When and if a partner requests their own login to allow them to edit content, it’s important to customise the role so as not to confuse and so as not to allow access to things they shouldn’t have. mostly, anything templated.
Important! There are two DEVELOPER logins setup in these roles, wpepos_contributor, and wpepos_editor. DO NOT HAND THE CLIENT THESE ACCOUNTS. Make new ones for the same roles. By all means delete these accounts from your specific deployment when you’re sure you’re done configuring them.
Fortunately, the vast majority of this is preconfigured, like so many things in this framework!
Two plugins do the lifting; Adminimize handles role permissions. Client Dash handles the custom menu entries and dash.
Adminimize is very simple to pre-configure and dynamically changes according to the plugins you have activated for fine grained control. IF you should deactivate a plugin that is activated by default in this framework you should absolutely check should you reactivate it any associated permissions for that plugin have been altered by your doing so.
Adminimize Settings:
Definitely do this:
in Admin Bar Back End Options, and in Admin Bar Front End Options:
Make sure the following items are checked to deactivated for EDITOR and CONTRIBUTOR roles:
- NEW > AE Templates
- NEW > Template
in Global Options:
Make sure the following items are checked to deactivated for EDITOR and CONTRIBUTOR roles:
- Admin Notices
in Dashboard options:
- Broken Link Checker. Why? Because it false positives certain shortcoded dynamic links, and they have the potential to press the ‘fix’ button and which translates to actually breaking all the pods templates…
in Menu Options:
Make sure EVERYTHING in the Group (including the group) is checked to deactivate in:
- AE Templates (6 checkboxes)
- Templates (8 checkboxes)
in Write Options – AE Global Templates
Make sure selected ALL for both roles.
in Write options – My Templates
Make sure selected ALL for both roles.
Probably do this:
The following items shouldn’t be necessary, but there’s no harm in making double sure… so deactivate for EDITOR and CONTRIBUTOR roles:
- NEW > User (should be hidden by default by wordpress)
in Menu Options:
- Plugins Group – deactivate everything (should be hidden by default by wordpress)
Client Dash Settings:
I would suggest you set up your Menu for both roles per the following. No more, no less:
For the dashboard, I would suggest you leave only these:
You should also check that Elementor Role Manager denies access to the editor.
…however, role editing is very hard when the developer doesn’t complete the post launch checklists or tidy up after themselves and leaves debuggers on and all the development only plugins that are supposed to be deactivated and deleted, and randomly adds new plugins for their own reasons. So your mileage may vary from mine. Although it shouldn’t. It’s the point of the framework.
