You want a menu to be seen only in certain conditions without creating a new “permission” stuff. You can use the filter attribute in your menuItem. You can access the request and context in it.

Simple example:

<menuItem
    for="*"
    title="My dinosaur menu"
    description=""
    permission="zope.Public"
    action="@@mydinosaurpage"
    menu="mainmenu"
    filter="context/@@displayForDinosaursOnly"/>

Now we have to create a view that will be called by the filter attribute, the only working way I found was using a grok view (e.g. menufilter.py):

from five import grok
from Products.CMFCore.utils import getToolByName

from zope.interface import Interface

class DisplayForDinosaursOnly(grok.View):
    """
    Menu using that class as filter will be displayed
        for Dinosaurs roles
    """
    grok.context(Interface)
    grok.name('displayForDinosaursOnly')

    def render(self):
        pm = getToolByName(self.context, 'portal_membership')
        roles = pm.getAuthenticatedMember().getRoles()
        return 'Dinosaur' in roles

And finally register your grok view:

<grok:grok package="my.package.ns.menufilter" />

And voilà! Your dinosaur menu will only be seen by dinosaurs, the filter is working.