# File lib/declarative_authorization/development_support/development_support.rb, line 40
      def self.apply_change (engine, change)
        case change[0]
        when :add_role
          role_symbol = change[1]
          if engine.roles.include?(role_symbol)
            false
          else
            engine.roles << role_symbol
            true
          end
        when :add_privilege
          privilege, context, role = change[1,3]
          role = Role.for_sym(role.to_sym, engine)
          privilege = Privilege.for_sym(privilege.to_sym, engine)
          if ([privilege] + privilege.ancestors).any? {|ancestor_privilege| ([role] + role.ancestors).any? {|ancestor_role| !ancestor_role.rules_for_permission(ancestor_privilege, context).empty?}}
            false
          else
            engine.auth_rules << AuthorizationRule.new(role.to_sym,
                [privilege.to_sym], [context])
            true
          end
        when :remove_privilege
          privilege, context, role = change[1,3]
          role = Role.for_sym(role.to_sym, engine)
          privilege = Privilege.for_sym(privilege.to_sym, engine)
          rules_with_priv = role.rules_for_permission(privilege, context)
          if rules_with_priv.empty?
            false
          else
            rules_with_priv.each do |rule|
              rule.rule.privileges.delete(privilege.to_sym)
              engine.auth_rules.delete(rule.rule) if rule.rule.privileges.empty?
            end
            true
          end
        end
      end