Michal,
First of all EPESI's Record Browser permission system handles this kind of access automatically. There is no need to write custom module to accomplish this goal.
First you create a company. Then assign to this company contacts. This is your first (main) company and every user/contact is your employee.
There are 2 levels of access defined by default, or rather 3: employee, manager and none (if left empty).
Employee can create records, edit and delete them. But employee can not delete records created by other users.
Managers can delete all records by default.
If set to none a user can access only his/her own record and his own company (a company to which he/she was assigned).
Then you can easily modify rules using Record Browser's permission system or create new access level in addition to employee and manager - for example "customer" and create new rules.
By default every employee can see all companies in the database, but this can be easily changed via admin -> Record Browser Permissions tool.
When you create new company and add several contacts/users to it you can easily restrict access to certain records. An example of this is Account Manager module (optional under CRM module). Whit this module you can set Access Permissions to show a user only these companies to which this user was assigned as Account Manager. Look at this example:

As you can see here - if a user has no access level assigned (All users = not specified access level) then this user can delete only companies created by him/her: Created by is equal to User Login. Also look at View criteria - this user will see only his/her own company.
These criteria can be easily modified using this GUI tool without writing a line of code. I explained also how to create new access levels in this post: viewtopic.php?f=8&t=1077&hilit=+access
Several versions ago we decided to abandon the idea of Main Company in favor of multiple companies. There is a module called Parent Company where you can build a hierarchy of companies/departments. If the Parent Company field is left blank it means that this is a Mother company. If this field is not empty than it means that the company is a Child of the Parent Company.
Therefore what you are building is redundant in my opinion.

You write in the first post:
[quote:2cx8imd2]I need to create condition where companys are displaying only if their Contacts/Access group is the same as currently logged in contact. [/quote:2cx8imd2]
Let me rewrite it:
You want to restrict access to these companies only to which a user is set as an Account Manager.
If you need different set of rules you may want to construct a different set of permissions, but the way you are trying to achieve is not clear to me and questionable.
Maybe you can elaborate more on this subject so that I can understand better what you are trying to accomplish?