#!/bin/bash
# Privileged helper for edubuntu-installer (called via pkexec).

SCHEMA_DIR="/usr/share/glib-2.0/schemas"
MARKER_NAME=".config/edubuntu/age-group"

# Keys reset when applying Tertiary (default) per-user
DCONF_KEYS=(
    /org/gnome/desktop/background/picture-uri
    /org/gnome/desktop/background/picture-uri-dark
    /org/gnome/desktop/screensaver/picture-uri
    /org/gnome/shell/favorite-apps
)

run_as_user() {
    local username="$1"
    shift
    local homedir
    homedir=$(getent passwd "$username" | cut -d: -f6)
    HOME="$homedir" runuser -u "$username" -- "$@"
}

get_homedir() {
    getent passwd "$1" | cut -d: -f6
}

write_marker() {
    local username="$1" label="$2"
    local homedir
    homedir=$(get_homedir "$username")
    local marker="$homedir/$MARKER_NAME"
    local marker_dir
    marker_dir=$(dirname "$marker")

    # Ensure directory exists, owned by the user
    if [ ! -d "$marker_dir" ]; then
        install -d -o "$username" -g "$(id -gn "$username")" "$marker_dir"
    fi

    # Remove immutable flag if file already exists
    [ -f "$marker" ] && chattr -i "$marker" 2>/dev/null

    printf '%s\n' "$label" > "$marker"
    chmod 644 "$marker"
    chattr +i "$marker"
}

remove_marker() {
    local username="$1"
    local homedir
    homedir=$(get_homedir "$username")
    local marker="$homedir/$MARKER_NAME"
    if [ -f "$marker" ]; then
        chattr -i "$marker" 2>/dev/null
        rm -f "$marker"
    fi
}

case "$1" in
    update)
        apt-get update
        ;;
    install)
        shift
        apt-get install -y "$@"
        ;;
    autoremove)
        shift
        for pkg in "$@"; do
            apt-cache depends "$pkg" 2>/dev/null | grep ':' | cut -d: -f2- | \
                sed 's/^[[:space:]]*//' | while IFS= read -r dep; do
                    [ -n "$dep" ] && [ "$dep" != "386" ] && \
                        apt-mark auto "$dep" 2>/dev/null || true
                done
            apt-get autoremove "$pkg" -y
        done
        ;;
    newdefault)
        target="$2"
        content="$3"
        rm -f "$SCHEMA_DIR"/96-edubuntu-*.gschema.override
        printf '%s' "$content" > "$target"
        glib-compile-schemas "$SCHEMA_DIR"
        ;;
    tertdefault)
        rm -f "$SCHEMA_DIR"/96-edubuntu-*.gschema.override
        glib-compile-schemas "$SCHEMA_DIR"
        ;;
    userdefault)
        username="$2"
        content="$3"
        label="$4"
        printf '%s' "$content" | run_as_user "$username" dbus-run-session dconf load /
        write_marker "$username" "$label"
        ;;
    usertertdefault)
        username="$2"
        cmd=""
        for key in "${DCONF_KEYS[@]}"; do
            cmd="${cmd}dconf reset ${key}; "
        done
        run_as_user "$username" dbus-run-session bash -c "$cmd"
        remove_marker "$username"
        ;;
    *)
        echo "Usage: $0 {update|install|autoremove|newdefault|tertdefault|userdefault|usertertdefault}" >&2
        exit 1
        ;;
esac
