@Cynthia19
You go to a list view of the sys_user_has_role table, filter based on role and/or user. Make sure the Inheritance Map field is included in the columns. If there is an 'Inheritance count' value (the role assignment was inherited from another role or group), the 'Inheritance map' column will have a link to see that.
What I posted in the other thread follows, to see if the 'admin' role is in some "inheritance hierarchy". OOB, the 'admin' role is not inherited. However, previous instance admins could have added that role to another role and/or group. So it is inherited by assigning the parent role/group to a user. The following should help with determining that.
<post>
https://[instance_url]/sys_user_role_list.do?sysparm_query=includes_roles!%3DNULL&sysparm_view=
to see those roles that include other roles. See if 'admin' is in that list in the 'Includes roles' field. If so, get the list 'Names'. consider those that "parent" of the 'admin' role. Then use those 'Name' values to search the same table again with filter "Include roles", "is one of", and the list of names. Consider those the grand-parents of 'admin'. Repeat until no records are returned.
There is also the sys_user_role_contains table that when querried for 'Contains', 'is', 'admin', the same roles should show. If you see any, use the 'Role' values to search again as the 'Contains' value, these 'Roles" would be "grand-parents" of admin.
For Group hierarchy, go to:
https://[instance_url]/sys_group_has_role_list.do?sysparm_query=role%3D2831a114c611228501d4ea6c309d626d&sysparm_view=
(where '2831a114c611228501d4ea6c309d626d' is the sys_id value of the sys_user_role record for 'admin')
If there are any and Inherit is true, then use those group name values to search the sys_user_group table and see if any have a 'parent'. If so, use those group name values to search again (to find grand-parents). Continue until you get no results.
</post>
