemoteUser());
+		Boolean requestorHasRole = getService().isUserInRole(requestor.getUserId(), orgIdOfCourse, Role.COURSE_ADMIN)
+			|| getService().isUserInRole(requestor.getUserId(), orgIdOfCourse, Role.COURSE_MANAGER);
+		
+		if (!(requestorHasRole || isSysadmin)) {
+			request.setAttribute("errorName","UserRolesAction");
+			request.setAttribute("errorMessage",getMessageService().getMessage("error.authorisation"));
+			return mapping.findForward("error");
+		}
+		
+		userRolesForm.set("userId",userId);
+		userRolesForm.set("orgId", org.getOrganisationId());
+		request.setAttribute("rolelist",filterRoles(rolelist,isSysadmin,orgType));
+		request.setAttribute("login", user.getLogin());
+		request.setAttribute("fullName", user.getFullName());
+		
+		String[] roles = null;
+		UserOrganisation uo = getService().getUserOrganisation(userId, orgId);
+		if (uo != null) {
+		   	Iterator iter2 = uo.getUserOrganisationRoles().iterator();
+		   	roles = new String[uo.getUserOrganisationRoles().size()];
+		   	int i=0;
+		   	while(iter2.hasNext()){
+		   		UserOrganisationRole uor = (UserOrganisationRole)iter2.next();
+		   		roles[i]=uor.getRole().getRoleId().toString();
+		   		log.debug("got roleid: "+roles[i]);
+		   		i++;
+		   	}
+		} else {
+			ActionMessages messages = new ActionMessages();
+			messages.add("roles", new ActionMessage("msg.add.to.org", org.getName()));
+		   	saveMessages(request,messages);
+		}
+	    userRolesForm.set("roles",roles);
+		
+		return mapping.findForward("userrole");
+	}
+	
+	private List<Role> filterRoles(List<Role> rolelist, Boolean isSysadmin, OrganisationType orgType){
+		List<Role> allRoles = new ArrayList<Role>();
+		allRoles.addAll(rolelist);
+		Role role = new Role();
+		if(!isSysadmin) {
+			role.setRoleId(Role.ROLE_SYSADMIN);
+			allRoles.remove(role);
+		}
+		if(orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE)) {
+			role.setRoleId(Role.ROLE_COURSE_ADMIN);
+			allRoles.remove(role);
+			role.setRoleId(Role.ROLE_COURSE_MANAGER);
+			allRoles.remove(role);
+		}
+		return allRoles;
+	}
+	
+	@SuppressWarnings("unchecked")
+	private IUserManagementService getService(){
+		if(service==null){
+			WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
+			service = (IUserManagementService) ctx.getBean("userManagementServiceTarget");
+			rolelist = service.findAll(Role.class);
+			Collections.sort(rolelist);
+		}
+		return service;
+	}
+
+	private MessageService getMessageService(){
+		if(messageService==null){
+			WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
+			messageService = (MessageService)ctx.getBean("adminMessageService");
+		}
+		return messageService;
+	}
+}
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserRolesSaveAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserRolesSaveAction.java,v
diff -u
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserRolesSaveAction.java	13 Sep 2006 06:08:22 -0000	1.1
@@ -0,0 +1,143 @@
+/****************************************************************
+ * Copyright (C) 2005 LAMS Foundation (http://lamsfoundation.org)
+ * =============================================================
+ * License Information: http://lamsfoundation.org/licensing/lams/2.0/
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2.0
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
+ * USA
+ *
+ * http://www.gnu.org/licenses/gpl.txt
+ * ****************************************************************
+ */
+
+/* $Id: UserRolesSaveAction.java,v 1.1 2006/09/13 06:08:22 jliew Exp $ */
+package org.lamsfoundation.lams.admin.web;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.apache.struts.action.Action;
+import org.apache.struts.action.ActionForm;
+import org.apache.struts.action.ActionForward;
+import org.apache.struts.action.ActionMapping;
+import org.apache.struts.action.ActionMessage;
+import org.apache.struts.action.ActionMessages;
+import org.apache.struts.action.DynaActionForm;
+import org.lamsfoundation.lams.usermanagement.Organisation;
+import org.lamsfoundation.lams.usermanagement.OrganisationType;
