Allow-Permission for content entries without a tag

Hello, I haven a problem implementing a “Roles & Permission”-Use Case because there is no Allow-Permission for articles without a tag.

You can configure Allow-Permissions for all entries and for entries with a tag, but not for entries without a tag.

What I want to achieve:

There are multiple users that may edit the same Content Type.
Every User has a tag and may only edit and publish entries with their tag.

So what I try to configure is:

  • Every User can create new entries
  • Every User may edit entries without a tag
  • User may edit entries with their tag

Since there is no permission for entries without a tag, I tried to work around with Deny-Permissions

Allow:

  • Every User can create new entries
  • Every User may edit every entry
  • User may edit entries with their tag

Deny:

  • User may not edit entries with "other tag"

And this works as long entries have only one tag.

But if an entry is tagged with multiple tags, the Deny-Permission overwrites the Allow-Permission.

So User “Shark” can edit entries without a tag and entries tagged with “Shark”,
but if an entry is tagged with “Shark” and “Dolphin”,
the Deny-Rule for “may not edit entries tagged with Dolphin” prevents the User Shark from editing the entry.

Is there a way to work around that problem? Using tags is already just a workaround to have permissions on a content entry-level, so we don’t need a dedicated Content Types for every User Group.