Button disabled via security but shouldn't be?

I am using an AD-Internal hybrid user source, very tiny just for testing purposes. I have myself with a bunch of roles

and a button with this security -

My project is set to use the correct user source, my AD-Internal Hybrid.

As you can see, I have the PD_ASO_Admin role, however when I load up my project, the button is disabled image

Am I misuing this security? As I understood it, it was “if any of those roles checked on the left are met, then the user has clearance, otherwise disable”. What am I doing wrong?

I think having a role “Developer” really screwed things up. Deleting that things seem to work as normal now.