You have a GetRoles function that assigns roles to a user based on their primary and additional groups. However, currently, only the roles from the primary group are being considered, which limits user access by ignoring roles from additional groups.

To fix this, u need to:

Merge roles from all groups (both primary and additional) to create a unique list of accessible roles and update the GetAccess function to iterate over all groups instead of only the primary group.