Everytime the user signs in we need to do the following checking regarding membership policies:
1. Each membership of the user would need to be checked to ensure that the user is still allowed to keep that membership.
2. If the policy mandates that the user must be a member of an organization that he is not yet a member of, the membership should be automatically created.
3. Additional roles will need to be assigned to all remaining organization memberships. Existing roles will never be removed since the portal will not know whether they were assigned automatically due to a previous policy or manually and intentionally.