<?php

/**
 * @file
 * Install, update and uninstall functions for the protected_node module.
 */

/**
 * Implements hook_schema().
 */
function protected_node_schema() {
  $schema['protected_nodes'] = array(
    'description' => 'The table to store the node - password hash pairs.',
    'fields' => array(
      'nid' => array(
        'description' => 'The primary identifier for a node',
        'type' => 'int',
        'unsigned' => TRUE,
        'not null' => TRUE,
      ),
      'protected_node_is_protected' => array(
        'description' => 'Whether this node is currently protected.',
        'type' => 'int',
        'size' => 'small',
        'not null' => TRUE,
        'default' => 0,
      ),
      'protected_node_passwd' => array(
        'description' => 'The sha1/sha256 hashed password for the given node.',
        'type' => 'char',
        'length' => 128,
        'not null' => TRUE,
        'default' => '',
      ),
      'protected_node_passwd_changed' => array(
        'description' => 'Date when the password was last changed',
        'type' => 'int',
        'not null' => TRUE,
        'default' => 0,
      ),
      'protected_node_show_title' => array(
        'description' => 'Whether the title of the node should also be protected.',
        'type' => 'int',
        'size' => 'small',
        'not null' => TRUE,
        'default' => 0,
      ),
      'protected_node_emails' => array(
        'description' => 'List of email addresses which received the last notification.',
        'type' => 'text',
        'size' => 'normal',
      ),
      'protected_node_hint' => array(
        'description' => 'A hint about the password on this node.',
        'type' => 'text',
      ),
    ),
    'indexes' => array(
      'protected_is_protected' => array('protected_node_is_protected'),
      'protected_passwd' => array('protected_node_passwd'),
    ),
    'primary key' => array('nid'),
  );

  return $schema;
}

/**
 * Implements hook_install().
 */
function protected_node_install() {
  db_update('system')
    ->fields(array(
      'weight' => 80,
    ))
    ->condition('name', 'protected_node')
    ->condition('type', 'module')
    ->execute();
}

/**
 * Implements hook_uninstall().
 */
function protected_node_uninstall() {
  db_delete('variable')
    ->condition('name', 'protected_node_%%', 'LIKE')
    ->execute();
}

/**
 * Adds a protected_node_emails field to the protected_nodes table.
 */
function protected_node_update_7100() {
  db_add_field('protected_nodes', 'protected_node_emails', array(
    'type' => 'text',
    'size' => 'normal',
    'description' => 'List of email addresses which received the last notification.',
  ));
}

/**
 * Change size of protected_node_passwd from 40 to 128.
 */
function protected_node_update_7101() {
  db_change_field('protected_nodes', 'protected_node_passwd', 'protected_node_passwd', array(
    'description' => 'The sha1/sha256 hashed password for the given node.',
    'type' => 'char',
    'length' => 128,
    'not null' => TRUE,
    'default' => '',
  ));
}

/**
 * Manage "view protected content" permission deletion.
 */
function protected_node_update_7102() {
  // Get the rids with "view protected content".
  $rids = db_select('role_permission')
    ->fields('role_permission', array('rid'))
    ->condition('permission', 'view protected content')
    ->condition('module', 'protected_node')
    ->execute()
    ->fetchCol();

  // Get all permissions in the form of $permission => $module array.
  $permissions = user_permission_get_modules();

  if (isset($permissions['bypass password protection'])) {
    foreach ($rids as $rid) {
      // Give "bypass password protection" to roles with
      // "view protected content".
      user_role_grant_permissions($rid, array('bypass password protection'));

      // Remove "view protected content" from database.
      user_role_revoke_permissions($rid, array('view protected content'));
    }
  }
}

/**
 * Manage reorganisation of permissions.
 */
function protected_node_update_7103() {
  // Permission: access protected content.
  // Get the rids with "access protected content".
  $rids = db_select('role_permission')
    ->fields('role_permission', array('rid'))
    ->condition('permission', 'access protected content')
    ->condition('module', 'protected_node')
    ->execute()
    ->fetchCol();

  foreach ($rids as $rid) {
    // Give "access protected node password form" to roles with
    // "access protected content".
    user_role_grant_permissions($rid, array('access protected node password form'));

    // Remove "access protected content" from database.
    user_role_revoke_permissions($rid, array('access protected content'));
  }

  // Get all permissions in the form of $permission => $module array.
  $permissions = user_permission_get_modules();
  // This case treats users that were not affected in protected_node_update_7102
  // because 'bypass password protection' does no more exists in code.
  if (!isset($permissions['bypass password protection'])) {
    // Permission: view protected content.
    // Get the rids with "view protected content".
    $rids = db_select('role_permission')
      ->fields('role_permission', array('rid'))
      ->condition('permission', 'view protected content')
      ->condition('module', 'protected_node')
      ->execute()
      ->fetchCol();

    foreach ($rids as $rid) {
      // Give "access protected node overview page" to roles with
      // "view protected content".
      user_role_grant_permissions($rid, array('access protected node overview page'));

      // Give "edit protected content" to roles with "view protected content".
      user_role_grant_permissions($rid, array('edit protected content'));

      // Remove "bypass password protection" from database.
      user_role_revoke_permissions($rid, array('bypass password protection'));
    }
  }

  // Permission: bypass password protection.
  // Get the rids with "bypass password protection".
  $rids = db_select('role_permission')
    ->fields('role_permission', array('rid'))
    ->condition('permission', 'bypass password protection')
    ->condition('module', 'protected_node')
    ->execute()
    ->fetchCol();

  foreach ($rids as $rid) {
    // Give "access protected node overview page" to roles with
    // "bypass password protection".
    user_role_grant_permissions($rid, array('access protected node overview page'));

    // Give "view protected content" to roles with "bypass password protection".
    user_role_grant_permissions($rid, array('view protected content'));

    // Give "edit protected content" to roles with "bypass password protection".
    user_role_grant_permissions($rid, array('edit protected content'));

    // Remove "bypass password protection" from database.
    user_role_revoke_permissions($rid, array('bypass password protection'));
  }

  // Permission: edit any password.
  // Get the rids with "edit any password".
  $rids = db_select('role_permission')
    ->fields('role_permission', array('rid'))
    ->condition('permission', 'edit any password')
    ->condition('module', 'protected_node')
    ->execute()
    ->fetchCol();

  foreach ($rids as $rid) {
    // Give "edit any protected node password" to roles with
    // "edit any password".
    user_role_grant_permissions($rid, array('edit any protected node password'));

    // Remove "edit any password" from database.
    user_role_revoke_permissions($rid, array('edit any password'));
  }
}