Summarizing possible approaches:
- single repository with multiple branches, pull-requests and branch policies by your favorite Git service, to restrict who can accept PRs into which branch
- multiple repositories in fork fashion for the individual groups, PRs between the repositories if needed
- every commit has an author and committer stored in it's metadata, which cleary identifies users involved.