RailsAdminNext
The modern RailsAdmin — point it at your ActiveRecord models for instant CRUD, search, filtering, export, and history.
Rails ~> 8.1 · ActiveRecord · importmap + Propshaft · Turbo + Stimulus · zero build step
Why RailsAdminNext? ◆ Quick Start ◆ Installation ◆ Architecture ◆ Security ◆ Upgrading
RailsAdminNext is a Rails engine that auto-generates an easy-to-use interface for managing your data — a modernized hard fork of RailsAdmin, restarted at 1.0.0 and trimmed to a single, modern, zero-build stack. There is no Mongoid, no Webpack/Webpacker/Vite/Sprockets, no jQuery, and no build step.
Already running RailsAdmin? See docs/UPGRADING.md.
Why RailsAdminNext?
RailsAdmin gives you a full admin UI for free — but the original carries a decade of multi-ORM, multi-bundler, jQuery-era machinery. RailsAdminNext keeps the admin and drops the rest:
- ⚡ Zero build step — browser-native ESM over importmap + Propshaft; no Webpack/Vite/Sprockets, no
yarn build, no generated pins. - 🧩 Turbo + Stimulus — the jQuery / jQuery-UI / Bootstrap-JS /
@rails/ujsstack is gone, replaced by engine-shipped Stimulus controllers; styling is hand-maintained vanilla CSS. - 🔒 Hardened & CDN-free — a documented CSRF / clickjacking / mass-assignment / CSP posture (SECURITY.md) and zero external CDN, default or opt-in — every asset is self-hosted off a gem.
- 🎯 One modern target — Ruby ≥ 4.0.5, Rails ~> 8.1, ActiveRecord only, latest Chrome + Safari. No Mongoid, no multi-bundler / multi-Rails matrix, no legacy-browser CSS.
- ↩️ Familiar —
RailsAdminNext.config, per-modelrails_admin_next do … endblocks, and CanCanCan / Pundit authorization all work as before; upgrading from RailsAdmin is a mechanical rename.
Quick Start
# Gemfile
gem "rails_admin_next", git: "https://github.com/6temes/rails_admin_next"
bundle install
bin/rails g rails_admin_next:install # mounts the engine + writes the initializer
bin/rails s # then open http://localhost:3000/admin
That's the whole setup — no yarn add, no asset build, no generated pins. The engine ships its own importmap and CSS.
Prerequisites: Ruby ≥ 4.0.5 · Rails ~> 8.1 · ActiveRecord · a Propshaft + importmap-rails host (both are pulled in as dependencies). See Installation for the full walkthrough.
Requirements
- Ruby >= 4.0.5
- Rails ~> 8.1
- ActiveRecord (Mongoid is not supported)
- Propshaft and importmap-rails (both are pulled in as dependencies; RailsAdminNext serves its frontend over them, with no bundler or build step)
- Latest stable Chrome or Safari for the admin's users (see Browser support)
Installation
-
Add the gem to your
Gemfile. RailsAdminNext is distributed from the fork, so point at the repository withgit::gem "rails_admin_next", git: "https://github.com/6temes/rails_admin_next" -
Run
bundle install. -
Run
rails g rails_admin_next:install. -
Provide a namespace for the routes when asked (defaults to
admin). -
Start a server with
rails sand administer your data at /admin (or the namespace you chose).
The install generator mounts the engine, writes
config/initializers/rails_admin_next.rb, and does nothing else — the engine ships its
own importmap and CSS, so there is no yarn add, no asset build, and no generated pins.
Features
- CRUD any data with ease
- Custom actions
- Automatic form validation
- Search and filtering
- Export data to CSV / JSON / XML
- File uploads (ActiveStorage)
- Rich text fields (ActionText / Trix)
- Authentication (via Devise or any other scheme)
- Authorization (via CanCanCan or Pundit)
- User action history (via PaperTrail)
Configuration
Global
Configure the engine in config/initializers/rails_admin_next.rb:
RailsAdminNext.config do |config|
config.actions do
dashboard
index
new
export
bulk_delete
show
edit
delete
show_in_app
end
end
This is also where you wire up Devise, CanCanCan/Pundit, and PaperTrail.
Per model
Configure a model inline with the rails_admin_next do … end class macro:
class Ball < ApplicationRecord
validates :name, presence: true
belongs_to :player
rails_admin_next do
configure :player do
label "Owner of this ball: "
end
end
end
The configuration DSL is unchanged from upstream RailsAdmin, so the upstream wiki is still an accurate reference for model, group, and field options.
Authorization keys are stable
The authorization contract is held stable, so existing CanCanCan
abilities and Pundit policies keep working without edits: the access subject is
:rails_admin and every action's
authorization key (:dashboard, :index, :show, :new, :edit, :export,
:destroy, :history, :show_in_app) is unchanged.
# Still grants access to the admin:
can :access, :rails_admin
The admin.* I18n namespace is likewise unchanged.
Frontend and assets
RailsAdminNext ships a single, zero-build asset path:
- The pipeline is importmap + Propshaft only.
- The frontend is Turbo + Stimulus — the engine ships its own Stimulus application
and controllers under
src/rails_admin/, registered through an explicit manifest (src/rails_admin/controllers/index.js). - Styles are hand-maintained vanilla CSS (no Bootstrap SCSS, no build), delivered in cascade layers with a design-token theming API — see Styling and theming. Icons are inline SVG, and date/time fields use native HTML5 inputs — no icon font, no date-picker library.
