Everyday Rails

Turnkey administration interface for your Rails apps

By Aaron Sumner, December 17, 2010.

One benefit Python web framework Django has had over Rails is the admin interface, an easy-to-use, web-based interface for website administrators to access and manipulate data. Similar interfaces are not complicated to build in Rails, particularly if you’re using scaffolds, but the process to date hasn’t been as relatively turnkey as is setting up a Django admin interface. A recently released engine called RailsAdmin adds similar functionality to Rails 3 applications in a matter of minutes.

Three things you should be aware of before you get started:

  1. RailsAdmin only works with Rails 3 applications—3.0.3 or newer, to be precise.
  2. It recommends that you use Devise for authentication in your application, in order to provide a layer of protection to your data (users must be logged in to access the admin interface). I recommend this, too.
  3. You’ll probably also want to do some additional locking down if your app has multiple roles or user levels (that is, you’ll probably want to restrict access to the admin panel to your site’s admins).

With those conditions addressed, RailsAdmin is really easy to install. The documentation is well-done and will walk you through the initial steps of adding the engine to your application. Once you’ve followed the initial setup steps, fire up your application’s server and load up /admin to poke around.

Authorization

As I mentioned, if your application has multiple users of varying roles, you’ll probably want to apply an authorization layer to RailsAdmin. The documentation outlines how to do this using Declarative Authorization, but ultimately how you configure authorization will be up to you and how your app is set up. In my application I used to try out RailsAdmin, using CanCan and a very basic roles system (just an is_admin boolean in my User model), I set up the initializer like this:

  # config/initializers/rails_admin.rb

  require "rails_admin/application_controller"

  module RailsAdmin
    class ApplicationController < ::ApplicationController
      before_filter :can_admin?

      private

      def can_admin?
        raise CanCan::AccessDenied unless current_user.is_admin?
      end
    end
  end

Limitations

RailsAdmin is a work in progress, and you’ll note in the project’s issues on GitHub that several features are pending. One particular gotcha to be aware of: If you’re already using the admin namespace in your app, you’ll need to do some code juggling since RailsAdmin uses the same namespace and does not currently have a way to customize this. There are also some model relations that aren’t yet supported, such as polymorphic and has_many :through. The Devise dependency will keep some from being able to use RailsAdmin. The good news is RailsAdmin is in very active development right now, particularly with an eye toward Rails 3.1, so many of these issues will hopefully get addressed in a timely fashion.

All in all, RailsAdmin has great potential to save you time when developing Rails software, and even more time when managing the data your software contains.

What do you think? Follow along on on Twitter or Facebook to let me know what you think and catch my latest posts. Better yet, subscribe to my newsletter for updates from Everyday Rails, book picks, and other thoughts and ideas that didn't quite fit here.

Black lives matter.

I stand with the Black community against systemic racism, police violence and brutality, intolerance, and hate in the United States and worldwide. We must all demand better from our leaders, and ourselves. Stop tolerating intolerance.

While you're here, please consider making a donation to Black Girls CODE, who do great, important work to provide opportunity to underprivileged girls interested in tech, or any organization working toward equity and safety for all, not just the privileged. Thank you.

Test with confidence!

If you liked my series on practical advice for adding reliable tests to your Rails apps, check out the expanded ebook version. Lots of additional, exclusive content and a complete sample Rails application.

Newsletter

Ruby on Rails news and tips, and other ideas and surprises from Aaron at Everyday Rails. Delivered to your inbox on no particular set schedule.