You are over complicating the requirement. All you need to do is assign the user a structural profile having the desired root org unit and controlling ESG through standard general authorizations objects P_ORGIN/P_ORGXX. You do not need a FM unless you want to determine the root org via standard FMs RH_GET_MANAGER_ASSIGNMENT or RH_GET_ORG_ASSIGNMENT.
Intersection of general and structural authorizations would determine the final access.
Authorizations for Human Resources - SAP Library
Hope this helps.
Donnie