# Generated by Django 5.0.9 on 2024-10-10 10:41

from django.db import migrations, transaction
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
from django.db.migrations.state import StateApps
from django.db.models import Max, Min, OuterRef


def remap_can_manage_all_groups_for_existing_realms(
    apps: StateApps, schema_editor: BaseDatabaseSchemaEditor
) -> None:
    Realm = apps.get_model("zerver", "Realm")
    NamedUserGroup = apps.get_model("zerver", "NamedUserGroup")
    BATCH_SIZE = 1000
    max_id = NamedUserGroup.objects.aggregate(Max("id"))["id__max"]

    if max_id is None:
        # Do nothing if there are no user groups on the server.
        return

    lower_bound = NamedUserGroup.objects.aggregate(Min("id"))["id__min"]

    while lower_bound <= max_id:
        upper_bound = lower_bound + BATCH_SIZE - 1
        print(f"Processing batch {lower_bound} to {upper_bound} for NamedUserGroup")

        with transaction.atomic():
            # Since can_manage_group, can_add_members_group, etc. have
            # migrated to the nearest possible value from
            # user_group_edit_policy, we want to set
            # can_manage_all_groups to the most restrictive setting
            # previously possible. We've chosen administrators as the
            # value here since the highest possible
            # user_group_edit_policy was with role administrators.
            Realm.objects.update(
                can_manage_all_groups=NamedUserGroup.objects.filter(
                    name="role:administrators", realm=OuterRef("id"), is_system_group=True
                ).values("pk")
            )

        lower_bound += BATCH_SIZE


class Migration(migrations.Migration):
    atomic = False
    dependencies = [
        ("zerver", "0601_alter_namedusergroup_can_add_members_group"),
    ]

    operations = [
        migrations.RunPython(
            remap_can_manage_all_groups_for_existing_realms,
            elidable=True,
            reverse_code=migrations.RunPython.noop,
        )
    ]