monacousa-portal/supabase/migrations/005_fix_avatars_storage_pol...

-- Monaco USA Portal 2026
-- Migration 005: Fix Avatars Storage Policy
-- ================================================
-- This fixes the RLS policy for avatars bucket to allow authenticated users to upload

-- Drop existing restrictive policies
DROP POLICY IF EXISTS "avatars_insert_policy" ON storage.objects;
DROP POLICY IF EXISTS "avatars_update_policy" ON storage.objects;
DROP POLICY IF EXISTS "avatars_delete_policy" ON storage.objects;

-- Create new permissive policy for authenticated users
-- Avatars bucket is public for reading, so we just need to ensure authenticated users can upload
CREATE POLICY "avatars_insert_policy" ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (bucket_id = 'avatars');

CREATE POLICY "avatars_update_policy" ON storage.objects FOR UPDATE
TO authenticated
USING (bucket_id = 'avatars');

CREATE POLICY "avatars_delete_policy" ON storage.objects FOR DELETE
TO authenticated
USING (bucket_id = 'avatars');

-- Ensure the avatars bucket exists and is public
INSERT INTO storage.buckets (id, name, public, file_size_limit, allowed_mime_types)
VALUES (
  'avatars',
  'avatars',
  true,
  5242880, -- 5MB
  ARRAY['image/jpeg', 'image/png', 'image/webp', 'image/gif']
)
ON CONFLICT (id) DO UPDATE SET
  public = true,
  file_size_limit = EXCLUDED.file_size_limit,
  allowed_mime_types = EXCLUDED.allowed_mime_types;
Initial production deployment setup - Production docker-compose with nginx support - Nginx configuration for portal.monacousa.org - Deployment script with backup/restore - Gitea CI/CD workflow - Fix CountryFlag reactivity for dropdown flags Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-25 02:19:49 +01:00			`-- Monaco USA Portal 2026`
			`-- Migration 005: Fix Avatars Storage Policy`
			`-- ================================================`
			`-- This fixes the RLS policy for avatars bucket to allow authenticated users to upload`

			`-- Drop existing restrictive policies`
			`DROP POLICY IF EXISTS "avatars_insert_policy" ON storage.objects;`
			`DROP POLICY IF EXISTS "avatars_update_policy" ON storage.objects;`
			`DROP POLICY IF EXISTS "avatars_delete_policy" ON storage.objects;`

			`-- Create new permissive policy for authenticated users`
			`-- Avatars bucket is public for reading, so we just need to ensure authenticated users can upload`
			`CREATE POLICY "avatars_insert_policy" ON storage.objects FOR INSERT`
			`TO authenticated`
			`WITH CHECK (bucket_id = 'avatars');`

			`CREATE POLICY "avatars_update_policy" ON storage.objects FOR UPDATE`
			`TO authenticated`
			`USING (bucket_id = 'avatars');`

			`CREATE POLICY "avatars_delete_policy" ON storage.objects FOR DELETE`
			`TO authenticated`
			`USING (bucket_id = 'avatars');`

			`-- Ensure the avatars bucket exists and is public`
			`INSERT INTO storage.buckets (id, name, public, file_size_limit, allowed_mime_types)`
			`VALUES (`
			`'avatars',`
			`'avatars',`
			`true,`
			`5242880, -- 5MB`
			`ARRAY['image/jpeg', 'image/png', 'image/webp', 'image/gif']`
			`)`
			`ON CONFLICT (id) DO UPDATE SET`
			`public = true,`
			`file_size_limit = EXCLUDED.file_size_limit,`
			`allowed_mime_types = EXCLUDED.allowed_mime_types;`