Reputation:
Rails 4 custom admin backend
I'm wanting to create an admin backend for a practice app. After reading around I've come to a general idea of what to do but would like some clarification:
- Use namespace to route the backend at example.com/admin...
- Put any adminifiable resources inside namespace e.g resources :posts
- At this point do I duplicate the normal (public facing) controllers and put them into the admin directory? (Along with CRUD views)
- In theory the public facing controllers only need index and show actions, right? As new/create/update/destroy will only be accessed in the admin/controller.
Any clarification or advice is greatly appreciated. Just trying to wrap my head around this.
Upvotes: 2
Views: 791
Answers (1)
Reputation: 6571
I would recommend against duplicating your controllers, or any part of your application for that matter. That goes entirely against the DRY principle, which stands for "Don't Repeat Yourself." Duplicate code becomes really hard to maintain and test as your application grows.
Instead, I would recommend limiting access to certain actions using before filters. For example, let's say that you want users to be able to create posts, read posts and see listings of posts. In your PostsController, you can have something like this:
before_action :admin_user?, only: [:edit, :destroy]
Note: before_action is just the new name for before_filters.
So then actions like index would execute normally for all users, but if a user calls the destroy action, the controller would first check to see if the user is an admin, by calling an admin_user? method (typically defined in ApplicationController). This method could be a simple conditional, like "if the user is not an admin, flash an error message and redirect them back to where they were before the request" and then use it to protect any action or resource you want. You could also use it in the views to show delete buttons on posts only if the user is an admin, for instance.
That's for resource-specific actions. Often times it's also a good idea to have a section of the site that consolidates resource views and administrative actions. This would be its own controller/view (I call mine AdminController) and you can protect all actions in it with the above method:
before_action :admin_user?
To make your resources available to AdminController using the methods defined inside the individual resource controllers, you can do this in routes.rb:
namespace :admin do
resources :users
end
This will make it so that http://yoursite.com/admin/users/index will still call the index action in the Users controller, but it will happen within the context of an admin user (because of the before_action above).
Upvotes: 2
Related Questions
- Rails customizing the administrate gem
- Easy Admin panel with Rails
- Active Admin Customization in Ruby On Rails
- Active admin customisation ruby on rails
- Rails admin - Customization
- Simple Admin functionality in Rails 3
- Rails full-fledged admin control panel
- Admin section in rails
- Admin interface in Rails
- Rails Application Admin Section