Spaces:
Running
Running
File size: 1,657 Bytes
03bff6f |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
/*
# Update RLS policies for file management
1. Changes
- Update storage.objects policies
- Update codette_files table policies
- Enable RLS on codette_files table
2. Security
- Allow authenticated users to read files
- Allow admin users to upload files
- Allow authenticated users to insert files
*/
-- Drop existing policies if they exist
DROP POLICY IF EXISTS "Allow authenticated users to read files" ON storage.objects;
DROP POLICY IF EXISTS "Allow admin users to upload files" ON storage.objects;
DROP POLICY IF EXISTS "Allow authenticated users to read files" ON public.codette_files;
DROP POLICY IF EXISTS "Allow admin users to insert files" ON public.codette_files;
DROP POLICY IF EXISTS "Allow authenticated users to insert files" ON public.codette_files;
-- Storage Policies
CREATE POLICY "Allow authenticated users to read files"
ON storage.objects FOR SELECT
TO authenticated
USING (bucket_id = 'codette-files');
CREATE POLICY "Allow admin users to upload files"
ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (
bucket_id = 'codette-files'
AND (auth.jwt() ->> 'role' = 'admin')
);
-- File Management Policies
CREATE POLICY "Allow authenticated users to read files"
ON public.codette_files FOR SELECT
TO authenticated
USING (true);
CREATE POLICY "Allow admin users to insert files"
ON public.codette_files FOR INSERT
TO authenticated
WITH CHECK (auth.jwt() ->> 'role' = 'admin');
CREATE POLICY "Allow authenticated users to insert files"
ON public.codette_files FOR INSERT
TO authenticated
WITH CHECK (true);
-- Enable RLS
ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY; |