+import org.lamsfoundation.lams.usermanagement.Role;
+import org.lamsfoundation.lams.usermanagement.User;
+import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
+import org.springframework.web.context.WebApplicationContext;
+import org.springframework.web.context.support.WebApplicationContextUtils;
+
+/**
+ * @author jliew
+ *
+ * @struts:action path="/userrolessave"
+ *              name="UserRolesForm"
+ *              input=".userroles"
+ *              scope="request"
+ *              parameter="method"
+ * 				validate="false"
+ * 
+ * @struts:action-forward name="userroles" path="/userroles.do"
+ * @struts:action-forward name="userlist" path="/usermanage.do"
+ */
+public class UserRolesSaveAction extends Action {
+	
+	private static Logger log = Logger.getLogger(UserRolesSaveAction.class);
+	private static IUserManagementService service;
+	private static List<Role> rolelist;
+	
+	public ActionForward execute(ActionMapping mapping, ActionForm form,
+			HttpServletRequest request, HttpServletResponse response)
+			throws Exception {
+		
+		ActionMessages errors = new ActionMessages();
+		DynaActionForm userRolesForm = (DynaActionForm) form;
+		Integer orgId = (Integer) userRolesForm.get("orgId");
+		Integer userId = (Integer) userRolesForm.get("userId");
+		String[] roles = (String[]) userRolesForm.get("roles");
+		
+		request.setAttribute("org", orgId);
+				
+		if (isCancelled(request)) {
+			return mapping.findForward("userlist");
+		}
+		
+		log.debug("userId: "+userId+", orgId: "+orgId+" will have "+roles.length+" roles");
+		Organisation org = (Organisation)getService().findById(Organisation.class, orgId);
+		User user = (User)getService().findById(User.class, userId);
+		
+		// user must have at least 1 role
+		if (roles.length < 1) {
+			errors.add("roles", new ActionMessage("error.roles.empty"));
+			saveErrors(request,errors);
+			request.setAttribute("rolelist",filterRoles(rolelist,request.isUserInRole(Role.SYSADMIN),org.getOrganisationType()));
+			request.setAttribute("login", user.getLogin());
+			request.setAttribute("fullName", user.getFullName());
+			return mapping.findForward("userroles");
+		}
+		
+		// if user is to be added to a class, make user a member of parent course also if not already
+		List<Organisation> orgs = new ArrayList<Organisation>();
+		orgs.add(org);
+		OrganisationType orgType = org.getOrganisationType();
+		Organisation parentOrg = org.getParentOrganisation();
+		if (orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE) 
+				&& getService().getUserOrganisation(userId, parentOrg.getOrganisationId())==null) {
+			orgs.add(parentOrg);
+		}
+		for (Organisation o : orgs) {
+			getService().setRolesForUserOrganisation(user, o, (List<String>)Arrays.asList(roles));
+		}
+		
+		return mapping.findForward("userlist");
+	}
+	
+	private List<Role> filterRoles(List<Role> rolelist, Boolean isSysadmin, OrganisationType orgType){
+		List<Role> allRoles = new ArrayList<Role>();
+		allRoles.addAll(rolelist);
+		Role role = new Role();
+		if(!isSysadmin) {
+			role.setRoleId(Role.ROLE_SYSADMIN);
+			allRoles.remove(role);
+		}
+		if(orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE)) {
+			role.setRoleId(Role.ROLE_COURSE_ADMIN);
+			allRoles.remove(role);
+			role.setRoleId(Role.ROLE_COURSE_MANAGER);
+			allRoles.remove(role);
+		}
+		return allRoles;
+	}
+	
+	private IUserManagementService getService(){
+		if(service==null){
+			WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
+			service = (IUserManagementService) ctx.getBean("userManagementServiceTarget");
+			rolelist = service.findAll(Role.class);
+			Collections.sort(rolelist);
+		}
+		return service;
+	}
+
+}
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSaveAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSaveAction.java,v
diff -u -r1.24 -r1.25
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSaveAction.java	7 Sep 2006 05:56:02 -0000	1.24
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSaveAction.java	13 Sep 2006 06:08:22 -0000	1.25
@@ -24,15 +24,14 @@
 /* $Id$ */
 package org.lamsfoundation.lams.admin.web;
 
