A user should only have access to those farm assets and logs that are assigned to the farm organization that is related to the group that the user is a member of.
Proposed resolution
Create a group for each existing organization when the module is installed. Add the organization to the group.
Add/delete a group when a farm organization is added/deleted.
Add an access control handler that allows the user access to the assets and logs assigned to the farm that the user is related to via the group. Deny access to other assets and logs.
Add views filter to filter out results that the user does not have access to by reason of the group that the user is a member of.