How to assign permissions for specific user groups for specific sets of content?

Hi everyone, pretty straightforward question here but one I have not had success finding an answer for as of yet. I am part of a small team who looks after a company website of approximately 30,000 pages. We just moved our website from Sharepoint (eww) into Drupal 8 (yay!) but one of the difficulties we are still having is how to configure permissions for specific users/groups for specific sets of content.

For example, our Human Resources staff should only be able to edit Human Resources pages, while our Finance department should only be able to edit Finance pages, etc.

Currently, all of our site content is arranged via taxonomy tagging – we have created a Department taxonomy for all of our departments and all of the pages have been tagged with their respective department tags.

We have also created a number of custom Roles within Drupal, to which we have assigned specific users who belong to those respective departments – for example, our Human Resources staff accounts have been tagged with the Human Resources Editors Role, which has permissions to create and update content (among other things, but these are their basic content permission requirements).

Right now we’re at a bit of a standstill because we can’t figure out how to assign these permissions to users or Roles in a way that they function the way we need (how I’ve described above, so that each department can only edit/update their own department’s content).

We have installed the Drupal Permissions By Term module, which in theory should do what we want, but after several weeks of implementation and testing, we have been unable to use it in the way I have described above. Basically this module does let us assign specific roles or specific users to specific tags of content, which sounds like exactly what we need to do, but it doesn’t work this way on our site – it seems as though users can either edit EVERY page on the website, or they can edit NO pages on the website.

I’m just wondering if anyone has ever experienced a similar issue, whether with this particular module or with assigning group permissions to specific sets of content in general? We don’t HAVE to use this module, it just sounded like it had the functionality we wanted. But we are open to any solution that will let us achieve this end so that our users can begin updating their own (and only their own) sites and content.

Any suggestions/ideas/feedback would be most appreciated! Thank you in advance! 🙂

Drupal version: