"""
add admin ui privilege to system-administrator role
"""
import contextlib

from yoyo import step

__depends__ = {'20240924_01_thbvh-hooks-for-edu-domains'}

def get_system_admin_id(cursor):
    cursor.execute(
        "SELECT role_id FROM roles WHERE role_name='system-administrator'")
    return cursor.fetchone()[0]

def add_admin_ui_privilege(conn):
    with contextlib.closing(conn.cursor()) as cursor:
        # Create admin-ui privilege
        cursor.execute(
            "INSERT INTO privileges (privilege_id, privilege_description) "
            "VALUES(?, ?)",
            ("system:user:admin-ui", "View UI elements that should only be visible to system administrators"))

        # Add UI privilege to system-administrator role
        cursor.execute(
            "INSERT INTO role_privileges (role_id, privilege_id) "
            "VALUES(?, ?)",
            (get_system_admin_id(cursor), "system:user:admin-ui")
        )

def remove_admin_ui_privilege(conn):
    with contextlib.closing(conn.cursor()) as cursor:
        # Remove UI privilege from system-administrator role
        cursor.execute(
            "DELETE FROM role_privileges WHERE privilege_id='system:user:admin-ui'")
        
        # Remove UI privilege from privileges table
        cursor.execute(
            "DELETE FROM privileges WHERE privilege_id='system:user:admin-ui'")

steps = [
    step(add_admin_ui_privilege, remove_admin_ui_privilege)
]