80 lines
3.3 KiB
SQL
80 lines
3.3 KiB
SQL
-- ============================================
|
|
-- STORAGE SERVICE ROLE POLICIES
|
|
-- Allow service_role to perform all operations on avatars bucket
|
|
-- This fixes RLS issues when using supabaseAdmin for storage operations
|
|
-- ============================================
|
|
|
|
-- First, drop any existing service role policies (in case they exist with different names)
|
|
DROP POLICY IF EXISTS "Service role can insert avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "Service role can update avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "Service role can delete avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "Service role can read avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_insert_avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_update_avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_delete_avatars" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_select_avatars" ON storage.objects;
|
|
|
|
-- Service role INSERT policy for avatars
|
|
CREATE POLICY "service_role_insert_avatars" ON storage.objects
|
|
FOR INSERT TO service_role
|
|
WITH CHECK (bucket_id = 'avatars');
|
|
|
|
-- Service role UPDATE policy for avatars
|
|
CREATE POLICY "service_role_update_avatars" ON storage.objects
|
|
FOR UPDATE TO service_role
|
|
USING (bucket_id = 'avatars');
|
|
|
|
-- Service role DELETE policy for avatars
|
|
CREATE POLICY "service_role_delete_avatars" ON storage.objects
|
|
FOR DELETE TO service_role
|
|
USING (bucket_id = 'avatars');
|
|
|
|
-- Service role SELECT policy for avatars
|
|
CREATE POLICY "service_role_select_avatars" ON storage.objects
|
|
FOR SELECT TO service_role
|
|
USING (bucket_id = 'avatars');
|
|
|
|
-- Also add service_role policies for documents bucket
|
|
DROP POLICY IF EXISTS "service_role_insert_documents" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_update_documents" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_delete_documents" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_select_documents" ON storage.objects;
|
|
|
|
CREATE POLICY "service_role_insert_documents" ON storage.objects
|
|
FOR INSERT TO service_role
|
|
WITH CHECK (bucket_id = 'documents');
|
|
|
|
CREATE POLICY "service_role_update_documents" ON storage.objects
|
|
FOR UPDATE TO service_role
|
|
USING (bucket_id = 'documents');
|
|
|
|
CREATE POLICY "service_role_delete_documents" ON storage.objects
|
|
FOR DELETE TO service_role
|
|
USING (bucket_id = 'documents');
|
|
|
|
CREATE POLICY "service_role_select_documents" ON storage.objects
|
|
FOR SELECT TO service_role
|
|
USING (bucket_id = 'documents');
|
|
|
|
-- Also add service_role policies for event-images bucket
|
|
DROP POLICY IF EXISTS "service_role_insert_event_images" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_update_event_images" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_delete_event_images" ON storage.objects;
|
|
DROP POLICY IF EXISTS "service_role_select_event_images" ON storage.objects;
|
|
|
|
CREATE POLICY "service_role_insert_event_images" ON storage.objects
|
|
FOR INSERT TO service_role
|
|
WITH CHECK (bucket_id = 'event-images');
|
|
|
|
CREATE POLICY "service_role_update_event_images" ON storage.objects
|
|
FOR UPDATE TO service_role
|
|
USING (bucket_id = 'event-images');
|
|
|
|
CREATE POLICY "service_role_delete_event_images" ON storage.objects
|
|
FOR DELETE TO service_role
|
|
USING (bucket_id = 'event-images');
|
|
|
|
CREATE POLICY "service_role_select_event_images" ON storage.objects
|
|
FOR SELECT TO service_role
|
|
USING (bucket_id = 'event-images');
|