controller.rb

class TodosController < ApplicationController
  class TodoResponse < SimpleDelegator
    include CommonResponses # handles failure, not_found, permission_denied etc...
    def success(todo)
      render json: todo, serializer: TodoSerializer
    end
  end

  def create
    uc = CreateTodo.new(params[:todo], current_user_session)
    uc.subscribe TodoResponse.new(self)
    uc.subscribe PusherActions.new(current_user_session)
    uc.subscribe ... # you get the idea
    uc.call
  end
end

model.rb

class Todo
  include Virtus
  attribute :title, String
  attribute :done, Boolean, default: false
end

repository.rb

class Todos
  include MongoRepository # uses Plucky for query building etc...
  include ScopedByAccount
end

module ScopedByAccount
  def initialize(account)
    @account = account
    super
  end
  
  private

  def query(options={})
    super.amend(account_id: @account.id)
  end

  def to_mongo(obj)
    super.merge(account_id: @account.id)
  end  
end

use-case.rb

class CreateTodo 
  include PubSub
  include ModelPresenter
  
  attribute :title, :for => :todo
  
  validates_presence_of :title
  
  # user_session is an object containing the current user, current account etc...
  def initialize(attrs, user_session)
    @user_session = user_session
    @todo = Todo.new
    self.attributes = attrs
  end
  
  def call
    if !permission.can_create?
      publish :denied
    elsif valid?
      repo.store(@todo)
      publish :success, @todo
    else
      publish :failure, errors
    end
  end
  
  private
  
  def permission
    TodoPermissions.new(@user_session)
  end
  
  def repo
    Todos.new(@user_session.account)
  end
end