Use access_filter for applying user-specific data restrictions

Follow