-- Create public bucket for embedded announcement images
INSERT INTO storage.buckets (id, name, public)
VALUES ('announcement-images', 'announcement-images', true)
ON CONFLICT (id) DO NOTHING;

-- Public read for embedded images
CREATE POLICY "Announcement images publicly readable"
ON storage.objects FOR SELECT
USING (bucket_id = 'announcement-images');

-- Authenticated users can upload announcement images
CREATE POLICY "Authenticated can upload announcement images"
ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (bucket_id = 'announcement-images');

-- Authenticated users can update/delete announcement images
CREATE POLICY "Authenticated can update announcement images"
ON storage.objects FOR UPDATE
TO authenticated
USING (bucket_id = 'announcement-images');

CREATE POLICY "Authenticated can delete announcement images"
ON storage.objects FOR DELETE
TO authenticated
USING (bucket_id = 'announcement-images');