-- Create the missing company-assets bucket
INSERT INTO storage.buckets (id, name, public)
VALUES ('company-assets', 'company-assets', true)
ON CONFLICT (id) DO NOTHING;

-- RLS policies for company-assets bucket
CREATE POLICY "Authenticated users can upload to company-assets"
ON storage.objects FOR INSERT TO authenticated
WITH CHECK (bucket_id = 'company-assets');

CREATE POLICY "Authenticated users can read company-assets"
ON storage.objects FOR SELECT TO authenticated
USING (bucket_id = 'company-assets');

CREATE POLICY "Authenticated users can update company-assets"
ON storage.objects FOR UPDATE TO authenticated
USING (bucket_id = 'company-assets');

CREATE POLICY "Authenticated users can delete company-assets"
ON storage.objects FOR DELETE TO authenticated
USING (bucket_id = 'company-assets');

-- Allow public read access since bucket is public
CREATE POLICY "Public can read company-assets"
ON storage.objects FOR SELECT TO anon
USING (bucket_id = 'company-assets');