DROP POLICY IF EXISTS "Homeowners can comment on own ARC apps" ON public.arc_application_comments;
CREATE POLICY "Homeowners and RV Boat Lot can comment on own ARC apps"
ON public.arc_application_comments
FOR INSERT
TO authenticated
WITH CHECK (
  (public.has_role(auth.uid(), 'homeowner'::public.app_role) OR public.has_role(auth.uid(), 'rv_boat_lot'::public.app_role))
  AND application_id IN (
    SELECT a.id
    FROM public.arc_applications a
    JOIN public.owners o ON o.id = a.owner_id
    WHERE o.user_id = auth.uid()
  )
);

DROP POLICY IF EXISTS "Homeowners can submit ARC applications" ON public.arc_applications;
CREATE POLICY "Homeowners and RV Boat Lot can submit ARC applications"
ON public.arc_applications
FOR INSERT
TO authenticated
WITH CHECK (
  (public.has_role(auth.uid(), 'homeowner'::public.app_role) OR public.has_role(auth.uid(), 'rv_boat_lot'::public.app_role))
  AND association_id IN (
    SELECT o.association_id
    FROM public.owners o
    WHERE o.user_id = auth.uid()
  )
);

DROP POLICY IF EXISTS "Homeowners can update own pending ARC applications" ON public.arc_applications;
CREATE POLICY "Homeowners and RV Boat Lot can update own pending ARC applications"
ON public.arc_applications
FOR UPDATE
TO authenticated
USING (
  (public.has_role(auth.uid(), 'homeowner'::public.app_role) OR public.has_role(auth.uid(), 'rv_boat_lot'::public.app_role))
  AND owner_id IN (
    SELECT o.id
    FROM public.owners o
    WHERE o.user_id = auth.uid()
  )
  AND status = ANY (ARRAY['pending'::text, 'draft'::text])
);

DROP POLICY IF EXISTS "Homeowners can view own ARC applications" ON public.arc_applications;
CREATE POLICY "Homeowners and RV Boat Lot can view own ARC applications"
ON public.arc_applications
FOR SELECT
TO authenticated
USING (
  (public.has_role(auth.uid(), 'homeowner'::public.app_role) OR public.has_role(auth.uid(), 'rv_boat_lot'::public.app_role))
  AND owner_id IN (
    SELECT o.id
    FROM public.owners o
    WHERE o.user_id = auth.uid()
  )
);

DROP POLICY IF EXISTS "Homeowners can view shared association documents" ON public.documents;
CREATE POLICY "Homeowners and RV Boat Lot can view shared association documents"
ON public.documents
FOR SELECT
TO authenticated
USING (
  (public.has_role(auth.uid(), 'homeowner'::public.app_role) OR public.has_role(auth.uid(), 'rv_boat_lot'::public.app_role))
  AND association_id IN (
    SELECT o.association_id
    FROM public.owners o
    WHERE o.user_id = auth.uid()
  )
  AND (is_public = true OR visibility @> ARRAY['homeowner'::text] OR visibility @> ARRAY['public'::text])
);

DROP POLICY IF EXISTS "Users can view files shared with their role or association" ON public.shared_drive_files;
CREATE POLICY "Users can view files shared with their role or association"
ON public.shared_drive_files
FOR SELECT
TO authenticated
USING (
  public.has_role(auth.uid(), 'admin'::public.app_role)
  OR public.has_role(auth.uid(), 'manager'::public.app_role)
  OR (
    'board_member'::text = ANY (visibility)
    AND EXISTS (
      SELECT 1 FROM public.board_members bm
      WHERE bm.user_id = auth.uid()
        AND bm.association_id = ANY (shared_drive_files.association_ids)
    )
  )
  OR (
    ('homeowner'::text = ANY (visibility) OR 'rv_boat_lot'::text = ANY (visibility))
    AND EXISTS (
      SELECT 1 FROM public.owners o
      WHERE o.user_id = auth.uid()
        AND o.association_id = ANY (shared_drive_files.association_ids)
    )
  )
);