Simple enough question, is this enough? or is there a corner case where a user can end up with some information pointing to not logged in but still with a role of some sort.
@if (User.IsInRole(Roles.Administrator))
or do I have to do this?
@if (SignInManager.IsSignedIn(User) && User.IsInRole(Roles.Administrator))
The Roles will be populated by the membership provider when a user logs in and persisted until their session expires, so just as long as you don't have an administrator role for anonymous users the first check will be enough.