-- Create arc-files storage bucket
INSERT INTO storage.buckets (id, name, public)
VALUES ('arc-files', 'arc-files', true)
ON CONFLICT (id) DO NOTHING;

-- Allow authenticated users to upload
CREATE POLICY "Authenticated users can upload arc files"
ON storage.objects FOR INSERT TO authenticated
WITH CHECK (bucket_id = 'arc-files');

-- Allow authenticated users to read
CREATE POLICY "Authenticated users can read arc files"
ON storage.objects FOR SELECT TO authenticated
USING (bucket_id = 'arc-files');

-- Allow public read for previews
CREATE POLICY "Public can read arc files"
ON storage.objects FOR SELECT TO anon
USING (bucket_id = 'arc-files');

-- Allow authenticated users to delete their uploads
CREATE POLICY "Authenticated users can delete arc files"
ON storage.objects FOR DELETE TO authenticated
USING (bucket_id = 'arc-files');