Monkey Patching Serpico

Monkey Patching is a technique to modify the way a dynamic language operates at run time. One of the goals we had from the plug-in framework is that it would allow a developer to overwrite parts of Serpico. Specifically, a developer could completely modify the way some part of their reporting process works with a minimal amount of code.

This blog post is about the Auth_Mode plugin which is a simple example of a plugin to monkey patch Serpico.


Auth_Mode is powerful, it completely disables authentication and authorization. When installed and enabled, any user who visits the server is a full administrator without logging in.

I use Auth_Mode to speed up my development process; specifically when I want to change quickly between users or as a full administrator without using a password or navigation.


There is only one file in the Auth_Mode plugin; run.rb. First, run.rb overrides the Serpico server itself with the line:

  class Server < Sinatra::Application

When this code is loaded, any methods contained in run.rb will override existing Server.rb methods. Note, the rest of the server is left as is.

Next, run.rb overrides the is_administrator? call which is used throughout Serpico to check if a user is an administrator:

 def is_administrator?
      return true

And that’s it! Everytime the server looks to check if a user is an administrator, this method is overridden to always return true.

Other Applications

I kept this plug-in short on purpose. There are many many other ways you could apply similar ideas. For example:

  • Override report generation to always store on another server
  • Third party logging
  • Extend the API
  • Parse input data on another server


As of today you will need to use a Master branch version of Serpico for this to work. Release 1.1.1 which should be out within the next few weeks will natively support this functionality.