From 8e3c13bd4c7cfde69110f082ce1bdbc9c1d17234 Mon Sep 17 00:00:00 2001
From: j2blake <j2blake@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Fri, 15 Apr 2011 22:01:08 +0000
Subject: [PATCH] NIHVIVO-2492 Restrict JenaIngest, JenaExport, RDFUpload and
 SparqlQuery pages

---
 .../controller/SparqlQueryBuilderServlet.java | 58 +------------------
 .../webapp/controller/SparqlQueryServlet.java |  3 +
 .../freemarker/SiteAdminController.java       |  5 +-
 .../controller/jena/JenaExportController.java |  3 +
 .../controller/jena/JenaIngestController.java |  8 +--
 .../jena/RDFUploadFormController.java         |  9 ++-
 webapp/web/admin/sparql.jsp                   |  3 +
 webapp/web/admin/sparqlquery/sparqlForm.jsp   |  3 +
 webapp/web/jenaIngest/connectDB.jsp           |  2 +
 webapp/web/jenaIngest/createModel.jsp         |  3 +
 webapp/web/jenaIngest/csv2rdf.jsp             |  2 +
 webapp/web/jenaIngest/csv2rdfSelectUri.jsp    |  2 +
 webapp/web/jenaIngest/executeWorkflow.jsp     |  2 +
 webapp/web/jenaIngest/exportSelection.jsp     |  3 +-
 webapp/web/jenaIngest/generateTBox.jsp        |  2 +
 webapp/web/jenaIngest/ingestMenu.jsp          |  3 +
 webapp/web/jenaIngest/listModels.jsp          |  2 +
 webapp/web/jenaIngest/loadRDFData.jsp         |  3 +
 webapp/web/jenaIngest/mergeIndividuals.jsp    |  3 +
 webapp/web/jenaIngest/merge_result.jsp        |  4 +-
 webapp/web/jenaIngest/permanentURI.jsp        |  3 +
 webapp/web/jenaIngest/processStrings.jsp      |  2 +
 webapp/web/jenaIngest/renameBNodes.jsp        |  3 +
 .../web/jenaIngest/renameBNodesURISelect.jsp  |  2 +
 webapp/web/jenaIngest/renameResource.jsp      |  6 +-
 webapp/web/jenaIngest/renameResult.jsp        |  3 +-
 webapp/web/jenaIngest/smushSingleModel.jsp    |  2 +
 webapp/web/jenaIngest/sparqlConstruct.jsp     |  2 +
 webapp/web/jenaIngest/splitPropertyValues.jsp |  2 +
 webapp/web/jenaIngest/subtractModels.jsp      |  2 +
 webapp/web/jenaIngest/workflowStep.jsp        |  2 +
 webapp/web/jenaIngest/xmlFileUpload.jsp       |  2 +
 .../web/jenaIngest/xmlFileUploadSuccess.jsp   |  8 +--
 .../templates/edit/specific/upload_rdf.jsp    |  3 +-
 34 files changed, 89 insertions(+), 76 deletions(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryBuilderServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryBuilderServlet.java
index ff2672898..cd4ae8ab5 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryBuilderServlet.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryBuilderServlet.java
@@ -1,86 +1,34 @@
 /* $This file is distributed under the terms of the license in /doc/license.txt$ */
-/*
-Copyright (c) 2010, Cornell University
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-    * Redistributions of source code must retain the above copyright notice,
-      this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above copyright notice,
-      this list of conditions and the following disclaimer in the documentation
-      and/or other materials provided with the distribution.
-    * Neither the name of Cornell University nor the names of its contributors
-      may be used to endorse or promote products derived from this software
-      without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
 
 package edu.cornell.mannlib.vitro.webapp.controller;
 
 import java.io.IOException;
-import java.io.OutputStream;
-import java.io.Writer;
-import java.net.URLDecoder;
-import java.util.ArrayList;
 import java.util.HashMap;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
 
