NIHVIVO-2931 create a policy that prevents the user from editing or dropping the Home menu page.

webapp/config/web.xml

@@ -155,6 +155,10 @@
     <listener-class> edu.cornell.mannlib.vitro.webapp.auth.policy.RootUserPolicy$Setup</listener-class>
   </listener>
 
+  <listener>
+    <listener-class> edu.cornell.mannlib.vivo.auth.policy.RestrictHomeMenuItemEditingPolicy$Setup</listener-class>
+  </listener>
+
   <!-- The Solr index uses a "public" filter, so the PropertyRestrictionPolicyHelper must already be set up. -->
   <listener>
     <listener-class>

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java

@@ -0,0 +1,69 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
+import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary;
+
+/**
+ * Don't allow user to edit or drop the HomeMenuItem statement.
+ */
+public class RestrictHomeMenuItemEditingPolicy implements PolicyIface {
+
+	@Override
+	public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
+			RequestedAction whatToAuth) {
+		if (whatToAuth instanceof EditObjPropStmt) {
+			return isAuthorized((EditObjPropStmt) whatToAuth);
+		} else if (whatToAuth instanceof DropObjectPropStmt) {
+			return isAuthorized((DropObjectPropStmt) whatToAuth);
+		} else {
+			return notHandled();
+		}
+	}
+
+	private PolicyDecision isAuthorized(AbstractObjectPropertyAction whatToAuth) {
+		if (whatToAuth.getUriOfPredicate()
+				.equals(DisplayVocabulary.HAS_ELEMENT)
+				&& whatToAuth.getUriOfObject().equals(
+						DisplayVocabulary.HOME_MENU_ITEM)) {
+			return notAuthorized();
+		} else {
+			return notHandled();
+		}
+	}
+
+	private BasicPolicyDecision notHandled() {
+		return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
+				"Doesn't handle this type of request");
+	}
+
+	private BasicPolicyDecision notAuthorized() {
+		return new BasicPolicyDecision(Authorization.UNAUTHORIZED,
+				"Can't edit home menu item.");
+	}
+
+	public static class Setup implements ServletContextListener {
+		@Override
+		public void contextInitialized(ServletContextEvent sce) {
+			ServletPolicyList.addPolicyAtFront(sce.getServletContext(),
+					new RestrictHomeMenuItemEditingPolicy());
+		}
+
+		@Override
+		public void contextDestroyed(ServletContextEvent ctx) {
+			// Nothing to do here.
+		}
+
+	}
+}

webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java

@@ -123,6 +123,8 @@ public class DisplayVocabulary {
     public static final String INTERNAL_CLASS_TEMPLATE = "menupage--individualsforclasses.ftl";
     /* URIs for some individuals in the dispaly ontology */
 
+	public static final String HOME_MENU_ITEM = DISPLAY_NS + "HomeMenuItem";
+        
     
     //public static final Individual EVENTS = m_model.createIndividual( NS + "Events", PAGE );