tl;dr I wrote a WordPress plugin that defines an appropriate user role for clients.
The CMS admin section has been a challenge for me building websites in the client services world. In a training session, I want to be able to tell a client that they can go ahead, change anything they see in the CMS. They can’t break the site, everything is safe to experiment with. I feel as though unless you can say this, the CMS implementation is flawed. Why should a client be presented with options they should never touch, or prompts they can’t act upon?
This philosophy has ben reinforced by my recent trial of Squarespace, which I now believe to be the gold standard in friendly content management.
Over the past few years I’ve tried a lot of different things in an attempt to make the WordPress admin section this type of experience – one where you truly can change anything you see without causing harm.
The challenge usually resides in the client often needing a user more permissive role than ‘editor’, but shouldn’t be able to break the site by disabling plugins or editing the theme. You can use must-use plugins and remove other themes, but if permissions aren’t set properly themes can be added, and must-use plugins have their limitations. You can hide items from the admin menu, but that just creates a pain in the butt for yourself down the line.
On a project currently in development I decided to go another route and create a specific user role for the client, which I call ‘manager’. The plugin is written in a single file, making it easy to use as a must-use plugin. It’s not perfect, and I have to circumvent a limitation in WordPress itself for the time being, but I think it’s a step forward. I’ll definitely be tweaking the capabilities and features over time.
Right now it is not in the wordpress.org plugin directory, just because I wanted to get it out quickly, and needed a git repo for it anyways. Until it hits the directory, you can try it on GitHub.
PenguinPress Manager Role: https://github.com/nathansh/pp-manager-role