From 5572b5f440e7c0f20bb7cf3634bf490734851e87 Mon Sep 17 00:00:00 2001
From: degradin <maks.demin2002@mail.ru>
Date: Wed, 7 May 2025 15:19:46 +0300
Subject: [PATCH] Create 20250705135500_update_schema.sql
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Миграция политик
---
 .../20250705135500_update_schema.sql          | 65 +++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 supabase/migrations/20250705135500_update_schema.sql

diff --git a/supabase/migrations/20250705135500_update_schema.sql b/supabase/migrations/20250705135500_update_schema.sql
new file mode 100644
index 0000000..830eaf2
--- /dev/null
+++ b/supabase/migrations/20250705135500_update_schema.sql
@@ -0,0 +1,65 @@
+-- Включаем RLS для всех таблиц
+ALTER TABLE users ENABLE ROW LEVEL SECURITY;
+ALTER TABLE media ENABLE ROW LEVEL SECURITY;
+ALTER TABLE reviews ENABLE ROW LEVEL SECURITY;
+
+-- Политики для таблицы users
+CREATE POLICY "Users can view own profile"
+  ON users FOR SELECT
+  USING (auth.uid() = id);
+
+CREATE POLICY "Users can update own profile"
+  ON users FOR UPDATE
+  USING (auth.uid() = id);
+
+-- Политики для таблицы media
+CREATE POLICY "Anyone can view media"
+  ON media FOR SELECT
+  USING (true);
+
+CREATE POLICY "Admins can insert media"
+  ON media FOR INSERT
+  WITH CHECK (
+    EXISTS (
+      SELECT 1 FROM users
+      WHERE users.id = auth.uid()
+      AND users.role = 'admin'
+    )
+  );
+
+CREATE POLICY "Admins can update media"
+  ON media FOR UPDATE
+  USING (
+    EXISTS (
+      SELECT 1 FROM users
+      WHERE users.id = auth.uid()
+      AND users.role = 'admin'
+    )
+  );
+
+CREATE POLICY "Admins can delete media"
+  ON media FOR DELETE
+  USING (
+    EXISTS (
+      SELECT 1 FROM users
+      WHERE users.id = auth.uid()
+      AND users.role = 'admin'
+    )
+  );
+
+-- Политики для таблицы reviews
+CREATE POLICY "Anyone can view reviews"
+  ON reviews FOR SELECT
+  USING (true);
+
+CREATE POLICY "Authenticated users can insert reviews"
+  ON reviews FOR INSERT
+  WITH CHECK (auth.uid() IS NOT NULL);
+
+CREATE POLICY "Users can update own reviews"
+  ON reviews FOR UPDATE
+  USING (auth.uid() = user_id);
+
+CREATE POLICY "Users can delete own reviews"
+  ON reviews FOR DELETE
+  USING (auth.uid() = user_id); 
\ No newline at end of file