admin/acmcc
1
0
Fork 0
mirror of https://github.com/renee-png/acmcc.git synced 2026-06-21 09:50:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c8cb583ec9e45a3463f38949b07e343d5aba23ac
acmcc/supabase/migrations/20260427032542_c1985c30-6a33-45f6-b57d-caa1ffe95425.sql
T
admin 183fe0a93c Add ACMCC app source, Supabase backend, and project config 
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-01 20:19:26 -04:00

88 lines
2.2 KiB
SQL
Raw Blame History

-- Board members: insert documents for their assigned associations
CREATE POLICY "Board members can insert association documents"
ON public.documents
FOR INSERT
TO authenticated
WITH CHECK (
association_id IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
);
-- Board members: update documents for their assigned associations
CREATE POLICY "Board members can update association documents"
ON public.documents
FOR UPDATE
TO authenticated
USING (
association_id IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
)
WITH CHECK (
association_id IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
);
-- Board members: delete documents for their assigned associations
CREATE POLICY "Board members can delete association documents"
ON public.documents
FOR DELETE
TO authenticated
USING (
association_id IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
);
-- Storage: allow board members to upload to the files bucket under their association folder
-- Path convention used by the app: "<association_id>/<folder>/<filename>"
CREATE POLICY "Board members can upload association files"
ON storage.objects
FOR INSERT
TO authenticated
WITH CHECK (
bucket_id = 'files'
AND (
(storage.foldername(name))[1]::uuid IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
)
);
CREATE POLICY "Board members can update association files"
ON storage.objects
FOR UPDATE
TO authenticated
USING (
bucket_id = 'files'
AND (
(storage.foldername(name))[1]::uuid IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
)
)
WITH CHECK (
bucket_id = 'files'
AND (
(storage.foldername(name))[1]::uuid IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
)
);
CREATE POLICY "Board members can delete association files"
ON storage.objects
FOR DELETE
TO authenticated
USING (
bucket_id = 'files'
AND (
(storage.foldername(name))[1]::uuid IN (
SELECT bm.association_id FROM public.board_members bm WHERE bm.user_id = auth.uid()
)
)
);
Reference in New Issue View Git Blame Copy Permalink