diff --git a/webapp/config/web.xml b/webapp/config/web.xml
index c47336d12..defb69499 100644
--- a/webapp/config/web.xml
+++ b/webapp/config/web.xml
@@ -155,6 +155,10 @@
edu.cornell.mannlib.vitro.webapp.auth.policy.RootUserPolicy$Setup
+
+ edu.cornell.mannlib.vivo.auth.policy.RestrictHomeMenuItemEditingPolicy$Setup
+
+
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java
new file mode 100644
index 000000000..4ed30639b
--- /dev/null
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java
@@ -0,0 +1,69 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
+import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary;
+
+/**
+ * Don't allow user to edit or drop the HomeMenuItem statement.
+ */
+public class RestrictHomeMenuItemEditingPolicy implements PolicyIface {
+
+ @Override
+ public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
+ RequestedAction whatToAuth) {
+ if (whatToAuth instanceof EditObjPropStmt) {
+ return isAuthorized((EditObjPropStmt) whatToAuth);
+ } else if (whatToAuth instanceof DropObjectPropStmt) {
+ return isAuthorized((DropObjectPropStmt) whatToAuth);
+ } else {
+ return notHandled();
+ }
+ }
+
+ private PolicyDecision isAuthorized(AbstractObjectPropertyAction whatToAuth) {
+ if (whatToAuth.getUriOfPredicate()
+ .equals(DisplayVocabulary.HAS_ELEMENT)
+ && whatToAuth.getUriOfObject().equals(
+ DisplayVocabulary.HOME_MENU_ITEM)) {
+ return notAuthorized();
+ } else {
+ return notHandled();
+ }
+ }
+
+ private BasicPolicyDecision notHandled() {
+ return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
+ "Doesn't handle this type of request");
+ }
+
+ private BasicPolicyDecision notAuthorized() {
+ return new BasicPolicyDecision(Authorization.UNAUTHORIZED,
+ "Can't edit home menu item.");
+ }
+
+ public static class Setup implements ServletContextListener {
+ @Override
+ public void contextInitialized(ServletContextEvent sce) {
+ ServletPolicyList.addPolicyAtFront(sce.getServletContext(),
+ new RestrictHomeMenuItemEditingPolicy());
+ }
+
+ @Override
+ public void contextDestroyed(ServletContextEvent ctx) {
+ // Nothing to do here.
+ }
+
+ }
+}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
index a2d2e8743..3c7577dd3 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
@@ -122,6 +122,8 @@ public class DisplayVocabulary {
public static final String REORDER_MENU_URL = PROCESS_MENU_MANAGEMENT_URL + "?cmd=Reorder&" + SWITCH_TO_DISPLAY_MODEL + "=true";
public static final String INTERNAL_CLASS_TEMPLATE = "menupage--individualsforclasses.ftl";
/* URIs for some individuals in the dispaly ontology */
+
+ public static final String HOME_MENU_ITEM = DISPLAY_NS + "HomeMenuItem";
//public static final Individual EVENTS = m_model.createIndividual( NS + "Events", PAGE );