writing from scratch is not recommended for what you want . you can handle your requirements using asp.net membership .
1- you can save user information in their profiles (company , name , ... ) or create another table to map users to companies.
2- for your second question ,you can create a separate class or method to handle the access.
something like below :
public IList<string> GetRolesUserCanAssign(string userRole)
{
var roles = new List<string>();
if(userRole == "Manager" || userRole == "FrontDesk")
{
return roles;
}
roles.AddRange(new[]{"Manager" , "FrontDesk"});
if(userRole == "CompanyAdmin")
{
return roles;
}
if(userRole == "ApplicationAdmin")
{
roles.Add("CompanyAdmin");
}
return roles;
}