← Knowledge Base / For Developers / Agencies

Capability Grant System — How It Works

Last updated: March 21, 2026

The Problem

WordPress menu items are tied to capabilities. A “Subscriber” can’t see “Posts” because they don’t have the edit_posts capability. Normally, you’d need a role editor plugin to add capabilities — but that has security implications.

PME’s Solution

Pro Menu Editor uses a dynamic capability grant system that works at runtime only. When you click the lock icon (🔒) on a restricted item, PME:

  1. Marks the item as “granted” in the configuration
  2. Records which capability is needed (edit_posts, manage_options, etc.)
  3. At page load, uses the user_has_cap filter to dynamically grant that capability
  4. The grant ONLY applies to the specific menu/page context

Security

  • Grants are not permanent — they only exist while PME is active
  • Grants do NOT apply during AJAX, REST API, or cron requests
  • Administrators are excluded (they already have all caps)
  • The capability is added at runtime via a filter, not stored in the database role definition
  • If you deactivate PME, all grants disappear instantly

Use Cases

  • Let an Editor access “Settings → Reading” without giving them manage_options
  • Let a Shop Manager access custom plugin pages
  • Create a “Marketing” menu for Editors that includes pages they normally can’t see

Related Articles

Agency Setup Guide — Client Sites

The Agency Workflow With the Agency plan, you can install Pro Menu Editor on unlimited client sites. Here's the recommended…

Hooks & Filters for Developers

Available Hooks Pro Menu Editor provides several hooks for developers who want to extend functionality: Actions pme_before_apply_menu — Fires before…