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletException;
 import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
-import com.hp.hpl.jena.query.DataSource;
-import com.hp.hpl.jena.query.DatasetFactory;
-import com.hp.hpl.jena.query.Query;
-import com.hp.hpl.jena.query.QueryExecution;
-import com.hp.hpl.jena.query.QueryExecutionFactory;
-import com.hp.hpl.jena.query.QueryFactory;
-import com.hp.hpl.jena.query.QuerySolution;
-import com.hp.hpl.jena.query.ResultSet;
-import com.hp.hpl.jena.query.ResultSetFormatter;
 import com.hp.hpl.jena.query.Syntax;
-import com.hp.hpl.jena.rdf.model.Literal;
 import com.hp.hpl.jena.rdf.model.Model;
-import com.hp.hpl.jena.rdf.model.ModelMaker;
-import com.hp.hpl.jena.rdf.model.Resource;
 import com.hp.hpl.jena.sparql.resultset.ResultSetFormat;
-import com.hp.hpl.jena.vocabulary.XSD;
 
-import edu.cornell.mannlib.vedit.beans.LoginFormBean;
 import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
 
-/* @author ass92 */
-
-import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
-import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
-
 
 /**
  *  This servlet works as a RequestDispatcher to direct to the sparl query builder page.
  *  @author yuysun
  */
-
+@RequiresAuthorizationFor(UseAdvancedDataToolsPages.class)
 public class SparqlQueryBuilderServlet extends BaseEditController {
 
     private static final Log log = LogFactory.getLog(SparqlQueryBuilderServlet.class.getName());
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java
index d54c97b13..183ec7672 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java
@@ -47,6 +47,8 @@ import com.hp.hpl.jena.vocabulary.XSD;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
 import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
 import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
@@ -59,6 +61,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
  * @author bdc34
  *
  */
+@RequiresAuthorizationFor(UseAdvancedDataToolsPages.class)
 public class SparqlQueryServlet extends BaseEditController {
     private static final Log log = LogFactory.getLog(SparqlQueryServlet.class.getName());
 
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
index 68479d1e0..5924ce24f 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
@@ -15,10 +15,11 @@ import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vedit.util.FormUtils;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
 import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
-import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.Route;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
@@ -70,7 +71,7 @@ public class SiteAdminController extends FreemarkerHttpServlet {
             body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
             body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
             
-            if (loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) {
+			if (PolicyHelper.isAuthorized(vreq,	UseAdvancedDataToolsPages.class)) {
                 body.put("dataTools", getDataToolsData(vreq, urlBuilder));
                 
                 // Only for DataStar. Should handle without needing a DataStar-specific version of this controller.
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaExportController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaExportController.java
index 16b295faa..e6c51a3e6 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaExportController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaExportController.java
@@ -19,12 +19,15 @@ import com.hp.hpl.jena.rdf.model.ModelFactory;
 import com.hp.hpl.jena.shared.Lock;
 
 import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.dao.jena.JenaModelUtils;
 import edu.cornell.mannlib.vitro.webapp.dao.jena.ModelContext;
 import edu.cornell.mannlib.vitro.webapp.servlet.setup.JenaDataSourceSetupBase;
 
+@RequiresAuthorizationFor(UseAdvancedDataToolsPages.class)
 public class JenaExportController extends BaseEditController {
 
 	public void doGet( HttpServletRequest request, HttpServletResponse response ) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaIngestController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaIngestController.java
index 4c012efe5..03d6d090d 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaIngestController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/JenaIngestController.java
@@ -61,6 +61,8 @@ import com.hp.hpl.jena.util.ResourceUtils;
 import com.hp.hpl.jena.util.iterator.ClosableIterator;
 
 import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
 import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
@@ -78,6 +80,7 @@ import edu.cornell.mannlib.vitro.webapp.utils.jena.JenaIngestUtils;
 import edu.cornell.mannlib.vitro.webapp.utils.jena.JenaIngestWorkflowProcessor;
 import edu.cornell.mannlib.vitro.webapp.utils.jena.WorkflowOntology;
 
