UserContext should allow some way of adding/removing non-persisted roles/capabilities. e.g. You may want to give all users/visitors default roles or capabilities in certain contexts without having to store those user_role assignments in the DB. These would need to be propagated through getRefreshed().
Example 1: add a role: Capabilities of role "authenticated_user" are looked up from storage
$runtimeRoles = array('authenticated_user');
$uc = $storage->fetchUserContext($userId, $runtimeRoles);
// store $uc in session
Example 2: add capabilities without an existing role
$uc = $storage->fetchUserContext($userId);
$uc = $uc->addRuntimeCapabilities($authenticatedUserCapabilities);
// store $uc in session
UserContext should allow some way of adding/removing non-persisted roles/capabilities. e.g. You may want to give all users/visitors default roles or capabilities in certain contexts without having to store those user_role assignments in the DB. These would need to be propagated through getRefreshed().
Example 1: add a role: Capabilities of role "authenticated_user" are looked up from storage
Example 2: add capabilities without an existing role