Does it include controller integration?

Absolutely. It provides code snippets and logic for ApplicationController integration, including automated verification and rescue handlers for unauthorized access.

Can I use this for role-based access control (RBAC)?

Yes, it provides standardized patterns for checking user roles like 'admin' or 'manager' within policy methods to restrict specific actions.

Is it compatible with standard Rails Pundit conventions?

Yes, it follows standard Pundit object-oriented conventions while adding specific AFAL patterns for consistent organization-level scoping.

How does this skill handle multi-tenancy?

It utilizes the OwnedByOrganization concern and Pundit's Scope class to automatically filter records based on the user's current organization context.

Pundit Authorization for Rails

Name: Pundit Authorization for Rails
Author: Grupo-AFAL

byGrupo-AFAL

•

安全与测试

Implements secure, object-oriented authorization and multi-tenant resource scoping using Pundit in Ruby on Rails applications.

This skill automates the implementation of Pundit-based authorization patterns specifically designed for multi-tenant Rails environments. It helps developers create robust policy classes, enforce role-based access control (RBAC), and strictly scope data by organization to prevent cross-tenant data leakage. By integrating standardized patterns like the OwnedByOrganization concern, it ensures that every controller action and database query is properly authorized and scoped, significantly reducing security vulnerabilities in enterprise applications.

主要功能

01Controller-level authorization enforcement and error handling

02Multi-tenant organization scoping via OwnedByOrganization concern

031 GitHub stars

04Automatic Pundit policy generation for Rails models

05Role-based access control (RBAC) implementation patterns

06View-level conditional rendering based on user permissions

使用场景

01Restricting administrative actions to specific user roles

02Implementing multi-tenant data isolation in a SaaS application

03Adding granular authorization to a new Rails resource

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add grupo-afal/claude-plugins pundit-authorization

For use in Claude.ai and ChatGPT

主要功能

01Controller-level authorization enforcement and error handling

02Multi-tenant organization scoping via OwnedByOrganization concern

031 GitHub stars

04Automatic Pundit policy generation for Rails models

05Role-based access control (RBAC) implementation patterns

06View-level conditional rendering based on user permissions

使用场景

01Restricting administrative actions to specific user roles

02Implementing multi-tenant data isolation in a SaaS application

03Adding granular authorization to a new Rails resource

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add grupo-afal/claude-plugins pundit-authorization

For use in Claude.ai and ChatGPT