In non-default tenant, user included in the child group unable to access documents with access rights given to a parent group
Problem is in AuthorityBridgeTableAsynchronouslyRefreshedCache introduced in 4.1.3. It refreshes asynchronously from thread pool, there current tenant is unknown. buildCache() receives tenantId as a parameter, passes into transaction, but in the doBuildCache() parameter tenantId is not used. Instead, AbstractAuthorityBridgeDAO.getAuthorityBridgeLinks() uses tenant service to get tenant-specific store ID - it is useless, we are in the pooled thread...
Result is that AuthorityDAU does not have proper ancestors links for tenants, and is unable to trace rights inheritance