Skip to content

Commit c5c874b

Browse files
author
Steven Surowiec
committed
Added read only flag
If this flag is set to true all the edit/delete/create options are removed. A read only user can prevent these actions at the DB level, this just updates the UI to reflect this status.
1 parent 705b45d commit c5c874b

File tree

1 file changed

+68
-47
lines changed

1 file changed

+68
-47
lines changed

mongodbadmin.php

Lines changed: 68 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,8 @@
2828
'connect' => true
2929
);
3030

31+
$readOnly = false;
32+
3133
if (!class_exists('Mongo'))
3234
{
3335
die("Mongo support required. Install mongo pecl extension with 'pecl install mongo; echo \"extension=mongo.so\" >> php.ini'");
@@ -228,7 +230,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
228230
}
229231

230232
// DELETE DB
231-
if (isset($_REQUEST['delete_db'])) {
233+
if (isset($_REQUEST['delete_db']) && $readOnly !== true) {
232234
$mongo
233235
->selectDB($_REQUEST['delete_db'])
234236
->drop();
@@ -238,7 +240,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
238240
}
239241

240242
// CREATE DB
241-
if (isset($_REQUEST['create_db'])) {
243+
if (isset($_REQUEST['create_db']) && $readOnly !== true) {
242244
$mongo->selectDB($_REQUEST['create_db'])->createCollection('__tmp_collection_');
243245
$mongo->selectDB($_REQUEST['create_db'])->dropCollection('__tmp_collection_');
244246

@@ -248,7 +250,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
248250
}
249251

250252
// CREATE DB COLLECTION
251-
if (isset($_REQUEST['create_collection'])) {
253+
if (isset($_REQUEST['create_collection']) && $readOnly !== true) {
252254
$mongo
253255
->selectDB($_REQUEST['db'])
254256
->createCollection($_REQUEST['create_collection']);
@@ -258,7 +260,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
258260
}
259261

260262
// DELETE DB COLLECTION
261-
if (isset($_REQUEST['delete_collection'])) {
263+
if (isset($_REQUEST['delete_collection']) && $readOnly !== true) {
262264
$mongo
263265
->selectDB($_REQUEST['db'])
264266
->selectCollection($_REQUEST['delete_collection'])
@@ -269,7 +271,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
269271
}
270272

271273
// DELETE DB COLLECTION DOCUMENT
272-
if (isset($_REQUEST['delete_document'])) {
274+
if (isset($_REQUEST['delete_document']) && $readOnly !== true) {
273275
$collection = $mongo->selectDB($_REQUEST['db'])->selectCollection($_REQUEST['collection']);
274276

275277
if (isset($_REQUEST['custom_id'])) {
@@ -283,7 +285,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
283285
}
284286

285287
// DELETE DB COLLECTION DOCUMENT FIELD AND VALUE
286-
if (isset($_REQUEST['delete_document_field'])) {
288+
if (isset($_REQUEST['delete_document_field']) && $readOnly !== true) {
287289
$coll = $mongo
288290
->selectDB($_REQUEST['db'])
289291
->selectCollection($_REQUEST['collection']);
@@ -298,7 +300,7 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
298300
}
299301

300302
// INSERT OR UPDATE A DB COLLECTION DOCUMENT
301-
if (isset($_POST['save'])) {
303+
if (isset($_POST['save']) && $readOnly !== true) {
302304
$customId = isset($_REQUEST['custom_id']);
303305
$collection = $mongo->selectDB($_REQUEST['db'])->selectCollection($_REQUEST['collection']);
304306

@@ -497,13 +499,15 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
497499
<?php // CREATE AND LIST DBs TEMPLATE ?>
498500
<?php if ( ! isset($_REQUEST['db'])): ?>
499501

500-
<div id="create_form">
501-
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
502-
<label for="create_db_field">Create Database</label>
503-
<input type="text" name="create_db" id="create_db_field" />
504-
<input type="submit" name="save" value="Save" class="save_button" />
505-
</form>
506-
</div>
502+
<?php if ($readOnly !== true): ?>
503+
<div id="create_form">
504+
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
505+
<label for="create_db_field">Create Database</label>
506+
<input type="text" name="create_db" id="create_db_field" />
507+
<input type="submit" name="save" value="Save" class="save_button" />
508+
</form>
509+
</div>
510+
<?php endif; ?>
507511

