Turnkey administration interface for your Rails apps

December 17, 2010

One benefit Python web framework Django has had over Rails is the admin interface, an easy-to-use, web-based interface for website administrators to access and manipulate data. Similar interfaces are not complicated to build in Rails, particularly if you’re using scaffolds, but the process to date hasn’t been as relatively turnkey as is setting up a Django admin interface. A recently released engine called RailsAdmin adds similar functionality to Rails 3 applications in a matter of minutes.

Three things you should be aware of before you get started:

  1. RailsAdmin only works with Rails 3 applications—3.0.3 or newer, to be precise.
  2. It recommends that you use Devise for authentication in your application, in order to provide a layer of protection to your data (users must be logged in to access the admin interface). I recommend this, too.
  3. You’ll probably also want to do some additional locking down if your app has multiple roles or user levels (that is, you’ll probably want to restrict access to the admin panel to your site’s admins).

With those conditions addressed, RailsAdmin is really easy to install. The documentation is well-done and will walk you through the initial steps of adding the engine to your application. Once you’ve followed the initial setup steps, fire up your application’s server and load up /admin to poke around.

Authorization

As I mentioned, if your application has multiple users of varying roles, you’ll probably want to apply an authorization layer to RailsAdmin. The documentation outlines how to do this using Declarative Authorization, but ultimately how you configure authorization will be up to you and how your app is set up. In my application I used to try out RailsAdmin, using CanCan and a very basic roles system (just an is_admin boolean in my User model), I set up the initializer like this:

  # config/initializers/rails_admin.rb

  require "rails_admin/application_controller"

  module RailsAdmin
    class ApplicationController < ::ApplicationController
      before_filter :can_admin?

      private

      def can_admin?
        raise CanCan::AccessDenied unless current_user.is_admin?
      end
    end
  end

Limitations

RailsAdmin is a work in progress, and you’ll note in the project’s issues on GitHub that several features are pending. One particular gotcha to be aware of: If you’re already using the admin namespace in your app, you’ll need to do some code juggling since RailsAdmin uses the same namespace and does not currently have a way to customize this. There are also some model relations that aren’t yet supported, such as polymorphic and has_many :through. The Devise dependency will keep some from being able to use RailsAdmin. The good news is RailsAdmin is in very active development right now, particularly with an eye toward Rails 3.1, so many of these issues will hopefully get addressed in a timely fashion.

All in all, RailsAdmin has great potential to save you time when developing Rails software, and even more time when managing the data your software contains.

Rails testing made simple

Learn to test Rails apps the way I learned, building up tests step-by-step, in Everyday Rails Testing with RSpec. Expanded to include exclusive content and a complete sample Rails application. Learn more »

Also available on Amazon.com.

blog comments powered by Disqus