diff --git a/common/djangoapps/student/views.py b/common/djangoapps/student/views.py
index ace1f8f576a420015d54f7a4cbc0d46302079a0f..87490786c1334ba3a0bc11a80a40db57f8623695 100644
--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -8,7 +8,6 @@ import uuid
 import feedparser
 import urllib
 import itertools
-from collections import defaultdict
 
 from django.conf import settings
 from django.contrib.auth import logout, authenticate, login
@@ -37,7 +36,7 @@ from xmodule.modulestore.exceptions import ItemNotFoundError
 from models import Registration, UserProfile, PendingNameChange, PendingEmailChange, CourseEnrollment
 from datetime import date
 from collections import namedtuple
-from courseware.courses import course_staff_group_name, has_staff_access_to_course
+from courseware.courses import course_staff_group_name, has_staff_access_to_course, get_courses_by_university
 
 log = logging.getLogger("mitx.student")
 Article = namedtuple('Article', 'title url author image deck publication publish_date')
@@ -65,9 +64,9 @@ def index(request):
         from external_auth.views import edXauth_ssl_login
         return edXauth_ssl_login(request)
 
-    return main_index()
+    return main_index(user=request.user)
 
-def main_index(extra_context = {}):
+def main_index(extra_context = {}, user=None):
     '''
     Render the edX main page.
 
@@ -89,11 +88,8 @@ def main_index(extra_context = {}):
         entry.image = soup.img['src'] if soup.img else None
         entry.summary = soup.getText()
 
-    universities = defaultdict(list)
-    courses = sorted(modulestore().get_courses(), key=lambda course: course.number)
-    for course in courses:
-        universities[course.org].append(course)
-
+    # The course selection work is done in courseware.courses.
+    universities = get_courses_by_university(None)
     context = {'universities': universities, 'entries': entries}
     context.update(extra_context)
     return render_to_response('index.html', context)
diff --git a/lms/djangoapps/courseware/courses.py b/lms/djangoapps/courseware/courses.py
index e11fb566f4e102f7aac73134c136d0230430f230..c050084fff33843a30c1ace17afd0f054a29a7c6 100644
--- a/lms/djangoapps/courseware/courses.py
+++ b/lms/djangoapps/courseware/courses.py
@@ -1,3 +1,4 @@
+from collections import defaultdict
 from fs.errors import ResourceNotFoundError
 from functools import wraps
 import logging
@@ -123,6 +124,8 @@ def has_staff_access_to_course(user,course):
     Returns True if the given user has staff access to the course.
     This means that user is in the staff_* group, or is an overall admin.
     '''
+    if user is None or (not user.is_authenticated()) or course is None:
+        return False
     if user.is_staff:
         return True
     user_groups = [x[1] for x in user.groups.values_list()]	# note this is the Auth group, not UserTestGroup
@@ -132,5 +135,23 @@ def has_staff_access_to_course(user,course):
         return True
     return False
 
-    
+def get_courses_by_university(user):
+    '''
+    Returns dict of lists of courses available, keyed by course.org (ie university).
+    Courses are sorted by course.number.
+
+    if ACCESS_REQUIRE_STAFF_FOR_COURSE then list only includes those accessible to user.
+    '''
+    # TODO: Clean up how 'error' is done.
+    # filter out any courses that errored.
+    courses = [c for c in modulestore().get_courses()
+               if isinstance(c, CourseDescriptor)]
+    courses = sorted(courses, key=lambda course: course.number)
+    universities = defaultdict(list)
+    for course in courses:
+        if settings.MITX_FEATURES.get('ENABLE_LMS_MIGRATION'):
+            if not has_staff_access_to_course(user,course):
+                continue
+        universities[course.org].append(course)
+    return universities
     
diff --git a/lms/djangoapps/courseware/views.py b/lms/djangoapps/courseware/views.py
index 831e8ced29b931a512190906933cbcb4bee980a0..41b2101b4453070b7d431af0bd710d29329678c2 100644
--- a/lms/djangoapps/courseware/views.py
+++ b/lms/djangoapps/courseware/views.py
@@ -1,4 +1,3 @@
-from collections import defaultdict
 import json
 import logging
 import urllib
@@ -28,7 +27,7 @@ from xmodule.course_module import CourseDescriptor
 from util.cache import cache, cache_if_anonymous
 from student.models import UserTestGroup, CourseEnrollment
 from courseware import grades
-from courseware.courses import check_course
+from courseware.courses import check_course, get_courses_by_university
 
 
 log = logging.getLogger("mitx.courseware")
@@ -58,19 +57,12 @@ def user_groups(user):
 @ensure_csrf_cookie
 @cache_if_anonymous
 def courses(request):
-    # TODO: Clean up how 'error' is done.
-
-    # filter out any courses that errored.
-    courses = [c for c in modulestore().get_courses()
-               if isinstance(c, CourseDescriptor)]
-    courses = sorted(courses, key=lambda course: course.number)
-    universities = defaultdict(list)
-    for course in courses:
-        universities[course.org].append(course)
-
+    '''
+    Render "find courses" page.  The course selection work is done in courseware.courses.
+    '''
+    universities = get_courses_by_university(request.user)
     return render_to_response("courses.html", {'universities': universities})
 
-
 @cache_control(no_cache=True, no_store=True, must_revalidate=True)
 def gradebook(request, course_id):
     if 'course_admin' not in user_groups(request.user):