508512
<h2>Databases</h2>
509513

@@ -521,7 +525,12 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
521525
<tr>
522526
<td><a href="<?php echo $_SERVER['PHP_SELF'] . '?db=' . $db['name'] ?>"><?php echo $db['name'] ?></a></td>
523527
<td><?php echo count($mongo->selectDb($db['name'])->listCollections()) ?></td>
524-
<td><a href="<?php echo $_SERVER['PHP_SELF'] ?>?delete_db=<?php echo $db['name'] ?>" onClick="return confirm('Are you sure you want to delete this database?');">Delete</a></td>
528+
529+
<?php if ($readOnly !== true): ?>
530+
<td><a href="<?php echo $_SERVER['PHP_SELF'] ?>?delete_db=<?php echo $db['name'] ?>" onClick="return confirm('Are you sure you want to delete this database?');">Delete</a></td>
531+
<?php else: ?>
532+
<td>&nbsp;</td>
533+
<?php endif; ?>
525534
</tr>
526535
<?php endforeach; ?>
527536
</tbody>
@@ -530,13 +539,15 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
530539
<?php // CREATE AND LIST DB COLLECTIONS ?>
531540
<?php elseif (isset($_REQUEST['db']) && ! isset($_REQUEST['collection'])): ?>
532541

533-
<div id="create_form">
534-
<form action="<?php echo $_SERVER['PHP_SELF'] ?>?db=<?php echo $_REQUEST['db'] ?>" method="POST">
535-
<label for="create_collection_field">Create Collection</label>
536-
<input type="text" name="create_collection" id="create_collection_field" />
537-
<input type="submit" name="create" value="Save" class="save_button" />
538-
</form>
539-
</div>
542+
<?php if ($readOnly !== true): ?>
543+
<div id="create_form">
544+
<form action="<?php echo $_SERVER['PHP_SELF'] ?>?db=<?php echo $_REQUEST['db'] ?>" method="POST">
545+
<label for="create_collection_field">Create Collection</label>
546+
<input type="text" name="create_collection" id="create_collection_field" />
547+
<input type="submit" name="create" value="Save" class="save_button" />
548+
</form>
549+
</div>
550+
<?php endif; ?>
540551

541552
<h2>
542553
<a href="<?php echo $_SERVER['PHP_SELF'] ?>">Databases</a> >>
@@ -556,7 +567,12 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
556567
<tr>
557568
<td><a href="<?php echo $_SERVER['PHP_SELF'] . '?db=' . $_REQUEST['db'] . '&collection=' . $collection->getName() ?>"><?php echo $collection->getName() ?></a></td>
558569
<td><?php echo $collection->count(); ?></td>
559-
<td><a href="<?php echo $_SERVER['PHP_SELF'] ?>?db=<?php echo $_REQUEST['db'] ?>&delete_collection=<?php echo $collection->getName() ?>" onClick="return confirm('Are you sure you want to delete this collection?');">Delete</a></td>
570+
571+
<?php if ($readOnly !== true): ?>
572+
<td><a href="<?php echo $_SERVER['PHP_SELF'] ?>?db=<?php echo $_REQUEST['db'] ?>&delete_collection=<?php echo $collection->getName() ?>" onClick="return confirm('Are you sure you want to delete this collection?');">Delete</a></td>
573+
<?php else: ?>
574+
<td>&nbsp;</td>
575+
<?php endif; ?>
560576
</tr>
561577
<?php endforeach; ?>
562578
</tbody>
@@ -664,60 +680,65 @@ function findMongoDbDocument($id, $db, $collection, $forceCustomId = false)
664680
}
665681
?>
666682
</td>
667-
<?php if (is_object($document['_id']) && $document['_id'] instanceof MongoId): ?>
683+
<?php if (is_object($document['_id']) && $document['_id'] instanceof MongoId && $readOnly !== true): ?>
668684
<td><a href="<?php echo $_SERVER['PHP_SELF'] . '?db=' . $_REQUEST['db'] . '&collection=' . $_REQUEST['collection'] ?>&delete_document=<?php echo (string) $document['_id'] ?>" onClick="return confirm('Are you sure you want to delete this document?');">Delete</a></td>
669-
<?php else: ?>
685+
<?php elseif ($readOnly !== true): ?>
670686
<td><a href="<?php echo $_SERVER['PHP_SELF'] . '?db=' . $_REQUEST['db'] . '&collection=' . $_REQUEST['collection'] ?>&delete_document=<?php echo (string) $document['_id'] ?>&custom_id=1" onClick="return confirm('Are you sure you want to delete this document?');">Delete</a></td>
671687
<?php endif; ?>
672688
</tr>
673689
<?php endforeach; ?>
674690
</tbody>
675691
</table>
676692

