I'm not getting the whole thing, but one thing you should do is exclude userroles differently, since your users can have multiple roles. In your setup you’re asking “does this user have a role that is not roleX and does this user have a role that is not roleY”. If a user has both roleX and roleY this is always true. It has a role other than roleX (which is roleY) and it has a role other than roleY (which is roleX).
If you do as follows, you’re asking “does this user have a role that is neither roleX nor roleY etc.:
[System.UserRoles/System.UserRole[
Name != 'roleX' and
Name != 'roleY' and
Name != 'roleZ' and
Name != 'Administrator']]