Allow a user to manage only one page

There are multiple different ways to implement the requirement where any particular user should be able to see and manage only one page on the backend or through RESTful API. This policy defines the default access settings to all pages by hiding them on the backend and API levels, as well as restricting access to edit, delete or publish. The only page that will be allowed is the one that is defined by the custom field pageIdOrSlug. Finally, the user will not be able to create any new pages.

Note! WordPress core grants privileges to manage pages with following capabilities edit_pages, edit_published_pages, delete_pages, delete_published_pages, delete_others_pages, edit_others_pages, delete_private_pages,edit_private_pages. By default, all these capabilities are granted to the Editor role that is why make sure that your desired user or role that has at least edit_pages, delete_pages and publish_pages capabilities assigned.

This policy was designed to be assigned to an individual user rather than to a role because if this policy is assigned to a role, then all the users that belong to it, will be able to manage page specified in pageIdOrSlug custom field.

{
    "Version": "1.0.0",
    "Dependency": {
        "wordpress": ">=5.3.2",
        "advanced-access-manager": ">=6.2.1",
        "${CONST.AAM_PLUS_PACKAGE}": {
            "Name": "Plus Package",
            "Version": ">=5.0.0",
            "URL": "https://aamplugin.com/pricing/plus-package"
        }
    },
    "Statement": [
        {
            "Effect": "deny",
            "Resource": "PostType:page:posts",
            "Action": [
                "List"
            ],
            "Condition": {
                "Equals": {
                    "(*bool)${CALLBACK.is_admin}": true,
                    "(*bool)${CONST.REST_REQUEST}": true
                }
            }
        },
        {
            "Effect": "deny",
            "Resource": "PostType:page:posts",
            "Action": [
                "Create",
                "Edit",
                "Delete",
                "Publish"
            ]
        },
        {
            "Effect": "allow",
            "Resource": "Post:page:${POLICY_META.pageIdOrSlug}",
            "Action": [
                "List",
                "Edit",
                "Delete",
                "Publish"
            ]
        }
    ]
}
POLICY ID
Copy this unique number and use it to install the policy on your website. To learn more how it works, follow this link.
DEPENDENCIES List of required plugins for this policy to work properly.
WordPress >=5.3.2
Advanced Access Manager >=6.2.1
Plus Package >=5.0.0
ASSIGNEES The type of audience the policy is automatically applied to as well as excluded. To learn more how it works, follow this link

This policy does not apply to any role, user or visitors. You need to attach this policy to desired audience manually. Learn more here.