mrclay
commented
9 years ago Get rid of "runtimeCapabilities" altogether
Open mrclay opened 13 years ago
mrclay
commented
9 years ago Get rid of "runtimeCapabilities" altogether
To make getPersistedCapabilities more accurate I copied the capabilities that come with runtime roles into runtimeCapabilities. The problem is that, if that capability were removed from the runtime role, it would still be propagated in getRefreshed(). It's better to just remove getPersistedCapabilities() than risk granting a user a capability that's been removed from one of her roles.