I create a DT getting called from a DP. In DT, I check for the role and its valid date range which has been assigned to that operator from a specific custom UI which we created, where managers can promote normal users to manager role for a specific time period. If the current logged in date fits within the date range, then I populate a pty with the role name on the DP.
Then I use that pty value to match against the user roles in when rules. These when rules are applied on different UI actions, to give different capabilities to logged in user.