/** * Checks whether a role is specifically allowed to access the request action This method ignores * the "*" action and is here to play a maintenance role. * * @param String action name of action to check * @param String role name of role to verify access for * @return boolean whether or not the <code>role</code> has access to this specific action. */ public boolean allowsSpecificUser(String action, String user) { BaseSecurityAccess access = (BaseSecurityAccess) getAccess(action); if (access.getAllAllows() != null) { Iterator allAllows = access.getAllows().iterator(); while (allAllows.hasNext()) { BaseSecurityAllow allow = (BaseSecurityAllow) allAllows.next(); if (allow.getUser() != null && allow.getUser().equals(user)) { return true; } } } return false; }