/**
   * Removes a group role's access to a specific action.
   *
   * @param action Action to remove access from.
   * @param group The group whose access we are revoking.
   * @param role The role whose access we are revoking.
   * @return boolean Whether or not the access existed and was removed.
   */
  public boolean revokeGroupRoleAccess(String action, String group, String role) {
    if (allowsSpecificGroupRole(action, group, role)) {
      SecurityAccess access = getAccess(action);
      List allows = access.getAllows();
      if (allows == null || allows.isEmpty()) {
        revokeAccess(action);
        return false;
      }

      for (int i = 0; i < allows.size(); i++) {
        BaseSecurityAllow allow = (BaseSecurityAllow) allows.get(i);
        if (allow.getGroup() != null
            && allow.getGroup().equals(group)
            && allow.getRole() != null
            && allow.getRole().equals(role)) {
          allows.remove(i);
          if (allows.isEmpty() && access.getOwnerAllows().isEmpty()) {
            revokeAccess(action);
          }

          return true;
        }
      }
    }
    return false;
  }
 /**
  * Checks whether a group is specifically allowed to access the request action This method ignores
  * the "*" action and is here to play a maintenance role.
  */
 public boolean allowsSpecificGroup(String action, String group) {
   SecurityAccess access = (SecurityAccess) getAccess(action);
   if (access.getAllAllows() != null) {
     Iterator allAllows = access.getAllows().iterator();
     while (allAllows.hasNext()) {
       SecurityAllow allow = (SecurityAllow) allAllows.next();
       if (allow.getGroup() != null && allow.getGroup().equals(group)) {
         return true;
       }
     }
   }
   return false;
 }
  /**
   * Grants access for a specific action to a specific user for this SecurityEntry. This grants
   * specific access ignores "*" action, if it exists.
   *
   * @param String action The action we are granting access to.
   * @param String user The user that will receive access to this action.
   * @return boolean Whether or not the access was granted. Basically, a <code>false</code> means
   *     that this role already has specific access.
   */
  public boolean grantUserAccess(String action, String user) {
    if (!allowsSpecificUser(action, user)) {
      SecurityAccess access = getAccess(action);
      List allows = access.getAllows();
      if (allows == null) {
        allows = new Vector();
      }

      BaseSecurityAllow allow = new BaseSecurityAllow();
      allow.setUser(user);
      allows.add(allow);

      buildAccessMap();

      return true;
    }

    return false;
  }
  /**
   * Grants access for a specific action to a specific group for this SecurityEntry. This grants
   * specific access ignores "*" action, if it exists.
   *
   * @param String action The action we are granting access to.
   * @param String group The group that will receive access to this action.
   * @return boolean Whether or not the access was granted. Basically, a <code>false</code> means
   *     that this group already has specific access.
   */
  public boolean grantGroupAccess(String action, String group) {
    if (!allowsSpecificGroup(action, role)) {
      SecurityAccess access = getAccess(action);
      List allows = access.getAllows();
      if (allows == null) {
        allows = new Vector();
      }

      BaseSecurityAllow allow = new BaseSecurityAllow();
      allow.setGroup(group);
      allows.add(allow);

      buildAccessMap();

      return true;
    }

    return false;
  }
  /**
   * Removes a user's access to a specific action.
   *
   * @param action Action to remove access from.
   * @param role The role whose access we are revoking.
   * @return boolean Whehter or not the access existed and was removed.
   */
  public boolean revokeUserAccess(String action, String user) {
    if (allowsSpecificUser(action, user)) {
      SecurityAccess access = getAccess(action);
      List allows = access.getAllows();
      if (allows == null || allows.isEmpty()) {
        revokeAccess(action);
        return false;
      }

      for (int i = 0; i < allows.size(); i++) {
        BaseSecurityAllow allow = (BaseSecurityAllow) allows.get(i);
        if (allow.getUser() != null && allow.getUser().equals(user)) {
          allows.remove(i);
          if (allows.isEmpty() && access.getOwnerAllows().isEmpty()) {
            revokeAccess(action);
          }

          return true;
        }
      }
    }
    return false;
  }