+@RequiresAuthorizationFor(UseAdvancedDataToolsPages.class)
 public class JenaIngestController extends BaseEditController {
 
 	private static final Log log = LogFactory.getLog(JenaIngestController.class);
@@ -110,11 +113,6 @@ public class JenaIngestController extends BaseEditController {
 
 	@Override
 	public void doGet (HttpServletRequest request, HttpServletResponse response) {
-
-		if (!checkLoginStatus(request,response)) {
-			return;
-		}
-		
 		VitroRequest vreq = new VitroRequest(request);
 		
 		ModelMaker maker = getVitroJenaModelMaker(vreq);
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadFormController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadFormController.java
index ca3efbbcf..f2a501865 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadFormController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadFormController.java
@@ -10,15 +10,19 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 
+@RequiresAuthorizationFor(UseAdvancedDataToolsPages.class)
 public class RDFUploadFormController extends BaseEditController {
 	
 	private static final Log log = LogFactory.getLog(RDFUploadFormController.class.getName());
 
-    public void doPost (HttpServletRequest request, HttpServletResponse response) {
+    @Override
+	public void doPost (HttpServletRequest request, HttpServletResponse response) {
 
         if (!checkLoginStatus(request,response))
             return;
@@ -49,7 +53,8 @@ public class RDFUploadFormController extends BaseEditController {
 
     }
 
-    public void doGet (HttpServletRequest request, HttpServletResponse response) {
+    @Override
+	public void doGet (HttpServletRequest request, HttpServletResponse response) {
         doPost(request,response);
     }
 
diff --git a/webapp/web/admin/sparql.jsp b/webapp/web/admin/sparql.jsp
index 77b48dadc..4b5c3066d 100644
--- a/webapp/web/admin/sparql.jsp
+++ b/webapp/web/admin/sparql.jsp
@@ -4,6 +4,9 @@
 <%@page import="java.util.ArrayList"%>
 <%@page import="java.util.List"%>
 
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <script type="text/javascript" src="../js/sparql/prototype.js">
 </script>
 <script type="text/javascript" src="../js/sparql/sparql.js">
diff --git a/webapp/web/admin/sparqlquery/sparqlForm.jsp b/webapp/web/admin/sparqlquery/sparqlForm.jsp
index eb40fb894..5c7dfe987 100644
--- a/webapp/web/admin/sparqlquery/sparqlForm.jsp
+++ b/webapp/web/admin/sparqlquery/sparqlForm.jsp
@@ -5,6 +5,9 @@
 <%@page import="java.util.ArrayList"%>
 <%@page import="java.util.List"%>
 
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <body>
 <div id="content" class="sparqlform">
 <h2>SPARQL Query</h2>
diff --git a/webapp/web/jenaIngest/connectDB.jsp b/webapp/web/jenaIngest/connectDB.jsp
index 75477049a..2525fbd43 100644
--- a/webapp/web/jenaIngest/connectDB.jsp
+++ b/webapp/web/jenaIngest/connectDB.jsp
@@ -1,6 +1,8 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
     
 <%@page import="java.util.List"%><h2><a class="ingestMenu" href="ingest">Ingest Menu</a> > Connect to Jena Database</h2>
 
diff --git a/webapp/web/jenaIngest/createModel.jsp b/webapp/web/jenaIngest/createModel.jsp
index a873f7662..7eb34a330 100644
--- a/webapp/web/jenaIngest/createModel.jsp
+++ b/webapp/web/jenaIngest/createModel.jsp
@@ -1,5 +1,8 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
     <h2><a class="ingestMenu" href="ingest">Ingest Menu</a> > Create New Model</h2>
 
