10% OFF
Website Exclusive Promotion 10% discount for new customers. Offer expires 30th June 2026.
Use code: JIFFYWEB10
Buy Pro
Try Free

Plugin Documentation

Documentation
← Back

Recovery Mode & Safeguards

2 March 2026 jiffytrade Role Based Access Control (RBAC)

Role Based Access Control (RBAC) gives you powerful control over permissions.

But powerful control must include protection against accidental lockout.

JiffyTrade includes built-in safeguards to prevent the plugin from becoming inaccessible due to misconfiguration.

🛡 Why Recovery Safeguards Exist

If permissions were configured incorrectly, it could:

  • Remove access to the RBAC tab
  • Remove access to Plugin Config
  • Block backup restore
  • Prevent unlocking documents
  • Restrict financial controls

Without protection, a site could effectively lose control of its own business system.

JiffyTrade prevents this.

👑 Plugin Super Administrator Safeguard

Plugin Super Administrators:

  • Bypass minimum-role RBAC restrictions
  • Retain access to permissions
  • Retain access to plugin settings
  • Retain access to backups
  • Retain access to critical financial controls

This ensures there is always a recovery authority.

Even if roles are misconfigured, Super Administrators remain protected.

🔐 Minimum Role Enforcement

RBAC settings define the minimum role required for each capability.

If set too high:

  • Lower roles will lose access.
  • UI elements will be hidden.
  • Server-side checks will block actions.

However:

  • Super Administrators are not restricted by these minimums.

This prevents total administrative deadlock.

⚠ Soft Warning System

When configuring RBAC, the system may display warnings if:

  • A manage capability is lower than its corresponding view capability
  • A deletion capability is lower than its restore capability
  • A financial permission is set below its logical parent permission

These are warnings, not automatic overrides.

They help prevent illogical or unsafe configurations.

🔎 UI vs Server Enforcement

Even if a button becomes hidden due to permissions:

  • All actions are still validated server-side.
  • Direct URL access cannot bypass restrictions.
  • AJAX actions are permission-checked.

Recovery does not rely on UI visibility alone.

🧩 Preventing Total Lockout

To avoid lockout:

  • Keep at least one trusted Plugin Super Administrator
  • Avoid assigning Super Admin status to temporary users
  • Review RBAC changes carefully before saving

If in doubt:

  • Log in as a Super Administrator
  • Review RBAC settings
  • Adjust minimum roles as needed

🎯 What Recovery Mode Protects

✔ Access to Permissions
✔ Access to Plugin Config
✔ Access to Backups
✔ Access to Financial Controls
✔ Ability to unlock documents
✔ Ability to correct misconfiguration

RBAC is powerful — but it is also safe.

🧠 Key Principle

JiffyTrade is designed so that:

You can restrict access tightly
without risking permanent loss of control.

System-level safeguards ensure business continuity.