Make sure we don't have false positive for old user migrations, other…

…wise it can end up overriding the role

core/src/plugins/conf.serial/class.AJXP_SerialUser.php

@@ -158,9 +158,11 @@ public function load()
             $this->roles["AJXP_USR_"."/".$this->id] = $personalRole;
         } else {
             // MIGRATE NOW !
-            $this->migrateRightsToPersonalRole();
-            AJXP_Utils::saveSerialFile($this->getStoragePath()."/role.ser", $this->personalRole, true);
-            AJXP_Utils::saveSerialFile($this->getStoragePath()."/rights.ser", $this->rights, true);
+            $changes = $this->migrateRightsToPersonalRole();
+            if ($changes) {
+                AJXP_Utils::saveSerialFile($this->getStoragePath()."/role.ser", $this->personalRole, true);
+                AJXP_Utils::saveSerialFile($this->getStoragePath()."/rights.ser", $this->rights, true);
+            }
         }
 
         $this->recomputeMergedRole();

core/src/plugins/conf.sql/class.AJXP_SqlUser.php

@@ -427,15 +427,21 @@ public function load()
         } else {
             // MIGRATE NOW !
             $originalRights = $this->rights;
-            $this->migrateRightsToPersonalRole();
-            $removedRights = array_keys(array_diff($originalRights, $this->rights));
-            $this->roles["AJXP_USR_"."/".$this->id] = $this->personalRole;
+            $changes = $this->migrateRightsToPersonalRole();
             // SAVE RIGHT AND ROLE
-            if (count($removedRights)) {
-                // We use (%s) instead of %in to pass everyting as string ('1' instead of 1)
-                dibi::query("DELETE FROM [ajxp_user_rights] WHERE [login] = %s AND [repo_uuid] IN (%s)", $this->getId(), $removedRights);
+            if ($changes > 0) {
+                // There was an actual migration, let's save the changes now.
+                $removedRights = array_keys(array_diff($originalRights, $this->rights));
+                if (count($removedRights)) {
+                    // We use (%s) instead of %in to pass everything as string ('1' instead of 1)
+                    dibi::query("DELETE FROM [ajxp_user_rights] WHERE [login] = %s AND [repo_uuid] IN (%s)", $this->getId(), $removedRights);
+                }
+                AuthService::updateRole($this->personalRole);
+            } else {
+                $this->personalRole = new AJXP_Role("AJXP_USR_"."/".$this->id);
             }
-            AuthService::updateRole($this->personalRole);
+            $this->roles["AJXP_USR_"."/".$this->id] = $this->personalRole;
+
         }
         $this->recomputeMergedRole();
     }

core/src/plugins/core.conf/class.AbstractAjxpUser.php

@@ -413,19 +413,22 @@ public function recomputeMergedRole()
 
     protected function migrateRightsToPersonalRole()
     {
+        $changes = 0;
         $this->personalRole = new AJXP_Role("AJXP_USR_"."/".$this->id);
         $this->roles["AJXP_USR_"."/".$this->id] = $this->personalRole;
         foreach ($this->rights as $rightKey => $rightValue) {
             if ($rightKey == "ajxp.actions" && is_array($rightValue)) {
                 foreach ($rightValue as $repoId => $repoData) {
                     foreach ($repoData as $actionName => $actionState) {
                         $this->personalRole->setActionState("plugin.all", $actionName, $repoId, $actionState);
+                        $changes++;
                     }
                 }
                 unset($this->rights[$rightKey]);
             }
             if(strpos($rightKey, "ajxp.") === 0) continue;
             $this->personalRole->setAcl($rightKey, $rightValue);
+            $changes++;
             unset($this->rights[$rightKey]);
         }
         // Move old CUSTOM_DATA values to personal role parameter
@@ -451,7 +454,7 @@ protected function migrateRightsToPersonalRole()
                 }
             }
         }
-
+        return $changes;
     }
 
     protected function orderRoles($r1, $r2)