Description of problem:
XMPP user remains in admin role although it is removed from "admin" ACL - he can see everything that is allowed on access rules when "admin" acl is used. 
i.e. access rules:
{access, announce, [{allow, admin}]}.
{access, configure, [{allow, admin}]}.
{access, muc_admin, [{allow, admin}]}.

still allowing user (which is no more member of "admin" acl) to make such actions (view configuration,commands in Service Discovery, sending announcments and so on )

Version-Release number of selected component (if applicable):
ejabberd-2.1.11-3.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. configure himself with admin role with following acl:
{acl, admin, {user, "jid", "domain.tld"}}.
2. log in to XMPP service
3. log out from XMPP service
4. remove/comment out the ACL created in step 1
5. log in back to XMPP service
  
Actual results:
user is still with admin rights (he can view configuration,commands in Service Discovery, sending announcments, managing MUC and so on)

Expected results:
user should not be more with admin rights

Additional info:
- workaround: after every change in ACL I am removing file "/var/lib/ejabberd/spool/acl.DCD" - which forces ejabberd to recreate it on startup according actual configuration from ejabberd.cfg
- yes, when you log into Ejabberd Web GUI, you will not be treated as admin, but in usual clients (miranda, pidgin) you can accessible admin tools and execute a admin operations/commands.