This document will cover possible scenarios of how permissions are cascaded in aria automation for service broker users and service broker viewer. 

Aria Automaton 8.x

Flowchart: 

Scenario A: User A is a Service Broker Viewer ---> Also a member of a project ---> Added as a user in content sharing policy for the project. 

Result: User A can view all the catalog items and request the items.

Scenario B: User B is a Service Broker Viewer ---> Also a viewer of a project ---> Added as a user in content sharing policy for the project.

Result: User B can only view all the catalog items and not request items.

Scenario C: User C is a Service Broker User ---> Also a member of a project ---> Added as a user in content sharing policy for the project.

Result: User C can view and request catalog items which are added in the policy only.

Scenario D: User D is a Service Broker User ---> Also a viewer of a project ---> Added as a user in content sharing policy for the project.

Result: User D can only view catalog items which are added in the policy only.

Scenario E: User E is a Service Broker Viewer ---> Not part of any project

Result: User E can view all the entitled catalog items. Cannot request any item.

Scenario F: User F is a Service Broker Viewer --> Member of a project ---> Not added as a user in content sharing policy.

Result: User F can view and request all the entitled catalog items.

Scenario G: User G is a Service Broker User ---> Not part of any project

Result: User G cannot view any items.

Scenario H: User H is a Service Broker User --> Member of a project ---> Not added as a user in content sharing policy.

Result: User H cannot view any items.