     <form style="margin-bottom:2ex;" action="ingest" method="post">
diff --git a/webapp/web/jenaIngest/csv2rdf.jsp b/webapp/web/jenaIngest/csv2rdf.jsp
index ad68d3903..93573b79d 100644
--- a/webapp/web/jenaIngest/csv2rdf.jsp
+++ b/webapp/web/jenaIngest/csv2rdf.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/csv2rdfSelectUri.jsp b/webapp/web/jenaIngest/csv2rdfSelectUri.jsp
index a5be03dd6..77f31d4fd 100644
--- a/webapp/web/jenaIngest/csv2rdfSelectUri.jsp
+++ b/webapp/web/jenaIngest/csv2rdfSelectUri.jsp
@@ -12,6 +12,8 @@
 <%@ page import="java.util.HashMap" %>
 <%@ page import="java.util.Set" %>
 <%@ page import="java.util.Map.Entry" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/executeWorkflow.jsp b/webapp/web/jenaIngest/executeWorkflow.jsp
index a6bf6b518..6196c158a 100644
--- a/webapp/web/jenaIngest/executeWorkflow.jsp
+++ b/webapp/web/jenaIngest/executeWorkflow.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/exportSelection.jsp b/webapp/web/jenaIngest/exportSelection.jsp
index 7df0d84e4..79c2bd45c 100644
--- a/webapp/web/jenaIngest/exportSelection.jsp
+++ b/webapp/web/jenaIngest/exportSelection.jsp
@@ -6,7 +6,8 @@
 <%@ page import="edu.cornell.mannlib.vitro.webapp.controller.VitroRequest"%>
 <%@ page import="edu.cornell.mannlib.vitro.webapp.beans.Ontology"%>
 <%@ page import="edu.cornell.mannlib.vitro.webapp.dao.OntologyDao"%>
-
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <div class="staticPageBackground">
 
diff --git a/webapp/web/jenaIngest/generateTBox.jsp b/webapp/web/jenaIngest/generateTBox.jsp
index 9cbeb1816..d36398967 100644
--- a/webapp/web/jenaIngest/generateTBox.jsp
+++ b/webapp/web/jenaIngest/generateTBox.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/ingestMenu.jsp b/webapp/web/jenaIngest/ingestMenu.jsp
index 367c3753e..6a91aee6e 100644
--- a/webapp/web/jenaIngest/ingestMenu.jsp
+++ b/webapp/web/jenaIngest/ingestMenu.jsp
@@ -1,5 +1,8 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <h2>Ingest Menu</h2>
 
 <ul>
diff --git a/webapp/web/jenaIngest/listModels.jsp b/webapp/web/jenaIngest/listModels.jsp
index ba4ad8940..ef24ba2d3 100644
--- a/webapp/web/jenaIngest/listModels.jsp
+++ b/webapp/web/jenaIngest/listModels.jsp
@@ -4,6 +4,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.net.URLEncoder" %>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <script type="text/javascript">
 function init(){
diff --git a/webapp/web/jenaIngest/loadRDFData.jsp b/webapp/web/jenaIngest/loadRDFData.jsp
index a8e325f57..63188d347 100644
--- a/webapp/web/jenaIngest/loadRDFData.jsp
+++ b/webapp/web/jenaIngest/loadRDFData.jsp
@@ -1,5 +1,8 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <h2><a class="ingestMenu" href="ingest">Ingest Menu</a> > Load RDF Data</h2>
 
 <form style="margin-bottom: 2ex;" action="uploadRDF" method="POST" enctype="multipart/form-data">
diff --git a/webapp/web/jenaIngest/mergeIndividuals.jsp b/webapp/web/jenaIngest/mergeIndividuals.jsp
index c2d44f662..e873fdf8f 100644
--- a/webapp/web/jenaIngest/mergeIndividuals.jsp
+++ b/webapp/web/jenaIngest/mergeIndividuals.jsp
@@ -6,6 +6,9 @@
 <%@ page import="java.net.URLEncoder"%>
 <%@ page import="java.util.List"%>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <%
 
