You should explicitly grant role access to the tables (feature classes) using Desktop,
and explicitly grant user access to roles using SQL.
EDIT: I've just re-read a few things in this thread. You said that the user can see the data if permissions are given to the user directly rather than just to the role. In that case, please check to see if the role in question for that user account is set to be a DEFAULT role in Oracle.
Thank you very much, William. You were exactly right about the default roles.