Regarding permissions,
Our company uses a CustomEntity that links to a Shot. This CustomEntity has fields that can contain the UserType entity and links to multiple Shot entities.
We have a requirement where we would need to limit the visibility of groups of users (with the same role).
I see that there are SG fields on the User such as groups and sg_vendor_group. I am able to set a group in the sg_vendor_group and that does limit the User to not being able to view Shots and Tasks not associated with the group. Unfortunately I can still access the CustomEntity that contains the User fields I do not want available to the user.
tldr;
Is there an easy way in ShotGrid to limit access to allow us to support multiple 3rd party vendors and ensure that they cannot access other group information?