Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Fetching latest commit…


Cannot retrieve the latest commit at this time

Octocat-spinner-32 lib
Octocat-spinner-32 test
Octocat-spinner-32 .document
Octocat-spinner-32 .gitignore
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README.rdoc
Octocat-spinner-32 Rakefile
Octocat-spinner-32 VERSION
Octocat-spinner-32 padrino-admin.gemspec

Admin Dashboard and Authentication (padrino-admin)


Padrino has a beautiful Admin, with these fatures:

Orm Agnostic

Adapters for datamapper, activerecord, mongomapper


Support for Account authentication, Account Permission managment


You can simply create a new “admin interface” simply providing a Model

Admin Usage

Create a project:

$ padrino-gen project fun-test
$ cd fun-test

For create the admin application:

fun-test$ padrino-gen admin

Now follow admin instructions so:

  • edit your config/database.rb

  • run padrino rake dm:migrate # or ar:migrate if you use activerecord

  • run padrino rake seed

Your admin now is “complete”, you can start your server with padrino start and point your browser to /admin!

For create a new “scaffold” you need to provide only a Model for them like:

fun-test$ padrino-gen model post --skip-migration # edit your post.rb model and add some fields
fun-test$ padrino-gen rake dm:auto:migrate
fun-test$ padrino-gen admin_page post
fun-test$ padrino start # and go to http://localhost:3000/admin

That's all!!

Admin Authentication

Padrino Admin use a model Account for manage role, membership and permissions.

Scenario Ecommerce

For an ecommerce we usually deny some controllers/actions like

class MyEcommerce < Padrino::Application
  enable :authentication
  enable :store_location
  set    :login_page, "/login"

  access_control.roles_for :any do |role|
    role.protect "/customer/orders"
    role.protect "/cart/checkout"

In this example if we visit urls that start with /customer/orders or /cart/checkout we will be redirected to our :login_page “/login”. Once we are correctly logged in we can visit these pages.

Scenario Admin

Suppose that you need to some actions for admin accounts and others for editors

When you generate padrino-admin will be created for you an Account model that have a role attribute. So:

class Admin < Padrino::Application
  enable :authentication
  disable :store_location
  set :login_page, "/admin/sessions/new"

  access_control.roles_for :any do |role|
    role.protect "/"
    role.allow "/sessions"

  access_control.roles_for :admin do |role|
    role.project_module :settings, "/settings"

  access_control.roles_for :editor do |role|
    role.project_module :posts, "/posts"
    role.project_module :categories, "/categories"

In this case we protect the entire admin (all paths that start with “/”) except paths that start with /sessions so an unauthenticated user can login.

If we login as admin (account.role == 'admin') we have access only to paths that start with /settings.

If we login as editor (account.role == 'editor') we have access only to paths that start with /posts and /categories


Copyright © 2010 Padrino. See LICENSE for details.

Something went wrong with that request. Please try again.