Description
Currently the SecureNodeBuilder uses the current state that includes all transient changes when constructing the SecurityContext after a refresh.
This is potentially troublesome, as we generally don't enforce write access controls on transient changes (they're only checked during save), and it might therefore be possible for a client to transiently modify the permissions and thus gain access to content that would otherwise be read-protected.
To avoid worrying about such cases the SecureNodeBuilder should always use the base state (i.e. no transient modifications) for the SecurityContext.