Hi Bjoern,

In order to protect post from view we need to set view restrictions at the post level.
Via user interface – open post for editing and select to which roles you allow to see its content at front-end.
By program – set related post meta fields values according to your needs.

View restrictions at the role level – allows to set more exact criteria, via selected taxonomies, for example.