-import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.Date;
 import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.beanutils.BeanUtils;
+import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
 import org.apache.struts.action.Action;
 import org.apache.struts.action.ActionForm;
@@ -44,9 +43,6 @@
 import org.lamsfoundation.lams.admin.AdminConstants;
 import org.lamsfoundation.lams.themes.CSSThemeVisualElement;
 import org.lamsfoundation.lams.usermanagement.AuthenticationMethod;
-import org.lamsfoundation.lams.usermanagement.Organisation;
-import org.lamsfoundation.lams.usermanagement.OrganisationType;
-import org.lamsfoundation.lams.usermanagement.Role;
 import org.lamsfoundation.lams.usermanagement.SupportedLocale;
 import org.lamsfoundation.lams.usermanagement.User;
 import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
@@ -72,88 +68,72 @@
  * 
  * @struts:action-forward name="user" path="/user.do?method=edit"
  * @struts:action-forward name="userlist" path="/usermanage.do"
+ * @struts:action-forward name="userroles" path="/userroles.do"
+ * @struts:action-forward name="usersearch" path="/usersearch.do"
  */
 public class UserSaveAction extends Action {
 
 	private static Logger log = Logger.getLogger(UserSaveAction.class);
-
 	private static IUserManagementService service;
-	private static List<Role> rolelist;
 
 	@SuppressWarnings("unchecked")
 	public ActionForward execute(ActionMapping mapping, ActionForm form,
 			HttpServletRequest request, HttpServletResponse response)
 			throws Exception {
 
+		ActionMessages errors = new ActionMessages();
 		DynaActionForm userForm = (DynaActionForm) form;
+		Integer orgId = (Integer) userForm.get("orgId");
+		Integer userId = (Integer) userForm.get("userId");
+		
+		log.debug("orgId: " + orgId);
 		Boolean edit = false;
 		Boolean passwordChanged = true;
-
-		Integer orgId = (Integer) userForm.get("orgId");
-		Organisation org = (Organisation)getService().findById(Organisation.class, orgId);
+		SupportedLocale locale = (SupportedLocale)getService().findById(SupportedLocale.class, (Byte)userForm.get("localeId"));
+		log.debug("locale: " + locale);
 		
 		if (isCancelled(request)) {
+			if (orgId==null || orgId==0) {
+				return mapping.findForward("usersearch");
+			}
 			request.setAttribute("org", orgId);
 			return mapping.findForward("userlist");
 		}
 
-		Integer userId = (Integer) userForm.get("userId");
-		log.debug("got userId: " + userId);
+		if (userId != 0) edit = true;
 
-		if (userId != 0)
-			edit = true;
-
-		ActionMessages errors = new ActionMessages();
-		if ((userForm.get("login") == null)
-				|| (userForm.getString("login").trim().length() == 0)) {
+		if ((userForm.get("login") == null) || (userForm.getString("login").trim().length() == 0)) {
 			errors.add("login", new ActionMessage("error.login.required"));
 		}
-		if (!userForm.get("password").equals(userForm.get("password2"))) {
-			errors.add("password", new ActionMessage(
-					"error.newpassword.mismatch"));
+		if (!StringUtils.equals((String)userForm.get("password"),((String)userForm.get("password2")))) {
+			errors.add("password", new ActionMessage("error.newpassword.mismatch"));
 		}
-		if ((userForm.get("password") == null)
-				|| (userForm.getString("password").trim().length() == 0)) {
+		if ((userForm.get("password") == null) || (userForm.getString("password").trim().length() == 0)) {
 			passwordChanged = false;
-			if (!edit)
-				errors.add("password", new ActionMessage(
-						"error.password.required"));
+			if (!edit) errors.add("password", new ActionMessage("error.password.required"));
 		}
-
-		SupportedLocale locale = (SupportedLocale) getService().findById(SupportedLocale.class, (Byte)userForm.get("localeId"));
-		log.debug("locale: " + locale);
-
-		WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
-		IAuditService auditService = (IAuditService) ctx.getBean("auditService");
-		MessageService messageService = (MessageService)ctx.getBean("adminMessageService");
 		
