#!/usr/bin/perl -w
#
# Zymonic Business Process and Information Management System
# Copyright Zednax Limited 2008 -
# For Authors and Changelog see the subversion history

# error handling
BEGIN
{
    use Zymonic::Utils qw(death_handler clean get_array);
    $main::SIG{__DIE__} = \&death_handler;
}

# Modules
use Zymonic;
use Zymonic::Config;
use Zymonic::Auth;

$Zymonic::system  = '';
$Zymonic::session = '';

$Zymonic::system = clean( shift @ARGV, '_' ) || '';

unless ($Zymonic::system)
{
    print "Usage: remove_redundant_table_permissions.pl [system]\n";
    exit(0);
}

$Zymonic::ZCONFIG{$Zymonic::system} = Zymonic::Config->new(
    system_name => $Zymonic::system,
    config_dir  => "/etc/zymonic",
    ip_address  => '127.0.0.1',
    protocol    => 'http'
);

my $db = $Zymonic::ZCONFIG{$Zymonic::system}->{DB};

my $auth = Zymonic::Auth->new(
    config      => $Zymonic::ZCONFIG{$Zymonic::system},
    session     => undef,
    DB          => $db,
    credentials => '',
    ip_address  => '127.0.0.1',
);

# iterate over all tables
foreach my $table_def ( map { $Zymonic::ZCONFIG{$Zymonic::system}->get_def( 'Table', $_->{ZName}->{content} ) }
    get_array( $Zymonic::ZCONFIG{$Zymonic::system}->{SysDef}->{Table} ) )
{
    my $table_name = ( $table_def->{SQLName} ? $table_def->{SQLName}->{content} : $table_def->{ZName}->{content} );
    next if $table_name eq 'zz_record_security';
    next if $table_name eq 'zz_enc_data';

    # get table and check if it uses table permissions
    my $table = Zymonic::Table->new(
        zname  => $table_def->{ZName}->{content},
        config => $Zymonic::ZCONFIG{$Zymonic::system},
        auth   => $auth,
        db     => $db,
    );
    next if $table->{rp_dependencies} == 0;

    # if table has record based permissions, remove any potential table permissions
    my $table_sec_id = $db->table_sec_id($table);
    my $existing     = $db->run_query(
        {
            string => 'SELECT COUNT(*) AS count FROM zz_record_security WHERE sec_id = ?',
            params => [$table_sec_id],
        }
    );
    if ( $existing && $existing->[0] && $existing->[0]->{count} )
    {
        $db->run_statement(
            {
                string => 'DELETE FROM zz_record_security WHERE sec_id = ?',
                params => [$table_sec_id],
            }
        );
        print "Table $table_name removed old table records.\n";
    }
}

print "Done.\n";