Restriction groups not taking effect
If you use Type A, then you have to put all Items in a Restriction Group. Then the User will only be able to see the Items in the Restriction Group / Restriction Groups that they belong to.
Not every single item. But an Item won't be restricted unless it's in a Restriction Group. So you'd have to login as a user who does not have access to a certain Restriction Group, then you'll see that they don't have access to the Items in that Restriction Group. That's with Type A Restriction Groups.
Tried this as well:
Add an item to a restriction group.
Do NOT add the user to said restriction group
Result: User can still see the items in the restriction group. The only way to hide the items in the restriction group is to use an inverse group. The effect I want is this: Add user to restriction group, user can only see items in that group, no other items
Restrictions Groups is a Nightmare - if you've made a mistake - How do you delete a restriction Group, and re-setup one?
You can't. Set them up in a test tenant and verify before doing so in production.
You can try voting here but it doesn't seem to be going anywhere.
And yes, they are a nightmare!
Agreed, can't delete them. Can only deactivate them. Similar challenge when trying to delete Attributes.