Index: src/__phutil_library_map__.php
===================================================================
--- src/__phutil_library_map__.php
+++ src/__phutil_library_map__.php
@@ -653,6 +653,9 @@
     'DrydockBlueprintScopeGuard' => 'applications/drydock/util/DrydockBlueprintScopeGuard.php',
     'DrydockBlueprintSearchEngine' => 'applications/drydock/query/DrydockBlueprintSearchEngine.php',
     'DrydockBlueprintViewController' => 'applications/drydock/controller/DrydockBlueprintViewController.php',
+    'DrydockCapabilityCreateBlueprints' => 'applications/drydock/capability/DrydockCapabilityCreateBlueprints.php',
+    'DrydockCapabilityDefaultEdit' => 'applications/drydock/capability/DrydockCapabilityDefaultEdit.php',
+    'DrydockCapabilityDefaultView' => 'applications/drydock/capability/DrydockCapabilityDefaultView.php',
     'DrydockCommandInterface' => 'applications/drydock/interface/command/DrydockCommandInterface.php',
     'DrydockConsoleController' => 'applications/drydock/controller/DrydockConsoleController.php',
     'DrydockConstants' => 'applications/drydock/constants/DrydockConstants.php',
@@ -3080,6 +3083,9 @@
     'DrydockBlueprintQuery' => 'DrydockQuery',
     'DrydockBlueprintSearchEngine' => 'PhabricatorApplicationSearchEngine',
     'DrydockBlueprintViewController' => 'DrydockBlueprintController',
+    'DrydockCapabilityCreateBlueprints' => 'PhabricatorPolicyCapability',
+    'DrydockCapabilityDefaultEdit' => 'PhabricatorPolicyCapability',
+    'DrydockCapabilityDefaultView' => 'PhabricatorPolicyCapability',
     'DrydockCommandInterface' => 'DrydockInterface',
     'DrydockConsoleController' => 'DrydockController',
     'DrydockController' => 'PhabricatorController',
Index: src/applications/drydock/application/PhabricatorApplicationDrydock.php
===================================================================
--- src/applications/drydock/application/PhabricatorApplicationDrydock.php
+++ src/applications/drydock/application/PhabricatorApplicationDrydock.php
@@ -7,7 +7,7 @@
   }
 
   public function getShortDescription() {
-    return 'Allocate Software Resources';
+    return pht('Allocate Software Resources');
   }
 
   public function getIconName() {
@@ -57,4 +57,18 @@
     );
   }
 
+  protected function getCustomCapabilities() {
+    return array(
+      DrydockCapabilityDefaultView::CAPABILITY => array(
+      ),
+      DrydockCapabilityDefaultEdit::CAPABILITY => array(
+        'default' => PhabricatorPolicies::POLICY_ADMIN,
+      ),
+      DrydockCapabilityCreateBlueprints::CAPABILITY => array(
+        'default' => PhabricatorPolicies::POLICY_ADMIN,
+      ),
+    );
+  }
+
+
 }
Index: src/applications/drydock/capability/DrydockCapabilityCreateBlueprints.php
===================================================================
--- /dev/null
+++ src/applications/drydock/capability/DrydockCapabilityCreateBlueprints.php
@@ -0,0 +1,20 @@
+<?php
+
+final class DrydockCapabilityCreateBlueprints
+  extends PhabricatorPolicyCapability {
+
+  const CAPABILITY = 'drydock.blueprint.create';
+
+  public function getCapabilityKey() {
+    return self::CAPABILITY;
+  }
+
+  public function getCapabilityName() {
+    return pht('Can Create Blueprints');
+  }
+
+  public function describeCapabilityRejection() {
+    return pht('You do not have permission to create Drydock blueprints.');
+  }
+
+}
Index: src/applications/drydock/capability/DrydockCapabilityDefaultEdit.php
===================================================================
--- /dev/null
+++ src/applications/drydock/capability/DrydockCapabilityDefaultEdit.php
@@ -0,0 +1,16 @@
+<?php
+
+final class DrydockCapabilityDefaultEdit
+  extends PhabricatorPolicyCapability {
+
+  const CAPABILITY = 'drydock.default.edit';
+
+  public function getCapabilityKey() {
+    return self::CAPABILITY;
+  }
+
+  public function getCapabilityName() {
+    return pht('Default Blueprint Edit Policy');
+  }
+
+}
Index: src/applications/drydock/capability/DrydockCapabilityDefaultView.php
===================================================================
--- /dev/null
+++ src/applications/drydock/capability/DrydockCapabilityDefaultView.php
@@ -0,0 +1,16 @@
+<?php
+
+final class DrydockCapabilityDefaultView
+  extends PhabricatorPolicyCapability {
+
+  const CAPABILITY = 'drydock.default.view';
+
+  public function getCapabilityKey() {
+    return self::CAPABILITY;
+  }
+
+  public function getCapabilityName() {
+    return pht('Default Blueprint View Policy');
+  }
+
+}
Index: src/applications/drydock/controller/DrydockBlueprintCreateController.php
===================================================================
--- src/applications/drydock/controller/DrydockBlueprintCreateController.php
+++ src/applications/drydock/controller/DrydockBlueprintCreateController.php
@@ -7,6 +7,9 @@
     $request = $this->getRequest();
     $viewer = $request->getUser();
 
