Capabilities and permissions
Octa Editor never grants access of its own. Every surface checks WordPress capabilities, so a user or an API account can only do what its role already allows.
Per-surface gates
Section titled “Per-surface gates”| Surface | Gate |
|---|---|
| Editor panel | Only appears for users who may edit the current record. |
| Bulk import page | Requires the page capability, edit_posts by default (filter octa_editor_bulk_cap). |
| REST API | Each route runs a contextual capability check for posts or terms. |
| Abilities (MCP) | Read abilities are public, save-document is off by default (filter octa_editor_ability_mcp_public). |
| Settings tab | Requires manage_options. |
| Media alt column | Requires the capability to edit the attachment. |
Publishing
Section titled “Publishing”Setting a publish status (publish, future, private) requires the caller’s publish capability. Without it, the status is downgraded and a octa_status_adjusted warning is returned rather than failing the whole write.
Anti-oracle listing
Section titled “Anti-oracle listing”Listing and search never leak the existence of records the caller can’t reach.
- A caller without
edit_others_postsonly sees its own records. - Each object is filtered again per item with an
edit_poststyle check.
The same rule applies to the REST list endpoints and to the bulk page’s pattern search. There is no way to probe for records you are not allowed to access.
Restricting scope
Section titled “Restricting scope”Limit which content types Octa Editor touches with octa_editor_allowed_post_types and octa_editor_allowed_taxonomies, and which the bulk importer accepts with octa_editor_bulk_post_types and octa_editor_bulk_taxonomies. See Hooks and filters.