mirror of
https://github.com/renee-png/acmcc.git
synced 2026-06-21 01:40:01 +00:00
admin
a866160482
Lets management post internal status updates that don't appear in the board portal. Adds status_updates.hidden_from_board and re-creates the association-scoped RLS SELECT policy so board members can't read hidden rows (staff still see all). Dialog gains a "Hide from board" toggle, the board view filters hidden updates, and management cards show a badge. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
20 lines
1.0 KiB
SQL
20 lines
1.0 KiB
SQL
-- Allow management to post status updates that are hidden from the board portal.
|
|
alter table public.status_updates
|
|
add column if not exists hidden_from_board boolean not null default false;
|
|
|
|
-- Board members can only read status_updates via association membership. Re-create
|
|
-- that SELECT policy so association-only readers (board members) do NOT see updates
|
|
-- flagged hidden_from_board. Staff roles (admin/manager/employee) and admins still
|
|
-- see everything (the separate "Admins can view all status_updates" policy is unchanged).
|
|
drop policy if exists "Authenticated users can read status updates for their associati" on public.status_updates;
|
|
create policy "Authenticated users can read status updates for their associati"
|
|
on public.status_updates
|
|
for select
|
|
to authenticated
|
|
using (
|
|
((association_id in (select get_user_association_ids())) and hidden_from_board = false)
|
|
or has_role(auth.uid(), 'admin'::app_role)
|
|
or has_role(auth.uid(), 'manager'::app_role)
|
|
or has_role(auth.uid(), 'employee'::app_role)
|
|
);
|