The other use for project roles is for setting component visibility using the client-side RBAC feature. Security-enabled projects have an additional Roles property group for each widget in the All properties of the Component Property Inspector panel. This enables developers to easily control the visibility of a widget based on group membership:
Checking adminrole, for example, means that only users with the adminrole group membership will be able to see the widget. This is client-side functionality that effectively controls the showing property of a widget based on the logged-in users' roles. Being client-side functionality, it is critical to remember that this can be defeated. Widget visibility is a great way to provide the appropriate options for users, but it is not secure.
Consider the example of a button that navigates a user to an administration page or invokes an operation in an administration service. Restricting the visibility of the button presents the proper interface...