SuiteCRM Security Setup Question?

I have an occasion to setup security a little more complex than normal. I have a client with 4 divisions and I can setup most of it, but i’m having trouble figuring out how to set up the “Territory Manager Role” All the rest are pretty straight forward.

I’d like to stick with just 4 groups, one for each Division if possible. I think I could probably setup this structure by setting up multiple groups per division, but I’d like not to do that. Any security setup gurus that can give me a pointer if this is possible?

(Diagram Attached)

security group822×857 23.3 KB

I think I could do this, (diagram attached), but I’d like to avoid having more than the main 4 security groups (for other reasons), is that possible?

security group2830×847 36 KB

I think second option is the most easy to achieve. The first one could be possible to achieve via programming. Adding extra fields to identify records and then restricting views from hooks based on value on those custom fields.