User authorities (Kernel organizations) (and other info) are not refreshed until 5 minutes #100
Description
In order to improve performance, especially of import, the Datacore caches users and their authorities, with refresh-triggering eviction one hour later (or LRU policy, see conf : https://github.com/pole-numerique/oasis-datacore/blob/master/oasis-datacore-rest-server/src/main/resources/datacore-server-ehcache.xml ).
This may induce undue 403 Unauthorized responses. For now, client apps may merely display a message, when changing rights or getting back such dubious 403 (then prefixed by "Datacore operation not authorized, maybe because of out of sync user organization memberships"): "Datacore is not aware of user organizations changes right away, changed user must either log out or wait an hour" message in this case.
LATER if acceptable in some cases (NOT when invited in an org by another user), after confirmation, log the modified user out, so that he must log in again and therefore get a new, up-to-date, uncached token.
LATER (v2) evict user when authorities change in order to refresh them, on cue (call) from Kernel (using its events / bus API ?) or even Portal.