-- Generic entity votes (reusable for bids, board votes, etc.) CREATE TABLE public.entity_votes ( id UUID PRIMARY KEY DEFAULT gen_random_uuid(), entity_type TEXT NOT NULL, entity_id UUID NOT NULL, user_id UUID NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE, vote TEXT NOT NULL CHECK (vote IN ('approve', 'deny')), created_at TIMESTAMPTZ NOT NULL DEFAULT now(), UNIQUE (entity_type, entity_id, user_id) ); CREATE INDEX idx_entity_votes_lookup ON public.entity_votes(entity_type, entity_id); ALTER TABLE public.entity_votes ENABLE ROW LEVEL SECURITY; CREATE POLICY "Staff full access on entity_votes" ON public.entity_votes FOR ALL TO authenticated USING (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role)) WITH CHECK (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role)); CREATE POLICY "Authenticated users can view entity_votes" ON public.entity_votes FOR SELECT TO authenticated USING (true); -- Generic entity comments CREATE TABLE public.entity_comments ( id UUID PRIMARY KEY DEFAULT gen_random_uuid(), entity_type TEXT NOT NULL, entity_id UUID NOT NULL, user_id UUID NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE, comment TEXT NOT NULL, created_at TIMESTAMPTZ NOT NULL DEFAULT now(), updated_at TIMESTAMPTZ NOT NULL DEFAULT now() ); CREATE INDEX idx_entity_comments_lookup ON public.entity_comments(entity_type, entity_id); ALTER TABLE public.entity_comments ENABLE ROW LEVEL SECURITY; CREATE POLICY "Staff full access on entity_comments" ON public.entity_comments FOR ALL TO authenticated USING (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role)) WITH CHECK (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role)); CREATE POLICY "Authenticated users can view entity_comments" ON public.entity_comments FOR SELECT TO authenticated USING (true); -- Board votes table for the Board Votes feature CREATE TABLE public.board_votes ( id UUID PRIMARY KEY DEFAULT gen_random_uuid(), association_id UUID NOT NULL REFERENCES public.associations(id) ON DELETE CASCADE, title TEXT NOT NULL, description TEXT, status TEXT NOT NULL DEFAULT 'open', created_by UUID REFERENCES auth.users(id), created_at TIMESTAMPTZ NOT NULL DEFAULT now(), updated_at TIMESTAMPTZ NOT NULL DEFAULT now() ); ALTER TABLE public.board_votes ENABLE ROW LEVEL SECURITY; CREATE POLICY "Staff full access on board_votes" ON public.board_votes FOR ALL TO authenticated USING (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role)) WITH CHECK (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role)); CREATE POLICY "Authenticated users can view board_votes" ON public.board_votes FOR SELECT TO authenticated USING (true);