I had a case on my company that some users has functionality of one company and has diffent functionality onthe other company. and it's required to don't give unauthorized access to any information in any company.

example: assume I've 2 companies "Company 1" & " Company 2" and 2 users "User1" & "User2"

User1 should be Purchasing manager on Company 1 and inventory Manager on Company 2

User2 should be only inventory Manager on Company 1

either users shouldn't access other user information nor perform Validate actions on stores which not allowed  for him.

I want to check if any one faces such case and how he solved???

Note: I don't prefer to create multiple users account for each user because it's very annoying to the users to perform their daily tasks.