/**
* Removes a group role's access to a specific action.
*
* @param action Action to remove access from.
* @param group The group whose access we are revoking.
* @param role The role whose access we are revoking.
* @return boolean Whether or not the access existed and was removed.
*/
public boolean revokeGroupRoleAccess(String action, String group, String role) {
if (allowsSpecificGroupRole(action, group, role)) {
SecurityAccess access = getAccess(action);
List allows = access.getAllows();
if (allows == null || allows.isEmpty()) {
revokeAccess(action);
return false;
}
for (int i = 0; i < allows.size(); i++) {
BaseSecurityAllow allow = (BaseSecurityAllow) allows.get(i);
if (allow.getGroup() != null
&& allow.getGroup().equals(group)
&& allow.getRole() != null
&& allow.getRole().equals(role)) {
allows.remove(i);
if (allows.isEmpty() && access.getOwnerAllows().isEmpty()) {
revokeAccess(action);
}
return true;
}
}
}
return false;
}
/**
* Removes a user's access to a specific action.
*
* @param action Action to remove access from.
* @param role The role whose access we are revoking.
* @return boolean Whehter or not the access existed and was removed.
*/
public boolean revokeUserAccess(String action, String user) {
if (allowsSpecificUser(action, user)) {
SecurityAccess access = getAccess(action);
List allows = access.getAllows();
if (allows == null || allows.isEmpty()) {
revokeAccess(action);
return false;
}
for (int i = 0; i < allows.size(); i++) {
BaseSecurityAllow allow = (BaseSecurityAllow) allows.get(i);
if (allow.getUser() != null && allow.getUser().equals(user)) {
allows.remove(i);
if (allows.isEmpty() && access.getOwnerAllows().isEmpty()) {
revokeAccess(action);
}
return true;
}
}
}
return false;
}