When SecurityTrimming is enabled adding the [Authorize] attribute with a comma-delimited list of roles does not show the Menu items

[kendo-bot]

Bug report

Adding the [Authorize(Roles = "Admin, User")] attribute at Controller or Actions within the Controller does not show the Menu items.

Reproduction of the problem

1. Create an application with authorization and add "Admin" and "User" roles.

2. Add the [Authorize(Roles = "Admin, User")] attribute to a specified Action method within the Controller:

public class HomeController : Controller
{
        public IActionResult Index()
        {
            return View();
        }

        [Authorize(Roles = "Admin, User")]
        public IActionResult Security_Information()
        {
            return View();
        }
}

3. Add a Menu:

    @(Html.Kendo().Menu()
        .Name("htmlhelperMenu")
        .SecurityTrimming(true)
        .Items(menu =>
        {
            menu.Add().Text("Home").Action("Index", "Home");
            menu.Add().Text("Security Information").Action("Security_Information", "Home");
        })
    )

    <kendo-menu name="taghelperMenu">
        <items>
            <menu-item text="View Inventory">
                <sub-items>
                    <menu-item text="Home" asp-controller="Home" asp-action="Index"></menu-item>
                    <menu-item text="Security Information" asp-controller="Home" asp-action="Security_Information"></menu-item>
                </sub-items>
            </menu-item>
        </items>
    </kendo-menu>

4. The "Security Information" Menu item is not visible when the user is logged as "Admin" or as "User".

Expected/desired behavior

The "Security Information" Menu item should be visible when the [Authorize(Roles = "Admin, User")] attribute is added to the respective Action/Controller and the user is logged as "Admin" or as "User".

Environment

• **Telerik UI for ASP.NET Core version: 2023.2.606
• **Browser: [all]

[mihaela-lukanova]

Increased priority due to a report in the public feedback item.