This feature would depend on the implementation of client-specific filtering in pihole 5.0. I have laid out a brief concept below but I am no expert so, if this is possible, there is likely a better way to do it.
I would like trusted network users who do not have admin access (nor the sophistication for it) to be able to add to their device’s whitelist.
If a user has been given vpn access to my home network, then they are trusted. If the user is connected to the vpn and a site is blocked, he/she must either contact me and wait until i am available to whitelist or disconnect from the vpn. While connected to the vpn, the user could simply send an email to email@example.com with the url and their client name. The pihole would match, e.g., the mac or ip address of the sending device to the client name then add the url to the associated whitelist.
For instance, if my little brother is insta-facing he is at work while I am at work working, I would like for him to be able to unblock sites without my intervention.