By special request of @Buggy i deal with the Security provider approach of using the IN operator to detect role allocations.
We then go on to firstly add a security restrict to a layout to prevent access from non authorised users then we retrieve a list of roles allocated to the current user via an API call on the layout page and use them to hide/show regions by use of conditional regions.
VERSION 2 DUE TO SOME MAJOR ERRORS IN VERSION 1