Is it possible to have boolean (AND/OR) demands for a permission object if I am using declarative method with attributes?

For example... If I use:

[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "Teller")]

They have to be in role Teller... ok, I get that... What if I want to allow for Teller or Manager ? Basically, my question comes from wanting to test our app where our code genertor has put the attributes on the methods, but we haven't put them all in the database? Any other ways around this?

Also, what if I want them to have TWO roles to access the permissionobject?

Can I use these attributes on the Get/Set of a property? How do you guys secure data items in the app? In VFP we used to have three levels for each 'security name', read-only, none, full... and we just dealt with security in the UI control, enabling/visible settings based on the level of its security name.

If I use permissionobject attributes on my Get/Seters in my BizObj... it seems that I have to have two permissions(roles) read each data item... SetField and GetField? Also, with this approach how does the UI (web form) know whether to show the control...???

Thanks for any ideas.

BOb