     ModelMaker maker = (ModelMaker) request.getSession().getAttribute("vitroJenaModelMaker");
diff --git a/webapp/web/jenaIngest/merge_result.jsp b/webapp/web/jenaIngest/merge_result.jsp
index ee0c40233..4e82075ee 100644
--- a/webapp/web/jenaIngest/merge_result.jsp
+++ b/webapp/web/jenaIngest/merge_result.jsp
@@ -1,7 +1,9 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
-
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <%@ page import="com.hp.hpl.jena.rdf.model.Model"%>
 
 <h2><a class="ingestMenu" href="ingest">Ingest Menu</a> > Merge Individuals</h2>
diff --git a/webapp/web/jenaIngest/permanentURI.jsp b/webapp/web/jenaIngest/permanentURI.jsp
index 5b09a324f..a23fd34ad 100644
--- a/webapp/web/jenaIngest/permanentURI.jsp
+++ b/webapp/web/jenaIngest/permanentURI.jsp
@@ -6,6 +6,9 @@
 <%@ page import="java.net.URLEncoder"%>
 <%@ page import="java.util.List"%>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <%
 
     ModelMaker maker = (ModelMaker) request.getSession().getAttribute("vitroJenaModelMaker");
diff --git a/webapp/web/jenaIngest/processStrings.jsp b/webapp/web/jenaIngest/processStrings.jsp
index cef9f632d..87f994e8f 100644
--- a/webapp/web/jenaIngest/processStrings.jsp
+++ b/webapp/web/jenaIngest/processStrings.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/renameBNodes.jsp b/webapp/web/jenaIngest/renameBNodes.jsp
index 02f170e70..a2802ceed 100644
--- a/webapp/web/jenaIngest/renameBNodes.jsp
+++ b/webapp/web/jenaIngest/renameBNodes.jsp
@@ -8,6 +8,9 @@
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
 
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
+
 <%
 
     ModelMaker maker = (ModelMaker) request.getSession().getAttribute("vitroJenaModelMaker");
diff --git a/webapp/web/jenaIngest/renameBNodesURISelect.jsp b/webapp/web/jenaIngest/renameBNodesURISelect.jsp
index 7144e4828..fd7eafab2 100644
--- a/webapp/web/jenaIngest/renameBNodesURISelect.jsp
+++ b/webapp/web/jenaIngest/renameBNodesURISelect.jsp
@@ -12,6 +12,8 @@
 <%@ page import="java.util.HashMap" %>
 <%@ page import="java.util.Set" %>
 <%@ page import="java.util.Map.Entry" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/renameResource.jsp b/webapp/web/jenaIngest/renameResource.jsp
index 87735bb13..fc37d7cb2 100644
--- a/webapp/web/jenaIngest/renameResource.jsp
+++ b/webapp/web/jenaIngest/renameResource.jsp
@@ -6,6 +6,8 @@
 <%@ page import="java.net.URLEncoder"%>
 <%@ page import="java.util.List"%>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <script type="text/javascript" src="js/jquery.js"></script>
 <script type="text/javascript" src="js/jenaIngest/ingestUtils.js"></script>
@@ -21,7 +23,7 @@ to follow the established "n" + random integer naming convention.</p>
 
 <form id="takeuri" action="ingest" method="get">
 <input type="hidden" name="action" value="renameResource"/>
-<p>Old Namespace  <input id="uri1" type="text" size="52" name="uri1"/></p>
-<p>New Namespace  <input id="uri2" type="text" size="52" name="uri2"/></p>
+<p>Old Namespaceďż˝ <input id="uri1" type="text" size="52" name="uri1"/></p>
+<p>New Namespaceďż˝ <input id="uri2" type="text" size="52" name="uri2"/></p>
 <p><input id="submit" type="submit" name="submit" value="Change namespace" /></p>
 </form>
\ No newline at end of file
diff --git a/webapp/web/jenaIngest/renameResult.jsp b/webapp/web/jenaIngest/renameResult.jsp
index d44cba16b..9ce188245 100644
--- a/webapp/web/jenaIngest/renameResult.jsp
+++ b/webapp/web/jenaIngest/renameResult.jsp
@@ -1,7 +1,8 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
-
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <h2><a class="ingestMenu" href="ingest">Ingest Menu</a> > Rename Resource</h2>
 