677-
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
678-
<input type="hidden" name="values[_id]" value="<?php echo $document['_id'] ?>" />
693+
<?php if ($readOnly !== true): ?>
694+
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
695+
<input type="hidden" name="values[_id]" value="<?php echo $document['_id'] ?>" />
679696

680-
<?php if (is_object($document['_id']) && $document['_id'] instanceof MongoId): ?>
681-
<input type="hidden" name="custom_id" value="1" />
682-
<?php endif; ?>
697+
<?php if (is_object($document['_id']) && $document['_id'] instanceof MongoId): ?>
698+
<input type="hidden" name="custom_id" value="1" />
699+
<?php endif; ?>
700+
701+
<?php foreach ($_REQUEST as $k => $v): ?>
702+
<input type="hidden" name="<?php echo $k ?>" value="<?php echo $v ?>" />
703+
<?php endforeach; ?>
683704

684-
<?php foreach ($_REQUEST as $k => $v): ?>
685-
<input type="hidden" name="<?php echo $k ?>" value="<?php echo $v ?>" />
686-
<?php endforeach; ?>
687705
<h2>Create New Document</h2>
688706
<input type="submit" name="save" value="Save" class="save_button" />
689707
<textarea name="value"></textarea>
690708
<input type="submit" name="save" value="Save" class="save_button" />
691-
</form>
709+
</form>
710+
<?php endif; ?>
692711

693712
<?php // EDIT DB COLLECTION DOCUMENT ?>
694713
<?php else: ?>
695714

696-
<h2>
715+
<h2>
697716
<a href="<?php echo $_SERVER['PHP_SELF'] ?>">Databases</a> >>
698717
<a href="<?php echo $_SERVER['PHP_SELF'] ?>?db=<?php echo $_REQUEST['db'] ?>"><?php echo $_REQUEST['db'] ?></a> >>
699718
<a href="<?php echo $_SERVER['PHP_SELF'] . '?db=' . $_REQUEST['db'] . '&collection=' . $_REQUEST['collection'] ?>"><?php echo $_REQUEST['collection'] ?></a> >>
700719
<?php echo $_REQUEST['id'] ?>
701-
</h2>
702-
<?php $document = findMongoDbDocument($_REQUEST['id'], $_REQUEST['db'], $_REQUEST['collection']); ?>
720+
</h2>
721+
<?php $document = findMongoDbDocument($_REQUEST['id'], $_REQUEST['db'], $_REQUEST['collection']); ?>
703722

704-
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
705-
<input type="hidden" name="values[_id]" value="<?php echo $document['_id'] ?>" />
706-
<?php foreach ($_REQUEST as $k => $v): ?>
723+
<input type="hidden" name="values[_id]" value="<?php echo $document['_id'] ?>" />
724+
<?php foreach ($_REQUEST as $k => $v): ?>
707725
<input type="hidden" name="<?php echo $k ?>" value="<?php echo $v ?>" />
708-
<?php endforeach; ?>
726+
<?php endforeach; ?>
709727

710728
<pre><code><?php echo renderDocumentPreview($mongo, $document) ?></code></pre>
711729

712730
<?php $prepared = prepareMongoDBDocumentForEdit($document) ?>
713731

714-
<h2>Edit Document</h2>
715-
<input type="submit" name="save" value="Save" class="save_button" />
716-
<textarea name="value"><?php echo var_export($prepared, true) ?></textarea>
717-
<input type="submit" name="save" value="Save" class="save_button" />
718-
</form>
732+
<?php if ($readOnly !== true): ?>
733+
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
734+
<h2>Edit Document</h2>
735+
<input type="submit" name="save" value="Save" class="save_button" />
736+
<textarea name="value"><?php echo var_export($prepared, true) ?></textarea>
737+
<input type="submit" name="save" value="Save" class="save_button" />
738+
</form>
739+
<?php endif; ?>
719740

720-
<?php endif; ?>
741+
<?php endif; ?>
721742
<?php // END ACTION TEMPLATES ?>
722743

723744
<p id="footer">Created by <a href="http://www.twitter.com/jwage" target="_BLANK">Jonathan H. Wage</a></p>

0 commit comments

Comments
 (0)