From d0a42181bf5cd67a9d735888bdb59aada6b362cc Mon Sep 17 00:00:00 2001
From: bdc34 <bdc34@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Wed, 14 Jul 2010 15:56:38 +0000
Subject: [PATCH] author and publication links cannot be deleted from the
 authorship node authorship node will not offer an add link for author or pub
 NIHVIVO-739

---
 .../vitro/webapp/auth/policy/VivoPolicy.java  | 33 +++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/VivoPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/VivoPolicy.java
index ebe80565e..c47bd865b 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/VivoPolicy.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/VivoPolicy.java
@@ -6,12 +6,14 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DefaultInconclusivePolicy;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddObjectPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
 
 public class VivoPolicy extends DefaultInconclusivePolicy{
 
-	private static String AUTHORSHIP =  "http://vivoweb.org/ontology/core#informationResourceInAuthorship"; 
+	private static String AUTHORSHIP_FROM_PUB =  "http://vivoweb.org/ontology/core#informationResourceInAuthorship"; 
+	private static String AUTHORSHIP_FROM_PERSON =  "http://vivoweb.org/ontology/core#authorInAuthorship";
 	@Override
 	public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
 			RequestedAction whatToAuth) {
@@ -21,10 +23,37 @@ public class VivoPolicy extends DefaultInconclusivePolicy{
 			
 			/* Do not offer the user the option to delete so they will use the custom form instead */ 
 			/* see issue NIHVIVO-739 */
-			if( AUTHORSHIP.equals( dops.getUriOfPredicate() )) {
+			if( AUTHORSHIP_FROM_PUB.equals( dops.getUriOfPredicate() )) {
 				return new BasicPolicyDecision(Authorization.UNAUTHORIZED, 
 						"Use the custom edit form for core:informationResourceInAuthorship");
 			}
+			
+			if( AUTHORSHIP_FROM_PERSON.equals( dops.getUriOfPredicate() )) {
+				return new BasicPolicyDecision(Authorization.UNAUTHORIZED, 
+						"Use the custom edit form for core:authorInAuthorship");
+			}
+			 
+			if( "http://vivoweb.org/ontology/core#linkedAuthor".equals( dops.getUriOfPredicate())){
+				return new BasicPolicyDecision(Authorization.UNAUTHORIZED, 
+					"Use the custom edit form for on information resource to edit authors.");
+			}
+			
+			if( "http://vivoweb.org/ontology/core#linkedInformationResource".equals( dops.getUriOfPredicate())){
+				return new BasicPolicyDecision(Authorization.UNAUTHORIZED, 
+					"Use the custom edit form for on information resource to edit authors.");
+			}			
+		}
+		if( whatToAuth instanceof AddObjectPropStmt ){
+			AddObjectPropStmt aops = (AddObjectPropStmt)whatToAuth;
+			if( "http://vivoweb.org/ontology/core#linkedAuthor".equals( aops.getUriOfPredicate())){
+				return new BasicPolicyDecision(Authorization.UNAUTHORIZED, 
+					"Use the custom edit form for on information resource to edit authors.");
+			}
+			
+			if( "http://vivoweb.org/ontology/core#linkedInformationResource".equals( aops.getUriOfPredicate())){
+				return new BasicPolicyDecision(Authorization.UNAUTHORIZED, 
+					"Use the custom edit form for on information resource to edit authors.");
+			}	
 		}
 		
 		return super.isAuthorized(whoToAuth, whatToAuth);