# Generated by Django 5.0.9 on 2024-10-10 10:41

from django.db import migrations, transaction
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
from django.db.migrations.state import StateApps
from django.db.models import Max, OuterRef


def remap_can_manage_all_groups_for_existing_realms(
    apps: StateApps, schema_editor: BaseDatabaseSchemaEditor
) -> None:
    Realm = apps.get_model("zerver", "Realm")
    NamedUserGroup = apps.get_model("zerver", "NamedUserGroup")
    max_id = NamedUserGroup.objects.aggregate(Max("id"))["id__max"]

    if max_id is None:
        # Do nothing if there are no user groups on the server.
        return

    with transaction.atomic():
        # Since can_manage_group, can_add_members_group, etc. have
        # migrated to the nearest possible value from
        # user_group_edit_policy, we want to set
        # can_manage_all_groups to the most restrictive setting
        # previously possible. We've chosen administrators as the
        # value here since the highest possible
        # user_group_edit_policy was with role administrators.
        Realm.objects.update(
            can_manage_all_groups=NamedUserGroup.objects.filter(
                name="role:administrators", realm=OuterRef("id"), is_system_group=True
            ).values("pk")
        )


class Migration(migrations.Migration):
    atomic = False
    dependencies = [
        ("zerver", "0601_alter_namedusergroup_can_add_members_group"),
    ]

    operations = [
        migrations.RunPython(
            remap_can_manage_all_groups_for_existing_realms,
            elidable=True,
            reverse_code=migrations.RunPython.noop,
        )
    ]