+		User user = null;
 		if (errors.isEmpty()) {
-			String[] roles = (String[]) userForm.get("roles");
 			if (edit) { // edit user
 				log.debug("editing userId: " + userId);
-				User user = (User)getService().findById(User.class, userId);
+				user = (User)getService().findById(User.class, userId);
+				// hash the new password if necessary, and audit the fact
 				if (passwordChanged) {
-					// make 'password changed' audit log entry
-					String[] args = new String[1];
-					args[0] = user.getLogin()+"("+userId+")";
-					String message = messageService.getMessage("audit.user.password.change",args);
-					auditService.log(AdminConstants.MODULE_NAME, message);
-					userForm.set("password", HashUtil.sha1((String) userForm.get("password")));
+					writeAuditLog(user, new String[1]);
+					userForm.set("password", HashUtil.sha1((String)userForm.get("password")));
 				} else {
 					userForm.set("password", user.getPassword());
 				}
 				BeanUtils.copyProperties(user, userForm);
 				user.setLocale(locale);
-				log.debug("locale: " + locale);
-				getService().setRolesForUserOrganisation(user, org, (List<String>)Arrays.asList(roles));
 			} else { // create user
-				log.debug("creating user...");
-				User user = new User();
-				userForm.set("password", HashUtil.sha1((String) userForm.get("password")));
+				user = new User();
+				userForm.set("password", HashUtil.sha1((String)userForm.get("password")));
 				BeanUtils.copyProperties(user, userForm);
-				log.debug("new login: " + user.getLogin());
+				log.debug("creating user... new login: " + user.getLogin());
 				if (getService().getUserByLogin(user.getLogin()) != null) {
-					errors.add("loginUnique", new ActionMessage("error.login.unique"));
+					errors.add("login", new ActionMessage("error.login.unique"));
 				}
 				if (errors.isEmpty()) {
 					// TODO set flash/html themes according to user input instead of server default.
@@ -171,57 +151,62 @@
 					}
 					user.setDisabledFlag(false);
 					user.setCreateDate(new Date());
-					user.setAuthenticationMethod((AuthenticationMethod) getService().findByProperty(AuthenticationMethod.class,
+					user.setAuthenticationMethod((AuthenticationMethod)getService().findByProperty(AuthenticationMethod.class,
 							"authenticationMethodName","LAMS-Database").get(0));
 					user.setUserId(null);
 					user.setLocale(locale);
 					getService().save(user);
 					
 					// make 'create user' audit log entry
-					String[] args = new String[2];
-					args[0] = user.getLogin()+"("+user.getUserId()+")";
-					args[1] = user.getFullName();
-					String message = messageService.getMessage("audit.user.create", args);
-					auditService.log(AdminConstants.MODULE_NAME, message);
+					writeAuditLog(user, new String[2]);
 					
 					log.debug("user: " + user.toString());
-					List<Organisation> orgs = new ArrayList<Organisation>();
-					// if user is to be added to a class, make user a member of
-					// parent course also
-					orgs.add(org);
-					OrganisationType orgType = org.getOrganisationType();
-					if (orgType.getOrganisationTypeId().equals(OrganisationType.CLASS_TYPE)) {
-						Organisation parentOrg = org.getParentOrganisation();
-						orgs.add(parentOrg);
-					}
-					for (Organisation o : orgs) {
-						getService().setRolesForUserOrganisation(user, o, (List<String>)Arrays.asList(roles));
-					}
 				}
 			}
 		}
 
+		
 		if (errors.isEmpty()) {
-			request.setAttribute("org", orgId);
-			log.debug("orgId: " + orgId);
-			return mapping.findForward("userlist");
-		} else {
-			if (!edit) { // error screen on create user shouldn't show empty roles
-				userForm.set("userId", null);
+			if (orgId==null || orgId==0) {
+				return mapping.findForward("usersearch");
 			}
+			if (edit) {
+				request.setAttribute("org", orgId);
+				return mapping.findForward("userlist");
+			} else {
+				request.setAttribute("orgId", orgId);
+				request.setAttribute("userId", user.getUserId());
+				return mapping.findForward("userroles");
+			}
+		} else {
 			saveErrors(request, errors);
 			request.setAttribute("orgId", orgId);
 			return mapping.findForward("user");
 		}
 	}
 
