Our customer raised a request to restrict View/Edit user access for a request type based on both security group and user.
For example, there is a field named "Supplier". If the value of this field is A, then only the users matching either of below conditions can view/edit the request:
1. belong to security group "Supplier Lead for A"
2. belong to security group "Supplier PM for A"; AND, the user is in another field "Supplier PM" of this request.
We plan to add a hidden field to populate the security groups based of "Supplier". For exampe, if A is selected as Supplier, then the rule will populate two security groups in the hidden field: "Supplier Lead for A" and "Supplier PM for A". Then we add the token for the hidden field in User Access tab of this request type.