Use these commands in wsadmin to remove users and groups from roles on the topic space root.
To remove a user or group's permission to access a topic space, remove the user or group from the topic space root role.$AdminTask removeUserFromTopicSpaceRootRole
{-bus busName
-topicSpace topicSpaceName
-role roleName
-user userName}
$AdminTask removeGroupFromTopicSpaceRootRole
{ -bus busName
-topicSpace topicSpaceName
-role roleName
-group groupName}
$AdminConfig save