+	private void writeAuditLog(User user, String[] args) {
+		WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
+		IAuditService auditService = (IAuditService) ctx.getBean("auditService");
+		MessageService messageService = (MessageService)ctx.getBean("adminMessageService");
+		
+		if (args.length==1) {  // password changed
+			args[0] = user.getLogin()+"("+user.getUserId()+")";
+			String message = messageService.getMessage("audit.user.password.change",args);
+			auditService.log(AdminConstants.MODULE_NAME, message);
+		} else if (args.length==2) {  // user created
+			args[0] = user.getLogin()+"("+user.getUserId()+")";
+			args[1] = user.getFullName();
+			String message = messageService.getMessage("audit.user.create", args);
+			auditService.log(AdminConstants.MODULE_NAME, message);
+		}
+	}
 	
 	@SuppressWarnings("unchecked")
 	private IUserManagementService getService() {
 		if (service == null) {
 			WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
 			service = (IUserManagementService) ctx.getBean("userManagementServiceTarget");
-			rolelist = service.findAll(Role.class);
 		}
 		return service;
 	}
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSearchAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSearchAction.java,v
diff -u -r1.3 -r1.4
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSearchAction.java	29 Aug 2006 04:31:42 -0000	1.3
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/UserSearchAction.java	13 Sep 2006 06:08:22 -0000	1.4
@@ -32,7 +32,6 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.beanutils.BeanUtils;
 import org.apache.log4j.Logger;
 import org.apache.struts.action.Action;
 import org.apache.struts.action.ActionForm;
@@ -44,7 +43,6 @@
 import org.lamsfoundation.lams.usermanagement.Role;
 import org.lamsfoundation.lams.usermanagement.User;
 import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
-import org.lamsfoundation.lams.util.WebUtil;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;
 
@@ -86,10 +84,10 @@
 
 		DynaActionForm userSearchForm = (DynaActionForm)form;
 		
-		String userId = ((String)userSearchForm.get("userId")).trim();
-		String login = ((String)userSearchForm.get("login")).trim();
-		String firstName = ((String)userSearchForm.get("firstName")).trim();
-		String lastName = ((String)userSearchForm.get("lastName")).trim();
+		String userId = ((String)userSearchForm.get("sUserId")).trim();
+		String login = ((String)userSearchForm.get("sLogin")).trim();
+		String firstName = ((String)userSearchForm.get("sFirstName")).trim();
+		String lastName = ((String)userSearchForm.get("sLastName")).trim();
 		
 		log.debug("got userId: '"+userId+"'");
 		log.debug("got login: '"+login+"'");
@@ -114,7 +112,7 @@
 		
 		if(userList.isEmpty() && (Boolean)userSearchForm.get("searched")){
 			ActionMessages messages = new ActionMessages();
-			messages.add("results",new ActionMessage("error.results.none"));
+			messages.add("results",new ActionMessage("msg.results.none"));
 			saveMessages(request,messages);
 		}
 		
Index: lams_admin/web/user.jsp
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/web/user.jsp,v
diff -u -r1.13 -r1.14
--- lams_admin/web/user.jsp	24 Aug 2006 01:54:01 -0000	1.13
+++ lams_admin/web/user.jsp	13 Sep 2006 06:08:22 -0000	1.14
@@ -10,23 +10,17 @@
 <html-el:hidden property="userId" />
 <html-el:hidden property="orgId" />
 <h2 align="left">
-    <logic:notEmpty name="pOrgId">
-        <a href="orgmanage.do?org=<bean:write name="pOrgId" />"><bean:write name="pOrgName"/></a> ::
-    </logic:notEmpty>
-    <a href="<logic:equal name="orgType" value="3">user</logic:equal><logic:notEqual name="orgType" value="3">org</logic:notEqual>manage.do?org=<bean:write name="UserForm" property="orgId" />">
-      <bean:write name="orgName"/></a> ::
 	<logic:notEmpty name="UserForm" property="userId">
-		<fmt:message key="admin.edit"/> User
+		<fmt:message key="admin.user.edit"/>
 	</logic:notEmpty>
 	<logic:empty name="UserForm" property="userId">
-		<fmt:message key="admin.create"/> User
+		<fmt:message key="admin.user.create"/>
 	</logic:empty>
 </h2>
 
