npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin gamma-packWant just this skill?
Then install: npx claudepluginhub u/[userId]/[slug]
Implement enterprise role-based access control for Gamma integrations. Use when configuring team permissions, multi-tenant access, or enterprise authorization patterns. Trigger with phrases like "gamma RBAC", "gamma permissions", "gamma access control", "gamma enterprise", "gamma roles".
This skill is limited to using the following tools:
references/implementation.mdGamma Enterprise RBAC
Contents
Overview
Implement enterprise-grade role-based access control for Gamma integrations with hierarchical roles, multi-tenant isolation, and audit logging.
Prerequisites
- Enterprise Gamma subscription
- Identity provider (IdP) integration
- Database for permission storage
- Understanding of RBAC concepts
Instructions
Step 1: Define Role Hierarchy
Create a role hierarchy (Viewer < Editor < Team Lead < Workspace Admin < Org Admin) with permission inheritance.
Step 2: Implement Permission Resolution
Build a service that resolves inherited permissions by walking the role hierarchy and caching the computed permission sets.
Step 3: Create Authorization Middleware
Wrap API routes with middleware that checks required permissions against the user's resolved role.
Step 4: Add Resource-Level Authorization
Implement resource-specific policies (e.g., owner can edit own, team lead can edit team presentations).
Step 5: Configure Multi-Tenant Isolation
Add tenant middleware that verifies workspace membership before allowing any workspace-scoped operations.
Step 6: Enable Audit Logging
Log all authorization decisions (granted and denied) with metrics for denied access alerts.
See detailed implementation for advanced patterns.
Output
- Role hierarchy with inherited permissions
- Authorization middleware for API routes
- Resource-level access policies
- Multi-tenant workspace isolation
- Authorization audit trail
Error Handling
| Issue | Cause | Solution |
|---|---|---|
| Permission denied | Insufficient role | Verify role assignment in database |
| Orphaned memberships | User deleted | Clean up with cascading deletes |
| Privilege escalation | Missing inheritance check | Validate role hierarchy on assignment |
Examples
Permission Matrix
| Permission | Viewer | Editor | Team Lead | Workspace Admin | Org Admin |
|---|---|---|---|---|---|
| View presentations | Yes | Yes | Yes | Yes | Yes |
| Create presentations | No | Yes | Yes | Yes | Yes |
| Edit team presentations | No | No | Yes | Yes | Yes |
| Manage workspace | No | No | No | Yes | Yes |
| Manage billing | No | No | No | No | Yes |
Resources
Similar Skills
Expert guidance for Next.js Cache Components and Partial Prerendering (PPR). **PROACTIVE ACTIVATION**: Use this skill automatically when working in Next.js projects that have `cacheComponents: true` in their next.config.ts/next.config.js. When this config is detected, proactively apply Cache Components patterns and best practices to all React Server Component implementations. **DETECTION**: At the start of a session in a Next.js project, check for `cacheComponents: true` in next.config. If enabled, this skill's patterns should guide all component authoring, data fetching, and caching decisions. **USE CASES**: Implementing 'use cache' directive, configuring cache lifetimes with cacheLife(), tagging cached data with cacheTag(), invalidating caches with updateTag()/revalidateTag(), optimizing static vs dynamic content boundaries, debugging cache issues, and reviewing Cache Component implementations.
Applies Anthropic's official brand colors and typography to any sort of artifact that may benefit from having Anthropic's look-and-feel. Use it when brand colors or style guidelines, visual formatting, or company design standards apply.
Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration. Use this when users request creating art using code, generative art, algorithmic art, flow fields, or particle systems. Create original algorithmic art rather than copying existing artists' work to avoid copyright violations.