#!/bin/sh
#

export LC_ALL=C
SIGNON_DB="$HOME/.config/signond/signon.db"

ACCOUNT_ID=`account-console list | grep -i ubuntuone | grep -o '[0-9]\+'`
if [ -z $ACCOUNT_ID ]; then
	echo "no U1 account found; exiting"
	exit 1
fi
CREDS_ID=`account-console show $ACCOUNT_ID | grep CredentialsId | grep -o '[0-9]\+'`
if [ -z $CREDS_ID ]; then
	echo "no U1 account found; exiting"
	exit 1
fi

echo "Upgrading ACL for U1 account (id:$CREDS_ID)"

# ensure the 'unconfined' element exists in the table
UNCONFINED=`sqlite3 $SIGNON_DB 'select id from TOKENS where token="unconfined"'`
if [ -z $UNCONFINED ]; then
	sqlite3 $SIGNON_DB 'insert or ignore into TOKENS(token) values ("unconfined")'
fi

# add the ACL to protect the U1 account
sqlite3 $SIGNON_DB "insert or ignore into ACL (identity_id, token_id) values ($CREDS_ID, (select id from TOKENS where token='unconfined'))"

echo "done"
