=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2015-11-17 17:01:46 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2015-11-17 19:46:11 +0000
@@ -34,6 +34,7 @@
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
 import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
+
 import org.hisp.dhis.common.BaseIdentifiableObject;
 import org.hisp.dhis.common.DimensionType;
 import org.hisp.dhis.common.DimensionalObject;
@@ -47,6 +48,7 @@
 import org.hisp.dhis.dataelement.CategoryOptionGroupSet;
 import org.hisp.dhis.dataelement.DataElementCategory;
 import org.hisp.dhis.dataset.DataSet;
+import org.hisp.dhis.program.Program;
 import org.hisp.dhis.schema.PropertyType;
 import org.hisp.dhis.schema.annotation.Property;
 import org.hisp.dhis.schema.annotation.PropertyRange;
@@ -272,6 +274,22 @@
 
         return dataSets;
     }
+    
+    /**
+     * Returns a set of the programs for all user authority groups
+     * of this user credentials.
+     */
+    public Set<Program> getAllPrograms()
+    {
+        Set<Program> programs = new HashSet<>();
+
+        for ( UserAuthorityGroup group : userAuthorityGroups )
+        {
+            programs.addAll( group.getPrograms() );
+        }
+
+        return programs;
+    }
 
     /**
      * Indicates whether this user credentials can issue the given user authority

=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/events/event/AbstractEventService.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/events/event/AbstractEventService.java	2015-11-17 17:01:46 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/events/event/AbstractEventService.java	2015-11-17 19:46:11 +0000
@@ -85,6 +85,7 @@
 import org.hisp.dhis.trackedentitydatavalue.TrackedEntityDataValueService;
 import org.hisp.dhis.user.CurrentUserService;
 import org.hisp.dhis.user.User;
+import org.hisp.dhis.user.UserCredentials;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.Assert;
@@ -504,6 +505,8 @@
         OrganisationUnitSelectionMode orgUnitSelectionMode, String trackedEntityInstance, Date startDate, Date endDate,
         EventStatus status, Date lastUpdated, DataElementCategoryOptionCombo attributeCoc, IdSchemes idSchemes, Integer page, Integer pageSize, boolean totalPages, boolean skipPaging, boolean includeAttributes )
     {
+        UserCredentials userCredentials = currentUserService.getCurrentUser().getUserCredentials();
+        
         EventSearchParams params = new EventSearchParams();
 
         Program pr = programService.getProgram( program );
@@ -526,6 +529,24 @@
         {
             throw new IllegalQueryException( "Org unit is specified but does not exist: " + orgUnit );
         }
+        
+        if( ou != null && !organisationUnitService.isInUserHierarchy( ou ) )
+        {                
+            if( !userCredentials.isSuper() && !userCredentials.isAuthorized( "F_TRACKED_ENTITY_INSTANCE_SEARCH_IN_ALL_ORGUNITS" ) ) 
+            {
+                throw new IllegalQueryException( "User has no access to organisation unit: " + ou.getUid() );
+            }
+        }
+        
+        if( pr == null &&  !userCredentials.isSuper() && userCredentials.getAllPrograms().size() == 0 )
+        {
+            throw new IllegalQueryException( "User has no access to programs");
+        }
+        
+        if( pr != null && userCredentials.getAllPrograms().contains( pr ) )
+        {
+            throw new IllegalQueryException( "User has no access to program: " + pr.getUid() );
+        }        
 
         TrackedEntityInstance tei = entityInstanceService.getTrackedEntityInstance( trackedEntityInstance );
 
@@ -864,12 +885,31 @@
         event.setDueDate( DateUtils.getLongDateString( programStageInstance.getDueDate() ) );
         event.setStoredBy( programStageInstance.getCompletedUser() );
 
-        if ( programStageInstance.getOrganisationUnit() != null )
+        UserCredentials userCredentials = currentUserService.getCurrentUser().getUserCredentials();
+        
+        OrganisationUnit ou = programStageInstance.getOrganisationUnit();
+        
+        if ( ou != null )
+        {             
+            if( !organisationUnitService.isInUserHierarchy( ou ) )
+            {                
+                if( !userCredentials.isSuper()  && !userCredentials.isAuthorized( "F_TRACKED_ENTITY_INSTANCE_SEARCH_IN_ALL_ORGUNITS" ) ) 
+                {
+                    throw new IllegalQueryException( "User has no access to organisation unit: " + ou.getUid() );
+                }
+            }
+            
+            event.setOrgUnit( ou.getUid() );
+        }
+        
+        Program program = programStageInstance.getProgramInstance().getProgram();
+        
+        if( !userCredentials.isSuper() && !userCredentials.getAllPrograms().contains( program ) )
         {
-            event.setOrgUnit( programStageInstance.getOrganisationUnit().getUid() );
+            throw new IllegalQueryException( "User has no access to program: " + program.getUid() );
         }
-
-        event.setProgram( programStageInstance.getProgramInstance().getProgram().getUid() );
+        
+        event.setProgram( program.getUid() );        
         event.setEnrollment( programStageInstance.getProgramInstance().getUid() );
         event.setProgramStage( programStageInstance.getProgramStage().getUid() );
 
@@ -1278,5 +1318,5 @@
     private DataElement getDataElement( String dataElementId )
     {
         return dataElementCache.get( dataElementId, new IdentifiableObjectCallable<>( manager, DataElement.class, dataElementId ) );
-    }
+    }    
 }