Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
react-admin
Advanced tools
A frontend Framework for building admin applications on top of REST services, using ES6, React and Material UI
A frontend Framework for building data-driven applications running in the browser on top of REST/GraphQL APIs, using ES6, React and Material Design. Previously named admin-on-rest. Open sourced and maintained by marmelab.
Home page - Documentation - Demo - Blog - Releases - Support
React-admin is available from npm. You can install it (and its required dependencies) using:
npm install react-admin
#or
yarn add react-admin
// in app.js
import * as React from "react";
import { render } from 'react-dom';
import { Admin, Resource } from 'react-admin';
import restProvider from 'ra-data-simple-rest';
import { PostList, PostEdit, PostCreate, PostIcon } from './posts';
render(
<Admin dataProvider={restProvider('http://localhost:3000')}>
<Resource name="posts" list={PostList} edit={PostEdit} create={PostCreate} icon={PostIcon}/>
</Admin>,
document.getElementById('root')
);
The <Resource>
component is a configuration component that allows to define sub components for each of the admin view: list
, edit
, and create
. These components use Material UI and custom components from react-admin:
// in posts.js
import * as React from "react";
import { List, Datagrid, Edit, Create, SimpleForm, DateField, TextField, EditButton, TextInput, DateInput, useRecordContext } from 'react-admin';
import BookIcon from '@mui/icons-material/Book';
export const PostIcon = BookIcon;
export const PostList = () => (
<List>
<Datagrid>
<TextField source="id" />
<TextField source="title" />
<DateField source="published_at" />
<TextField source="average_note" />
<TextField source="views" />
<EditButton />
</Datagrid>
</List>
);
const PostTitle = () => {
const record = useRecordContext();
return <span>Post { record ? `"${record.title}"` : '' }</span>;
};
export const PostEdit = () => (
<Edit title={<PostTitle />}>
<SimpleForm>
<TextInput disabled source="id" />
<TextInput source="title" />
<TextInput source="teaser" options={{ multiline: true }} />
<TextInput multiline source="body" />
<DateInput label="Publication date" source="published_at" />
<TextInput source="average_note" />
<TextInput disabled label="Nb views" source="views" />
</SimpleForm>
</Edit>
);
export const PostCreate = () => (
<Create title="Create a Post">
<SimpleForm>
<TextInput source="title" />
<TextInput source="teaser" options={{ multiline: true }} />
<TextInput multiline source="body" />
<TextInput label="Publication date" source="published_at" />
<TextInput source="average_note" />
</SimpleForm>
</Create>
);
Yes.
React-admin uses an adapter approach, with a concept called Data Providers. Existing providers can be used as a blueprint to design your API, or you can write your own Data Provider to query an existing API. Writing a custom Data Provider is a matter of hours.
See the Data Providers documentation for details.
React-admin is designed as a library of loosely coupled React components built on top of Material UI, in addition to custom react hooks exposing reusable controller logic. It is very easy to replace one part of react-admin with your own, e.g. to use a custom datagrid, GraphQL instead of REST, or Bootstrap instead of Material Design.
There are several examples inside the examples
folder:
simple
(Stackblitz): a simple application with posts, comments and users that we use for our e2e tests.tutorial
(Stackblitz): the application built while following the tutorial.demo
: (Live) A fictional poster shop admin, serving as the official react-admin demo.You can run those example applications by calling:
# At the react-admin project root
make install
# or
yarn install
# Run the simple application
make run-simple
# Run the tutorial application
make build
make run-tutorial
# Run the demo application
make build
make run-demo
And then browse to the URL displayed in your console.
You can get professional support from Marmelab via React-Admin Enterprise Edition, or community support via StackOverflow.
master - commits that will be included in the next patch release
next - commits that will be included in the next major or minor release
Bugfix PRs that don't break BC should be made against master. All other PRs (new features, bugfix with BC break) should be made against next.
If you want to give a hand: Thank you! There are many things you can do to help making react-admin better.
The easiest task is bug triaging. Check that new issues on GitHub follow the issue template and give a way to reproduce the issue. If not, comment on the issue to ask precisions. Then, try and reproduce the issue following the description. If you managed to reproduce the issue, add a comment to say it. Otherwise, add a comment to say that something is missing.
