mirror of
https://github.com/renee-png/acmcc.git
synced 2026-06-21 09:50:01 +00:00
46 lines
1.6 KiB
SQL
46 lines
1.6 KiB
SQL
|
|
-- Table to store shared links for folders and documents
|
|
CREATE TABLE public.shared_links (
|
|
id UUID NOT NULL DEFAULT gen_random_uuid() PRIMARY KEY,
|
|
share_type TEXT NOT NULL DEFAULT 'folder', -- 'folder' or 'document'
|
|
folder_name TEXT, -- for folder shares
|
|
document_id UUID REFERENCES public.documents(id) ON DELETE CASCADE, -- for document shares
|
|
is_public BOOLEAN NOT NULL DEFAULT false,
|
|
access_code TEXT NOT NULL,
|
|
share_token TEXT NOT NULL UNIQUE DEFAULT encode(gen_random_bytes(16), 'hex'),
|
|
created_by UUID REFERENCES auth.users(id) ON DELETE SET NULL,
|
|
created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(),
|
|
updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(),
|
|
expires_at TIMESTAMP WITH TIME ZONE -- optional expiry
|
|
);
|
|
|
|
ALTER TABLE public.shared_links ENABLE ROW LEVEL SECURITY;
|
|
|
|
-- Staff can manage shared links
|
|
CREATE POLICY "Staff full access on shared_links"
|
|
ON public.shared_links
|
|
FOR ALL
|
|
TO authenticated
|
|
USING (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role))
|
|
WITH CHECK (has_role(auth.uid(), 'admin'::app_role) OR has_role(auth.uid(), 'manager'::app_role));
|
|
|
|
-- Public read for validating access codes (anon users need this)
|
|
CREATE POLICY "Anyone can validate shared links"
|
|
ON public.shared_links
|
|
FOR SELECT
|
|
TO anon
|
|
USING (is_public = true);
|
|
|
|
-- Also allow authenticated users to read
|
|
CREATE POLICY "Authenticated can read shared links"
|
|
ON public.shared_links
|
|
FOR SELECT
|
|
TO authenticated
|
|
USING (true);
|
|
|
|
-- Trigger for updated_at
|
|
CREATE TRIGGER update_shared_links_updated_at
|
|
BEFORE UPDATE ON public.shared_links
|
|
FOR EACH ROW
|
|
EXECUTE FUNCTION public.update_updated_at_column();
|