I have not used any of these. But I am wondering how I would most efficiently implement admin Views/Screens with them, mostly from a security perspective, to not leak internals.
Serverside: (PHP/Java/Ruby/Python...)
Its quite easy and very secure to conditionally output form elements that are only available in the administration views.
Clientside (Ember/Angular/Meteor...):
I could conditionally check the Role/Permission on Client-Side and render accordingly the screens. But it will always leak internal information (someone can get a very good understanding what internal features my application offers for administrators, looking at the source). (Of course I have to do a validation on the serverside too!)
How is this solved?
Is the common practice to recode the administration views and having two interfaces, leading to code duplication? Or what are common practices to solve this?
I've written an application in Ember and I've included administration panel in it, but only users with isAdmin set to true could access it. Looking at this issue now I would go with creating 2 applications - 1 for casual users and 1 for administrators. I would go for it because less code would be served to end users and administrator specific logic and views would be completely inaccessible for normal users. So, my recommendation for you, if you go with Ember, is to create 2 applications instead of 1 and sharing same code via local Ember CLI addon.