 <div align="center"><html-el:errors/></div>
 <table>
   <col align="right" /><col align="left" />
-  <logic:equal name="canEdit" value="true">
 	<tr>
 		<td><fmt:message key="admin.user.login"/> *:</td>
 		<td><html-el:text property="login" size="20" maxlength="20" /></td>
@@ -111,45 +105,7 @@
 			</html-el:select>
 		</td>
 	</tr>
-  </logic:equal>
-  <logic:notEqual name="canEdit" value="true">
-    <tr>
-		<td><fmt:message key="admin.user.login"/>:</td>
-		<td><bean:write name="UserForm" property="login" /></td>
-	</tr>
 	<tr>
-	<td>Name:</td>
-		<td><bean:write name="UserForm" property="title" /> <bean:write name="UserForm" property="firstName" /> <bean:write name="UserForm" property="lastName" /></td>
-	</tr>
-	<html-el:hidden property="login" />
-	<html-el:hidden property="password" />
-	<html-el:hidden property="password2" />
-	<html-el:hidden property="title" />
-	<html-el:hidden property="firstName" />
-	<html-el:hidden property="lastName" />
-	<html-el:hidden property="addressLine1" />
-	<html-el:hidden property="addressLine2" />
-	<html-el:hidden property="addressLine3" />
-	<html-el:hidden property="city" />
-	<html-el:hidden property="state" />
-	<html-el:hidden property="country" />
-	<html-el:hidden property="dayPhone" />
-	<html-el:hidden property="eveningPhone" />
-	<html-el:hidden property="mobilePhone" />
-	<html-el:hidden property="fax" />
-	<html-el:hidden property="email" />
-	<html-el:hidden property="localeId" />
-  </logic:notEqual>
-	<tr>
-	    <td><fmt:message key="admin.user.roles"/>:</td>
-	    <td>
-            <c:forEach items="${rolelist}" var="role">
-                <html-el:multibox name="UserForm" property="roles" value="${role.roleId}"/>
-                <c:out value="${role.name}"/><br/>
-            </c:forEach>
-	    </td>
-	</tr>
-	<tr>
 		<td colspan=2 align="right">
 			<html-el:submit><fmt:message key="admin.save"/></html-el:submit>
 			<html-el:reset><fmt:message key="admin.reset"/></html-el:reset>
Index: lams_admin/web/userlist.jsp
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/web/userlist.jsp,v
diff -u -r1.11 -r1.12
--- lams_admin/web/userlist.jsp	6 Sep 2006 00:18:42 -0000	1.11
+++ lams_admin/web/userlist.jsp	13 Sep 2006 06:08:22 -0000	1.12
@@ -57,7 +57,7 @@
 		    </small>
 		</td>
 		<td>
-				<a href="user.do?method=edit&userId=<bean:write name='userManageBean' property='userId' />&orgId=<bean:write name='UserManageForm' property='orgId'/>"><fmt:message key="admin.edit"/></a>
+				<a href="userroles.do?userId=<bean:write name='userManageBean' property='userId' />&orgId=<bean:write name='UserManageForm' property='orgId'/>"><fmt:message key="admin.edit"/></a>
 				&nbsp;
 				<a href="user.do?method=remove&userId=<bean:write name='userManageBean' property='userId' />&orgId=<bean:write name='UserManageForm' property='orgId'/>"><fmt:message key="admin.user.delete"/></a>
 				<br/>
Index: lams_admin/web/userrole.jsp
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/web/userrole.jsp,v
diff -u
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ lams_admin/web/userrole.jsp	13 Sep 2006 06:08:22 -0000	1.1
@@ -0,0 +1,42 @@
+<%@ page contentType="text/html; charset=utf-8" language="java" %>
+
+<%@ taglib uri="tags-html-el" prefix="html-el" %>
+<%@ taglib uri="tags-core" prefix="c" %>
+<%@ taglib uri="tags-bean" prefix="bean" %>
+<%@ taglib uri="tags-logic" prefix="logic" %>
+<%@ taglib uri="tags-fmt" prefix="fmt" %>
+
+<html-el:form action="/userrolessave.do" method="post">
+<html-el:hidden property="userId" />
+<html-el:hidden property="orgId" />
+<h2 align="left"><fmt:message key="admin.user.assign.roles"/></h2>
+
+<div align="center"><html-el:errors/><html-el:messages id="roles" message="true"><bean:write name="roles" /></html-el:messages></div>
+<table>
+  <col align="right" /><col align="left" />
+    <tr>
+		<td><fmt:message key="admin.user.login"/>:</td>
+		<td><bean:write name="login" /></td>
+	</tr>
+	<tr>
+		<td><fmt:message key="admin.user.name"/>:</td>
+		<td><bean:write name="fullName" /></td>
+	</tr>
+	<tr>
+	    <td><fmt:message key="admin.user.roles"/>:</td>
+	    <td>
+            <c:forEach items="${rolelist}" var="role">
+                <html-el:multibox name="UserRolesForm" property="roles" value="${role.roleId}"/>
+                <c:out value="${role.name}"/><br/>
+            </c:forEach>
+	    </td>
+	</tr>
+	<tr>
+		<td colspan=2 align="right">
+			<html-el:submit><fmt:message key="admin.save"/></html-el:submit>
+			<html-el:reset><fmt:message key="admin.reset"/></html-el:reset>
+			<html-el:cancel><fmt:message key="admin.cancel"/></html-el:cancel>
+		</td>
+	</tr>
+</table>
+</html-el:form>
Index: lams_admin/web/usersearchlist.jsp
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/web/usersearchlist.jsp,v
diff -u -r1.1 -r1.2
--- lams_admin/web/usersearchlist.jsp	28 Jul 2006 05:53:56 -0000	1.1
+++ lams_admin/web/usersearchlist.jsp	13 Sep 2006 06:08:22 -0000	1.2
@@ -6,7 +6,7 @@
 <%@ taglib uri="tags-core" prefix="c" %>
 <%@ taglib uri="tags-fmt" prefix="fmt" %>
 
