To make getPersistedCapabilities more accurate I copied the capabilities that come with runtime roles into runtimeCapabilities. The problem is that, if that capability were removed from the runtime role, it would still be propagated in getRefreshed(). It's better to just remove getPersistedCapabilities() than risk granting a user a capability that's been removed from one of her roles.
To make getPersistedCapabilities more accurate I copied the capabilities that come with runtime roles into runtimeCapabilities. The problem is that, if that capability were removed from the runtime role, it would still be propagated in getRefreshed(). It's better to just remove getPersistedCapabilities() than risk granting a user a capability that's been removed from one of her roles.