Padrino Admin

Padrino comes shipped with a slick and beautiful Admin Interface, with the following features:

FeatureDescription
Orm AgnosticAdapters for datamapper, sequel, activerecord, mongomapper, mongoid, couchrest
AuthenticationUser Authentication Support, User Authorization Management
Template AgnosticErb and Haml Rendering Support
ScaffoldYou can create a new “admin interface” by providing a single Model
MultiLanguageEnglish, German, Russian, Danish, French, Brazilian and Italian localizations

Admin Usage

Create a new project:

$ padrino g project admin-test-sample -d datamapper
$ cd admin-test-sample && bundle

Create the admin application:

$ padrino g admin -e erb

Follow the instructions in your terminal and provide a valid email and password for your newly created admin account:

  • edit your config/database.rb
  • create the database: $ bundle exec rake db:create
  • migrate your database: $ bundle exec rake db:migrate
  • seed your database with some data: $ bundle exec rake db:seed

Your admin section is now “setup”: you can start padrino padrino s and point your web browser to http://localhost:3000/admin and log in with your admin account credentials.

If you need to create a “scaffold”, (basic CRUD actions) create a model, migrate your database, generate your scaffolding folder structure and views and add those to your admin section by running the following commands:

$ padrino g model post title:string body:text
$ padrino rake db:migrate
$ padrino g admin_page post
$ padrino s

That’s it! Browse to http://localhost:3000/admin and access your model by clicking on the newly created tab on your admin navbar: there you can create, edit, destroy and display your objects.

You can find the sample app on github.


Admin Authentication

Padrino Admin uses a single model Account for managing roles, memberships and permissions (User Authentication and Authorization).


Scenario E-commerce (User Authentication)

To use a practical example, let’s examine a common e-commerce application scenario, where we need to limit access to some of our controllers actions; we can easily accomplish this by editing app.rb accordingly:

class MyEcommerce < Padrino::Application
  register Padrino::Admin::AccessControl

  enable :authentication
  enable :store_location
  set    :login_page, "/login"

  access_control.roles_for :any do |role|
    role.protect "/customer/orders"
    role.protect "/cart/checkout"
  end
end

In the above example we protect paths starting with /customer/orders and /cart/checkout. The result will be that an unauthenticated user will not be able to access those actions, and they will be asked to authenticate; first by visiting our :login_page defined as /login and by providing their login credentials (default authentication behaviour will use email and password).

When successfully logged in, they will be granted access to the two protected pages.


Admin Scenario (User Authorization)

Another common scenario is needing multiple roles with various level of access, instead of providing all management functionality to all logged in users.

Consider a site where you want to allow unauthenticated users to login, an editor to manage posts and categories, and an admin role to manage settings.

The Padrino admin generator will by default create an Account model with a role attribute which you can combine with the project_module method to easily manage which functionality is available to your users.

class Admin < Padrino::Application
  register Padrino::Admin::AccessControl

  enable :authentication
  disable :store_location
  set :login_page, "/admin/sessions/new"

  access_control.roles_for :any do |role|
    role.protect "/"
    role.allow "/sessions"
  end

  access_control.roles_for :admin do |role|
    role.project_module :settings, "/settings"
  end

  access_control.roles_for :editor do |role|
    role.project_module :posts, "/posts"
    role.project_module :categories, "/categories"
  end
end

In the above example, we protect the entire admin section (all paths starting with “/”) with the only exception for all those paths starting with /sessions giving our unauthenticated users the possibility to log in by redirecting them to our login page and asking them to provide their email and password.

If we are logged in as an admin (account.role == 'admin') we will only have access to the /settings path.

If we are logged in as an editor (account.role == 'editor') we will only have access to the /posts and /categories paths.


Sharing Sessions Between Mounted Applications

Sessions can be shared between mounted applications by setting a :session_id with the line set :session_id, "your_session_id" in each apps app.rb.

Contributing Persistence Adapters

If you are planning to use padrino with other adapters rather than the currently supported ones, and you want to contribute to the project by extending its support with additional adapters like ohmruby-driver and so on, be sure to check out the adding components guide.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *