I am using an AD-Internal hybrid user source, very tiny just for testing purposes. I have myself with a bunch of roles
and a button with this security -
My project is set to use the correct user source, my AD-Internal Hybrid.
As you can see, I have the PD_ASO_Admin role, however when I load up my project, the button is disabled 
Am I misuing this security? As I understood it, it was “if any of those roles checked on the left are met, then the user has clearance, otherwise disable”. What am I doing wrong?