Hello,
This happens because you excluded security principal Self from the activity scope of the Blind User role. The security principal Self also includes all groups a user is a member of.
To fix your problem you can do the following:
-
Create a new Security Role.
-
Add Deny Read Groups permission to this role.
-
Assign this role to Everyone over the groups that you what to hide.
-
Exclude the users that you want to allow to view these groups from the activity scope.
We are considering changing this behaviour, and probably in the next version, the security principal Self will be treated as the self user account only.