Restrict pageTree by user group

def groupName = 'GROUP_NAME'
def operations = ['read', 'update']
def rootPageId = 'PARENT_PAGE_ID'
def accountId = 'ACCOUNT_ID'

// Fetch all group IDs
def groupNameId = get("/wiki/rest/api/group")
        .asObject(Map)
        .body
        .results
        .find { group -> group.name == groupName }?.id

// Check if the user is a member of the target group
def isUserInGroup = get("/wiki/rest/api/user/memberof?accountId=${accountId}")
        .asObject(Map)
        .body
        .results
        .any { it.name == groupName }
if (!isUserInGroup) {
    logger.warn "User '${accountId}' is not a member of group '${groupName}'"
    return
}

// Queue-based traversal
def queue = [rootPageId]

while (!queue.isEmpty()) {
    def currentPageId = queue.remove(0)

    // Get title for current page
    def currentPage = get("/wiki/rest/api/content/${currentPageId}")
            .queryString("expand", "title")
            .asObject(Map)
            .body

    // Apply restrictions to a page
    operations.each { operation ->
        put("/wiki/rest/api/content/${currentPageId}/restriction/byOperation/${operation}/user?accountId=${accountId}")
                .asObject(Map)

        logger.info "'${accountId}' added to '${operation}' restriction on '${currentPage.title}'"

        put("/wiki/rest/api/content/${currentPageId}/restriction/byOperation/${operation}/byGroupId/${groupNameId}")
                .asObject(Map)

        logger.info "Group '${groupName}' added to '${operation}' restriction on '${currentPage.title}'"
    }

    // Fetch and enqueue child pages
    def children = get("/wiki/rest/api/content/${currentPageId}/child/page")
            .queryString("limit", 1000)
            .asObject(Map)
            .body
            .results

    queue.addAll(children*.id)
}