Comment 8 for bug 1450519

Hi Shula, the patch only affects those settings that have a view permission attached, which aren't many; primarily credit card related settings. You should be able to set one of these permissions at BR1 and then a BR2 circ staff user should not be able to see them:
Enable AuthorizeNet payments
AuthorizeNet login
AuthorizeNet password
AuthorizeNet server
AuthorizeNet test mode
Name default credit processor
Enable PayflowPro payments
PayflowPro login/merchant ID
PayflowPro partner
PayflowPro password
PayflowPro test mode
PayflowPro vendor
Enable PayPal payments
PayPal login
PayPal password
PayPal signature
PayPal test mode
Enable Stripe payments
Stripe publishable key
Stripe secret key

Though I'd ask that no one change the default credit card processor or Stripe settings since that's also being tested there. :) Just changing something like the authorize.net password and seeing if it's visible from a different location is probably enough to verify if things are working.