diff --git a/webapp/web/jenaIngest/smushSingleModel.jsp b/webapp/web/jenaIngest/smushSingleModel.jsp
index 7bbb5bb56..42bc56ad7 100644
--- a/webapp/web/jenaIngest/smushSingleModel.jsp
+++ b/webapp/web/jenaIngest/smushSingleModel.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/sparqlConstruct.jsp b/webapp/web/jenaIngest/sparqlConstruct.jsp
index 507fdb58b..02547d154 100644
--- a/webapp/web/jenaIngest/sparqlConstruct.jsp
+++ b/webapp/web/jenaIngest/sparqlConstruct.jsp
@@ -9,6 +9,8 @@
 <%@ page import="java.net.URLEncoder"%>
 
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/splitPropertyValues.jsp b/webapp/web/jenaIngest/splitPropertyValues.jsp
index a600d3bbc..4e07b7c7d 100644
--- a/webapp/web/jenaIngest/splitPropertyValues.jsp
+++ b/webapp/web/jenaIngest/splitPropertyValues.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/subtractModels.jsp b/webapp/web/jenaIngest/subtractModels.jsp
index 797d9b827..0f5b24fdc 100644
--- a/webapp/web/jenaIngest/subtractModels.jsp
+++ b/webapp/web/jenaIngest/subtractModels.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/workflowStep.jsp b/webapp/web/jenaIngest/workflowStep.jsp
index d6bd78e96..fb591044f 100644
--- a/webapp/web/jenaIngest/workflowStep.jsp
+++ b/webapp/web/jenaIngest/workflowStep.jsp
@@ -7,6 +7,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.util.List" %>
 <%@ page import="java.net.URLEncoder" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/xmlFileUpload.jsp b/webapp/web/jenaIngest/xmlFileUpload.jsp
index a87143ec8..44b5ae687 100644
--- a/webapp/web/jenaIngest/xmlFileUpload.jsp
+++ b/webapp/web/jenaIngest/xmlFileUpload.jsp
@@ -4,6 +4,8 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.net.URLEncoder" %>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <%
 
diff --git a/webapp/web/jenaIngest/xmlFileUploadSuccess.jsp b/webapp/web/jenaIngest/xmlFileUploadSuccess.jsp
index ece11a79d..e6dcf5af6 100644
--- a/webapp/web/jenaIngest/xmlFileUploadSuccess.jsp
+++ b/webapp/web/jenaIngest/xmlFileUploadSuccess.jsp
@@ -4,14 +4,10 @@
 <%@ page import="java.util.Iterator" %>
 <%@ page import="java.net.URLEncoder" %>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
-<%
-  
-
-%>
 <p>Uploaded XML files and converted to RDF.</p>
 <p>Loaded <%= request.getAttribute("statementCount") %> statements to the model <%= request.getAttribute("targetModel") %>.</p>
 
 <h2><a class="ingestMenu" href="ingest">Ingest Menu</a></h2>
-       
-    
diff --git a/webapp/web/templates/edit/specific/upload_rdf.jsp b/webapp/web/templates/edit/specific/upload_rdf.jsp
index 1171ce7f1..511ae5b98 100644
--- a/webapp/web/templates/edit/specific/upload_rdf.jsp
+++ b/webapp/web/templates/edit/specific/upload_rdf.jsp
@@ -1,7 +1,8 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
-
+<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
+<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
 
 <div class="staticPageBackground">