+    $this->requireApplicationCapability(
+      DrydockCapabilityCreateBlueprints::CAPABILITY);
+
     $implementations =
       DrydockBlueprintImplementation::getAllBlueprintImplementations();
 
Index: src/applications/drydock/controller/DrydockBlueprintEditController.php
===================================================================
--- src/applications/drydock/controller/DrydockBlueprintEditController.php
+++ src/applications/drydock/controller/DrydockBlueprintEditController.php
@@ -29,6 +29,9 @@
       $impl = $blueprint->getImplementation();
       $cancel_uri = $this->getApplicationURI('blueprint/'.$this->id.'/');
     } else {
+      $this->requireApplicationCapability(
+        DrydockCapabilityCreateBlueprints::CAPABILITY);
+
       $class = $request->getStr('class');
 
       $impl = DrydockBlueprintImplementation::getNamedImplementation($class);
Index: src/applications/drydock/controller/DrydockBlueprintListController.php
===================================================================
--- src/applications/drydock/controller/DrydockBlueprintListController.php
+++ src/applications/drydock/controller/DrydockBlueprintListController.php
@@ -50,11 +50,16 @@
   }
 
   public function buildApplicationCrumbs() {
+    $can_create = $this->hasApplicationCapability(
+      DrydockCapabilityCreateBlueprints::CAPABILITY);
+
     $crumbs = parent::buildApplicationCrumbs();
     $crumbs->addAction(
       id(new PHUIListItemView())
         ->setName(pht('New Blueprint'))
         ->setHref($this->getApplicationURI('/blueprint/create/'))
+        ->setDisabled(!$can_create)
+        ->setWorkflow(!$can_create)
         ->setIcon('create'));
     return $crumbs;
   }
Index: src/applications/drydock/storage/DrydockBlueprint.php
===================================================================
--- src/applications/drydock/storage/DrydockBlueprint.php
+++ src/applications/drydock/storage/DrydockBlueprint.php
@@ -12,7 +12,19 @@
   private $implementation = self::ATTACHABLE;
 
   public static function initializeNewBlueprint(PhabricatorUser $actor) {
+    $app = id(new PhabricatorApplicationQuery())
+      ->setViewer($actor)
+      ->withClasses(array('PhabricatorApplicationDrydock'))
+      ->executeOne();
+
+    $view_policy = $app->getPolicy(
+      DrydockCapabilityDefaultView::CAPABILITY);
+    $edit_policy = $app->getPolicy(
+      DrydockCapabilityDefaultEdit::CAPABILITY);
+
     return id(new DrydockBlueprint())
+      ->setViewPolicy($view_policy)
+      ->setEditPolicy($edit_policy)
       ->setBlueprintName('');
   }
 
@@ -67,19 +79,10 @@
   }
 
   public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
-    switch ($capability) {
-      case PhabricatorPolicyCapability::CAN_VIEW:
-      case PhabricatorPolicyCapability::CAN_EDIT:
-        return $viewer->getIsAdmin();
-    }
+    return false;
   }
 
   public function describeAutomaticCapability($capability) {
-    switch ($capability) {
-      case PhabricatorPolicyCapability::CAN_VIEW:
-        return pht('Administrators can always view blueprints.');
-      case PhabricatorPolicyCapability::CAN_EDIT:
-        return pht('Administrators can always edit blueprints.');
-    }
+    return null;
   }
 }