ZF-11789: Zend_Acl removeAllow doesn't work correctly!

Description

When you define some resources and a role and grant all privilege to one role then removeAllow doesn't work correctly!

    $this->addResource(new Zend_Acl_Resource('default'))
         ->addResource(new Zend_Acl_Resource('default_user'), 'default')
         ->addResource(new Zend_Acl_Resource('default_login'), 'default');

    $this->addRole(new Zend_Acl_Role('superAdmin'));

    $this->allow('superAdmin');
    $this->removeAllow('superAdmin', 'default_user', array('deleteSuperAdmin','editSuperAdmin'));

when you call $this->isAllowed('superAdmin', 'default_user', 'editSuperAdmin') it returns true!

Comments

It seems you should initially call allow with particular resource and it's privilege for one top level role and then deny the resource and it's privilege in bottom level of roles. I test it and it works correctly. But this issue is not wrong! Because when you see my sample code you hope it work correctly!