Spaces:
Running
Running
File size: 1,863 Bytes
03bff6f |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
/*
# Update storage policies with existence checks
1. Changes
- Add existence checks before creating each policy
- Only create policies that don't already exist
- Maintain all required policies for the storage bucket
2. Security
- Maintain existing RLS policies
- Ensure proper access control for authenticated users
- Preserve admin-only upload restrictions
*/
-- Wrap everything in a transaction
BEGIN;
-- Create policies with existence checks
DO $$
BEGIN
-- Check and create read policy
IF NOT EXISTS (
SELECT 1 FROM pg_policies
WHERE tablename = 'objects'
AND schemaname = 'storage'
AND policyname = 'Allow authenticated users to read files'
) THEN
CREATE POLICY "Allow authenticated users to read files"
ON storage.objects FOR SELECT
TO authenticated
USING (bucket_id = 'codette-files');
END IF;
-- Check and create upload policy for admin users
IF NOT EXISTS (
SELECT 1 FROM pg_policies
WHERE tablename = 'objects'
AND schemaname = 'storage'
AND policyname = 'Allow admin users to upload files'
) THEN
CREATE POLICY "Allow admin users to upload files"
ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (bucket_id = 'codette-files' AND auth.jwt() ->> 'role' = 'admin');
END IF;
-- Check and create policy for admin file insertion
IF NOT EXISTS (
SELECT 1 FROM pg_policies
WHERE tablename = 'codette_files'
AND schemaname = 'public'
AND policyname = 'Allow admin users to insert files'
) THEN
CREATE POLICY "Allow admin users to insert files"
ON public.codette_files FOR INSERT
TO authenticated
WITH CHECK (auth.jwt() ->> 'role' = 'admin');
END IF;
END $$;
COMMIT; |