Added mongodb support as a data source

[davidrojasliblab]

📋 Pull Request Summary

This PR implements MongoDB support and fixes critical connection issues that were preventing database queries from executing properly. The changes include MongoDB integration, environment configuration fixes, and resolution of API endpoint routing problems.

🔗 Related Issues

• Fixes merge conflicts in QueryModal.tsx
• Fixes API URL configuration issues causing "Failed to parse URL from undefined/api/execute-query" errors
• Fixes MongoDB connection testing returning HTML instead of JSON responses

📝 Changes Made

• Added MongoDB Support: Implemented complete MongoDB accessor with connection testing, query execution, and schema introspection
• Fixed Environment Variables: Corrected environment variable configuration for both Next.js and Vite compatibility
• Resolved Merge Conflicts: Properly merged QueryModal.tsx with combined functionality from both branches
• Fixed API Routing: Corrected database connection testing endpoint paths and implemented proper connection validation
• Enhanced Query Modal: Updated query formatting to support both SQL and MongoDB with proper error handling
• Improved Connection Testing: Replaced placeholder connection testing with real database connectivity checks using
  DataSourcePluginManager

🧪 Testing

• Manual testing performed
• Connection testing verified for MongoDB
• Query execution tested for both SQL and MongoDB

Testing Details:

• Verified MongoDB connection testing with mongodb://localhost:27017/airbnb
• Tested SQL query generation and execution remains functional
• Confirmed environment variable changes don't break existing functionality
• Validated merge conflict resolution maintains all intended features

📚 Documentation

• Code is self-documenting with clear variable/function names
• Added comprehensive MongoDB accessor documentation
• No breaking changes to existing API contracts
• No documentation changes needed

🔒 SECURITY FIX:

Resolved critical NoSQL injection vulnerability in MongoDB parameter handling
- Replaced dangerous string replacement with secure recursive object traversal
- Added strict parameter placeholder validation to prevent injection attacks
- Enhanced parameter parsing with proper type safety

The functionality remains the same for legitimate use cases, but injection attacks are now prevented. This is essential before
merging to production.

🔄 Type of Change

• 🐛 Bug fix (non-breaking change that fixes an issue)
• ✨ New feature (non-breaking change that adds functionality)

🚨 Breaking Changes

• This PR introduces breaking changes

📋 Additional Notes

Key Technical Fixes:

1. Environment Configuration: Fixed VITE_API_BASE_URL and related environment variables to ensure proper API URL construction
2. API Endpoint Routing: Corrected /api/data-sources/edit/testing to /api/data-sources/testing to resolve 404 errors
3. Connection Testing: Implemented actual database connection validation using MongoDB driver instead of placeholder responses
4. Query Formatting: Enhanced query modal to handle both SQL and MongoDB query formatting with protocol-specific logic

Files Modified:

• MongoDB accessor and data access layer
• Query modal component with merge conflict resolution
• API endpoints for connection testing
• Environment configuration and action runner
• Database execution proxy for proper URL handling

[gemini-code-assist]

Summary of Changes

Hello @davidrojasliblab, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

I've significantly expanded the application's data source capabilities by adding comprehensive support for MongoDB. This includes a new MongoDB data accessor, integration into the plugin system, and enhancements to the AI query generation to intelligently handle both SQL and MongoDB queries. Alongside this new feature, I've addressed several critical issues related to database connectivity, API routing, and environment variable handling, ensuring a more stable and reliable experience. A key focus was also on security, with a fix for a potential NoSQL injection vulnerability. Finally, I've refined the user interface and experience, particularly within the chat component, by improving URL persistence and error recovery mechanisms.

Highlights

• MongoDB Integration: I've integrated full MongoDB support, enabling connection testing, query execution, and schema introspection for MongoDB databases.
• Connection and Configuration Fixes: I've resolved several critical issues, including correcting API endpoint routing, fixing environment variable configurations, and ensuring robust database connection testing.
• Query Modal and AI Generation Enhancements: I've enhanced the query modal to dynamically format queries for both SQL and MongoDB, and improved the AI's ability to generate queries for different database types, even without a pre-selected data source.
• NoSQL Injection Vulnerability Fix: I've implemented a crucial security fix to prevent NoSQL injection vulnerabilities in MongoDB parameter handling by using secure recursive object traversal and strict validation.
• Chat UI/UX and Stability Improvements: I've improved the chat user experience by ensuring chat IDs are reflected in the URL for better persistence and navigation, and by making error recovery more robust when loading chat history or starter templates.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments or fill out our survey to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces significant new functionality by adding MongoDB as a supported data source. The implementation is comprehensive, covering the data accessor, connection testing, query generation via LLM, and security measures against NoSQL injection. The changes also include substantial refactoring to support multiple database types gracefully and numerous robustness improvements to the chat UI and data handling logic. My review focuses on the security and correctness of the new MongoDB parameter handling and a potential reliability issue in the chat UI's state management.