Runtime access for module roles

Hi, there is the following scenario that I would like to resolve. I have a module let’s call it MyModule. Within MyModule I have two module roles let’s call them RoleA and RoleB. Also in MyModule there is an entity Entity which has a member Member of an enumeration Enum ( A, B, C, D). I want to achieve that users of RoleA are only allowed to write values A and B to Member, whereas RoleB can only write values C and D to Member. What is the best way to achieve this? My idea was to use a before-commit-event to check for the module role but I could not figure out how to retrieve the module role of the current user. 
1 answers

A sort of hidden feature is the availability of userrole-tokens. You will see them if you in a microflow do a retrieve on Account and set the XPath constraint to


then press Ctrl-space and then arrow-up once and you will see the available roles.