Compared to RailsAdmin, the following were intentionally removed:
- Mongoid — ActiveRecord only.
- Webpack, Webpacker, Vite, and Sprockets — importmap + Propshaft only.
- jQuery, jQuery-UI, Bootstrap's JS, and
@rails/ujs— replaced by Stimulus controllers. - Standalone WYSIWYG/code editors (
bootstrap-wysihtml5,froala, CKEditor, CodeMirror, SimpleMDE) — they loaded from a CDN; use ActionText/Trix rich text (self-hosted) or a plain:texttextarea instead. - Drag-to-reorder for multiple uploads (it relied on jQuery-UI sortable).
- flatpickr — date/time fields use native HTML5 inputs (
type="date"/datetime-local/time); the configurable picker display format and localization are now the browser's.
Browser support
RailsAdminNext is built as an internal tool for teams that control their admin users'
browsers: it targets the latest stable Chrome and Safari only, and it drops
legacy-browser support deliberately — it does not court general RailsAdmin migrators. The
engine's CSS and JS freely assume :has(), <dialog>, popovers, CSS nesting, oklch(),
color-mix(), light-dark(), and CSS anchor positioning. If your admin users are on
Firefox or anything older, stay on upstream RailsAdmin.
Styling and theming
All engine CSS ships inside three cascade layers — ra.tokens, ra.framework, ra.skin —
so any unlayered host rule beats the engine's CSS without specificity games:
/* a plain rule in your own stylesheet just wins */
.badge {
border-radius: 7px;
}
Re-branding is one token — every derived color (button hover/active states, focus rings, links, alert tints) follows automatically:
:root {
--ra-primary: #663399;
}
See docs/UPGRADING.md for the full list of supported override tokens
and the --bs-* → --ra-* mapping.
Dark mode
The admin follows the OS color-scheme preference automatically (every color token is a
light-dark() pair). The color_scheme config knob pins it:
RailsAdminNext.config do |config|
config.color_scheme = :light # :auto (default) follows the OS; :light/:dark pin it
end
Note for operators: after upgrading, the admin renders dark for anyone whose OS prefers
dark. Pin config.color_scheme = :light to keep the old always-light rendering; if
something looks wrong in dark mode, please
open an issue.
Architecture
RailsAdminNext is built on a handful of registries and one ORM facade: a single controller with no action methods, where each admin operation is an object.
Host app models (ActiveRecord)
│
RailsAdminNext.config(Model) { … } ← lazy, proxy-bound DSL
│ (deferred; evaluated on first access)
▼
┌──────────────────────────────────────────────────────────────┐
│ Action registry — Config::Actions::Base subclasses │
│ dashboard · index · show · new · edit · delete · export · │
│ bulk_delete · history_* · show_in_app │
│ each carries: route scope · http_methods · template · │
│ authorization_key · a :controller proc (the request handler) │
└──────────────────────────┬───────────────────────────────────┘
│ routes drawn dynamically at boot
▼
RailsAdminNext::MainController (ONE controller, no actions)
method_missing → authorize → load @object → eval the proc
│
▼
RailsAdminNext::AbstractModel → Adapters::ActiveRecord
get · first · all · count · scoped · destroy · new
(StatementBuilder generates the filter/search SQL, per adapter)
│
▼
Views + Turbo/Stimulus (src/rails_admin/*) over importmap + Propshaft
Key design decisions:
- One controller, many action objects — to change how e.g. edit behaves, edit
lib/rails_admin_next/config/actions/edit.rb, not the controller. - ORM facade — nothing outside
AbstractModelreferences ActiveRecord directly; the adapter seam is intact even though Mongoid was removed. - Lazy, layered config —
config/initializersblocks run before in-modelrails_admin_next do … endblocks, so per-model config overrides the initializer defaults. - A deliberately frozen
rails_adminsurface — the Ruby layer isRailsAdminNext, but the:access, :rails_adminauthorization subject, theadmin.*I18n namespace, and thesrc/rails_admin/asset tree stayrails_adminon purpose, so host abilities, translations, and assets keep working across the rename.
Upgrading from RailsAdmin
See docs/UPGRADING.md for the one-time changes a host app needs:
the Gemfile gem name, the importmap/Propshaft prerequisites, and a mechanical rename of the
RailsAdmin constant, initializer, mount, model macro, and route helpers to RailsAdminNext
(rails_admin_next). The :access, :rails_admin authorization subject and the admin.*
I18n namespace are deliberately left unchanged, so CanCanCan/Pundit rules and translations
keep working without edits.
Security
For supported versions, private vulnerability reporting, the automated scanning gates, and the manual importmap-pin audit cadence, see SECURITY.md. The admin's request-forgery, clickjacking, export, mass-assignment, and Content-Security-Policy posture is documented in docs/security.md.
Contributing
Bug reports and pull requests are welcome. See CONTRIBUTING.md for the development setup and how to run the test suite. If you think you found a bug, please open an issue.
Credits
This project is a hard fork of the original RailsAdmin, created by Erik Michaels-Ober, Bogdan Gaza, Petteri Kääpä, Benoit Bénézech, Mitsuhiro Shibuya, and the many contributors who built and maintained it for over a decade. It stands entirely on their work. This fork is independent and is not affiliated with or endorsed by the RailsAdmin maintainers.
License
RailsAdminNext is released under the MIT License.