rbac-permissions-architect

What problem does it solve?

This Skill empowers architects to design robust, RBAC-aware features that seamlessly integrate with a modular permissions system. It eliminates the complexity of defining workspaces, features, permissions, and special roles, ensuring consistent access control and multi-tenant isolation without manual oversight.

Core Features & Use Cases

• Workspace Design: Guides the creation of independent organizational and project workspaces, ensuring no feature or permission inheritance.
• Permission Matrix Definition: Helps define granular permissions (resource.action format) for new features, including standard CRUD and custom actions.
• Special Role Integration: Clarifies the unique behaviors and restrictions of Owner and Super Admin roles, ensuring they bypass normal checks while respecting system-level constraints.
• RLS-Ready Schema Planning: Facilitates the design of database schemas with workspace_id foreign keys and outlines RLS policies for secure data access.
• Use Case: When architecting a new "Kanban Board" feature, this Skill guides you to define its resources (boards, cards), permissions (e.g., boards.create, cards.move), how Owners and Super Admins interact, and the necessary database schema and RLS policies for multi-tenant isolation.

Quick Start

1. Start by defining your feature's core concepts:

Read: references/CONCEPTS.md

2. Then, outline your feature's scope and resources:

Read: references/WORKSPACES.md

3. Proceed through the 7-phase workflow to design your RBAC-aware feature.