The second way to contribute is to answer support questions on StackOverflow. There are many beginner questions there, so even if you're not super experienced with react-admin, there is someone you can help there.
Pull requests for bug fixes are welcome on the GitHub repository. There is always a bunch of issues labeled "Good First Issue" in the bug tracker - start with these.
If you want to add a feature, you can open a Pull request on the next
branch. We don't accept all features - we try to keep the react-admin code small and manageable. Try and see if your feature can't be built as an additional npm
package. If you're in doubt, open a "Feature Request" issue to see if the core team would accept your feature before developing it.
For all Pull requests, you must follow the coding style of the existing files (based on prettier), and include unit tests and documentation. Be prepared for a thorough code review, and be patient for the merge - this is an open-source initiative.
Tip: Most of the commands used by the react-admin developers are automated in the makefile
. Feel free to type make
without argument to see a list of the available commands.
Clone this repository and run make install
to grab the dependencies, then make build
to compile the sources from TypeScript to JS.
When developing, most of the time we use the simple example to do visual check. It's the same application that we use in Stackblitz to reproduce errors (see https://stackblitz.com/github/marmelab/react-admin/tree/master/examples/simple). The source is located under examples/simple/
. Call make run
to launch that example on port 8080 (http://localhost:8080). This command includes a watch
on the react-admin source, so any of the changes you make to the react-admin packages triggers a live update of the simple example in your browser.
However, the simple example is sometimes too limited. You can use the demo example (the source for https://marmelab.com/react-admin-demo/), which is more complete. The source is located under examples/demo/
. Call make run-demo
to launch the demo example with a REST dataProvider, or make run-graphql-demo
to run it with a GraphQL dataProvider. Unfortunately, due to the fact that we use Create React App for this demo, these commands don't watch the changes made in the packages. You'll have to rebuild the react-admin packages after a change (using make build
, or the more targeted make build-ra-core
, make build-ra-ui-materialui
, etc) to see the effect in the demo app.
Both of these examples work without server - the API is simulated on the client-side.
Using yarn link
, you can have your project use a local checkout of the react-admin package instead of npm. This allows you to test react-admin changes in your app:
# Register your local react-admin as a linkable package
$ cd /code/path/to/react-admin/packages/react-admin && yarn link
# Replace the npm-installed version with a symlink to your local version
$ cd /code/path/to/myapp/ && yarn link react-admin
# If you run into issues with React red-screen, then you need to register your app's version of React as a linkable package
$ cd /code/path/to/myapp/node_modules/react && yarn link
# And then replace the npm-installed version of React with a symlink to your app's node_modules version
$ cd /code/path/to/react-admin/ && yarn link react
# Rebuild the packages with the same version of React
$ cd /code/path/to/react-admin/ && make build
# Return to your app and ensure all dependencies have resolved
$ cd /code/path/to/myapp/ && yarn install
# Start your app
$ yarn start
Automated tests are also crucial in our development process. You can run all the tests (linting, unit and functional tests) by calling:
make test
Unit tests use jest
, so you should be able to run a subset of tests, or run tests continuously on change, by passing options to
yarn jest
Besides, tests related to the modified files are ran automatically at commit using a git pre-commit hook. This means you won't be able to commit your changes if they break the tests.
When working on the end to end tests, you can leverage cypress runner by starting the simple example yourself (make run-simple
or yarn run-simple
) and starting cypress in another terminal (make test-e2e-local
or yarn test-e2e-local
).
If you have coding standards problems, you can fix them automatically using prettier
by calling
make prettier
However, these commands are ran automatically at each commit so you shouldn't have to worry about them.
If you want to contribute to the documentation, install jekyll, then call
make doc
And then browse to http://localhost:4000/
React-admin is licensed under the MIT License, sponsored and supported by marmelab.
This library is free to use, even for commercial purpose. If you want to give back, please talk about it, help newcomers, or contribute code. But the best way to give back is to donate to a charity. We recommend Doctors Without Borders.
FAQs
A frontend Framework for building admin applications on top of REST services, using ES6, React and Material UI
We found that react-admin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.