Octopus Deploy v2019.9.1.LTS
While attempting to limit permissions for specific roles to specific Project Groups, Project permissions seem to be leaking through instead of behaving as described in the following documentation. https://octopus.com/docs/administration/managing-users-and-teams#restricting-project-and-project-group-access
You can see by the following examples how the expected permissions are reflected in the export of the permissions, but not reflected withing the web interface. Testing also indicates that the expected permissions are not being applied to the excluded Project Groups.
Here, specific project Groups are selected.
Here, the permissions export shows the expected permissions limited to the selected Project Groups.
Here, you can see that the UI does not reflect the expected permissions.