-<h2>Find Users</h2>
+<h2><fmt:message key="admin.user.find"/></h2>
 
 <logic:notEqual name="isSysadmin" value="false">
 <html-el:form action="/usersearch.do" method="post">
@@ -21,10 +21,10 @@
 	<th width="15%"></th>
 </tr>
 <tr>
-	<td><html-el:text property="userId" size="5" /></td>
-	<td><html-el:text property="login" size="10" /></td>
-	<td><html-el:text property="firstName" size="10" /></td>
-	<td><html-el:text property="lastName" size="10" /></td>
+	<td><html-el:text property="sUserId" size="5" /></td>
+	<td><html-el:text property="sLogin" size="10" /></td>
+	<td><html-el:text property="sFirstName" size="10" /></td>
+	<td><html-el:text property="sLastName" size="10" /></td>
 	<td></td>
 </tr>
 
@@ -44,9 +44,9 @@
 				<bean:write name="user" property="lastName" />
 			</td>
 			<td>
-				<a href="user.do?method=edit&userId=<bean:write name='user' property='userId' />&orgId=1"><fmt:message key="admin.edit"/></a>
+				<a href="user.do?method=edit&userId=<bean:write name='user' property='userId' />"><fmt:message key="admin.edit"/></a>
 				&nbsp;
-				<a href="user.do?method=remove&userId=<bean:write name='user' property='userId' />&orgId=1"><fmt:message key="admin.user.delete"/></a>
+				<a href="user.do?method=remove&userId=<bean:write name='user' property='userId' />"><fmt:message key="admin.user.delete"/></a>
 			</td>
 		</tr>
 	</logic:iterate>
Index: lams_admin/web/WEB-INF/tiles/tiles-defs.xml
===================================================================
RCS file: /usr/local/cvsroot/lams_admin/web/WEB-INF/tiles/Attic/tiles-defs.xml,v
diff -u -r1.17 -r1.18
--- lams_admin/web/WEB-INF/tiles/tiles-defs.xml	31 Aug 2006 04:41:41 -0000	1.17
+++ lams_admin/web/WEB-INF/tiles/tiles-defs.xml	13 Sep 2006 06:08:22 -0000	1.18
@@ -37,6 +37,11 @@
 		<put name="content" value="user.jsp" />	
 	</definition>
 	
+	<definition name=".userrole" path="/template.jsp">
+		<put name="title" value="admin.user.entry"/>
+		<put name="content" value="userrole.jsp" />	
+	</definition>
+	
 	<definition name=".orglist" path="/template.jsp">
 		<put name="title" value="admin.organisation.management"/>
 		<put name="content" value="orglist.jsp" />