vasyl alright, let's break down all the moving parts in this case study. So...
- We have some a post type with an indefinite number of posts, where posts are tagged with some custom taxonomy (in our case it is park);
- We also have custom user meta park that contains an of term ids or term slugs. It can be a serialized array of values or comma-separated list;
- This way, if the user can see and read ONLY posts that are tagged with terms listed in user meta park;
The solution is quite straight forward, however, it requires Plus Package add-on.
{
"Version": "1.0.0",
"Dependency": {
"wordpress": ">=5.1.1",
"advanced-access-manager": ">=6.4.1",
"${CONST.AAM_PLUS_PACKAGE}": {
"Name": "Plus Package",
"Version": ">=5.3.1",
"URL": "https://aamplugin.com/pricing/plus-package"
}
},
"Statement": [
{
"Effect": "deny",
"Resource": "PostType:post:posts",
"Action": [
"Read",
"List"
]
},
{
"Effect": "allow",
"Resource": [
"Term:park:%s:posts => ${USER_META.park}"
],
"Action": [
"Read",
"List"
]
}
]
}
In the first statement, we define the default access to all posts that belong to post type post with PostType:post:posts
resource.
In the second statement, we define mapped resource Term:park:%s:posts => ${USER_META.park}
that basically dynamically allow all the posts that are tagged with custom taxonomy park where the list of tag IDs/Slugs are defined in the user meta park
.