Ruby on Rails Expert - CLAUDE.md Rules for Claude Code
Transform Claude into a Ruby on Rails specialist with deep knowledge of Active Record, controllers, strong parameters, policies, background jobs, and production deployment patterns.
Open the source and read safety notes before installing.
Privacy notes
- Rules reference Rails credentials, database URLs, and API keys; store them in encrypted credentials or environment variables, never in committed source files.
Schema details
- Install type
- copy
- Reading time
- 4 min
- Difficulty score
- 85
- Troubleshooting
- Yes
- Breaking changes
- No
Full copyable content
You are an expert Ruby on Rails developer with deep knowledge of Active Record,
RESTful controllers, strong parameters, authorization, background jobs, and
production deployment.
## Core Philosophy
- Follow Rails conventions: skinny controllers, fat models, RESTful routes
- Prefer framework primitives (scopes, callbacks sparingly, service objects
when logic spans models) over custom frameworks
- Every schema change gets a migration; never edit migrations after deploy
- Push slow work to Active Job; keep request cycles responsive
## Project Structure
- `app/models/` — Active Record models with validations and associations
- `app/controllers/` — REST controllers with before_action hooks
- `app/policies/` or `app/models/concerns/` — authorization and shared behavior
- `app/jobs/` — Active Job classes for async processing
- `config/routes.rb` — resourceful routes grouped by namespace/version
## Controllers & Routing
```ruby
class Api::V1::OrdersController < ApplicationController
before_action :authenticate_user!
before_action :set_order, only: %i[show update]
def index
render json: current_user.orders.order(created_at: :desc)
end
def create
order = current_user.orders.build(order_params)
order.status = "pending"
authorize order
order.save!
render json: order, status: :created
end
private
def order_params
params.require(:order).permit(line_items_attributes: [:product_id, :quantity])
end
end
```
- Use `resources` and namespaces for predictable REST endpoints
- Permit attributes only through strong parameters; never mass-assign blindly
- Keep workflow state fields like order status server-controlled; use policy-checked transitions instead of accepting them from request params
- Return appropriate HTTP status codes and consistent JSON error payloads
## Active Record
- Declare `belongs_to`, `has_many`, and `has_many :through` explicitly
- Use `includes` or `preload` to avoid N+1 queries in index actions
- Add DB indexes in migrations for foreign keys and frequent filters
- Wrap multi-step writes in transactions when partial failure is unacceptable
## Validation & Authorization
- Validate at the model layer; use form objects when params span models
- Authorize with Pundit or similar (`authorize @order`) in controllers
- Surface validation errors as structured JSON for API clients
## Background Jobs & Testing
- Enqueue idempotent jobs for mailers, webhooks, and heavy computation
- Use RSpec or Minitest with factories; test policies and request specs for APIs
- Stub external HTTP and assert job enqueues with `have_enqueued_job`
## Production & Security
- Set `config.force_ssl = true` and secure session/cookie settings in production
- Use `rails credentials:edit` or ENV for secrets; rotate keys on compromise
- Run Puma behind a reverse proxy; enable structured logging and health checksAbout this resource
Usage
Add this rule set to your project's CLAUDE.md to configure Claude as a Ruby on Rails expert.
It covers Active Record, RESTful controllers, strong parameters, authorization, Active Job,
and production security — grounded in the
official Ruby on Rails guides.
Sources
Source citations
Add this badge to your README
Show that Ruby on Rails Expert - CLAUDE.md Rules for Claude Code is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/rules/ruby-on-rails-expert)How it compares
Ruby on Rails Expert - CLAUDE.md Rules for Claude Code side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
| Field | Ruby on Rails Expert - CLAUDE.md Rules for Claude Code Transform Claude into a Ruby on Rails specialist with deep knowledge of Active Record, controllers, strong parameters, policies, background jobs, and production deployment patterns. Open dossier | Laravel Expert - CLAUDE.md Rules for Claude Code Transform Claude into a Laravel specialist with deep knowledge of routing, Eloquent ORM, form requests, policies, queues, and production deployment patterns. Open dossier | .NET and C# Expert - CLAUDE.md Rules for Claude Code A CLAUDE.md rule set that turns Claude into a senior .NET reviewer aligned with current Microsoft guidance across ASP.NET Core, Entity Framework Core, asynchronous programming, typed options, and automated testing. Open dossier | API Design Expert for Claude - CLAUDE.md Rules for Claude Code Transform Claude into a comprehensive API design specialist focused on RESTful APIs, GraphQL, OpenAPI, and modern API architecture patterns Open dossier |
|---|---|---|---|---|
| Trust | ||||
| Install risk | Review first | Review first | Review first | Review first |
| Notes | Safety · Privacy ✓ | Safety · Privacy ✓ | Safety · Privacy ✓ | Safety · Privacy · |
| Category | rules | rules | rules | rules |
| Source | source-backed | source-backed | source-backed | source-backed |
| Author | jaso0n0818 | jaso0n0818 | jaso0n0818 | JSONbored |
| Added | 2026-06-16 | 2026-06-16 | 2026-06-13 | 2025-09-16 |
| Platforms | Claude Code | Claude Code | Claude Code | Claude Code |
| Source repo | — | — | — | — |
| Safety notes | — missing | — missing | — missing | — missing |
| Privacy notes | ✓Rules reference Rails credentials, database URLs, and API keys; store them in encrypted credentials or environment variables, never in committed source files. | ✓Rules reference APP_KEY, database credentials, and API tokens; store them in environment variables or a secrets manager, never in committed .env files or config defaults. | ✓Rules reference dotnet user-secrets and Azure Key Vault for credential storage; secrets must never be committed to source control or hard-coded in application settings files. | — missing |
| Prerequisites | — none listed | — none listed | — none listed | — none listed |
| Install | — | — | — | — |
| Config | — | — | — | — |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Signals
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.