Spaces:
Running
Running
/* | |
# Fix RLS policies for codette_files table | |
1. Changes | |
- Drop existing RLS policies that might be conflicting | |
- Add new RLS policies for admin users | |
- Allow admin users to insert files | |
- Allow admin users to read files | |
- Allow admin users to update files | |
- Allow admin users to delete files | |
- Add RLS policies for regular authenticated users | |
- Allow reading files only | |
2. Security | |
- Ensures only admin users can upload/modify files | |
- All authenticated users can read files | |
- Proper RLS enforcement for file management | |
*/ | |
-- Drop existing policies to avoid conflicts | |
DROP POLICY IF EXISTS "Allow admin users to insert files" ON codette_files; | |
DROP POLICY IF EXISTS "Allow authenticated users to insert files" ON codette_files; | |
DROP POLICY IF EXISTS "Allow authenticated users to read files" ON codette_files; | |
-- Create new policies with proper checks | |
CREATE POLICY "Allow admin users to manage files" | |
ON codette_files | |
FOR ALL | |
TO authenticated | |
USING ( | |
(auth.jwt() ->> 'role')::text = 'admin' | |
) | |
WITH CHECK ( | |
(auth.jwt() ->> 'role')::text = 'admin' | |
); | |
CREATE POLICY "Allow authenticated users to read files" | |
ON codette_files | |
FOR SELECT | |
TO authenticated | |
USING (true); | |
-- Enable RLS if not already enabled | |
ALTER TABLE codette_files ENABLE ROW LEVEL SECURITY; |