-- Allow RV renters/owners to discover and self-link a rental that was created
-- with their email but never had user_id set yet. This supports the renter
-- portal's email-based fallback (renters often have no owners record).

CREATE POLICY "RV renters can view rental matching their email"
ON public.rv_boat_lot_rentals
FOR SELECT
TO authenticated
USING (
  user_id IS NULL
  AND status = 'active'
  AND renter_email IS NOT NULL
  AND lower(renter_email) = lower(coalesce((auth.jwt() ->> 'email'), ''))
);

CREATE POLICY "RV renters can self-link rental by email"
ON public.rv_boat_lot_rentals
FOR UPDATE
TO authenticated
USING (
  user_id IS NULL
  AND status = 'active'
  AND renter_email IS NOT NULL
  AND lower(renter_email) = lower(coalesce((auth.jwt() ->> 'email'), ''))
)
WITH CHECK (
  user_id = auth.uid()
);