Many thanks for the pointer. I actually ended up using
select COUNT(*) AS shared_user_count FROM tips_guest_users WHERE ((guest_type = 'DEVICE') AND (CAST(attributes->'airgroup_shared_user' AS TEXT) ~ E'.*%{Authentication:Username}.*'))
This returns an integer value
0 = no one has shared an airgroup device with this user
>0 = someone has configured an airgroup device to be sharable with this userid
The above value is then used in our eduroam service to apply a given set of ACLs to a wifi session so a user can see a given set of airgroup server devices