When a user fails to create a new ACL due to server-side restrictions, the ACL should be discarded from the store. Otherwise, it will show up in the user list despite not being active (and a page refresh would make it disappear). Similar problem to #659
