Create a separate role type of entity connect that to the users. Now this entity will allow the user to select the appropriate role, because it's not limited by the user roles. The in an event MF set the user role, the MF should not take entity access into account (default behaviour). So now the Project Manager can implicitly select the user role from the new role entity.
Hope this helps, as there is not a lot of detail in the question, but maybe this will point you in a solution direction?
To rewrite my answer: why is a user not able to read a userrole he can't manage even though he only wants to read this role?
IMHO Mendix should not limit the ability to read the role but only the option to create the association UserRoles. But this is the system domain model which probably makes it hard to implement.