Granting the 'Administer Projects' permission to a 'Custom Field' within a permission scheme allows all users to see the Project Settings

Issue Summary

This is reproducible on Data Center: (yes)

Granting the Administer Projects permission to a User custom field value results in users having access to the Project Settings area even when the field is not populated.

Steps to Reproduce

1. Create a new project with sample data
2. Create a new user without project administration permissions to the newly created project
3. Create a new custom field of type User Picker
4. On the Project Settings, go to the Permission schemes area
5. Edit the Administer Projects permissions and grant it to the new custom field
6. Log in as the user without project administration permissions
7. Verify that the new user has access to the Project Settings page

Expected Results

The user should not have access to the Project Settings.

Actual Results

The user has access to the Project Settings even though the field is not populated.

Workaround

Remove the granted permission to the custom field.