Upload 20 files

migrations/20250523100814_raspy_torch.sql

@@ -0,0 +1,43 @@
+/*
+  # Create codette_files table for file management
+
+  1. New Tables
+    - `codette_files`
+      - `id` (uuid, primary key)
+      - `filename` (text)
+      - `storage_path` (text)
+      - `file_type` (text)
+      - `uploaded_at` (timestamptz)
+      - `created_at` (timestamptz)
+
+  2. Security
+    - Enable RLS on `codette_files` table
+    - Add policies for:
+      - Authenticated users can read all files
+      - Authenticated users can insert their own files
+*/
+
+CREATE TABLE IF NOT EXISTS public.codette_files (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  filename text NOT NULL,
+  storage_path text NOT NULL,
+  file_type text,
+  uploaded_at timestamptz DEFAULT now(),
+  created_at timestamptz DEFAULT now()
+);
+
+-- Enable Row Level Security
+ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+
+-- Create policies
+CREATE POLICY "Allow authenticated users to read files"
+  ON public.codette_files
+  FOR SELECT
+  TO authenticated
+  USING (true);
+
+CREATE POLICY "Allow authenticated users to insert files"
+  ON public.codette_files
+  FOR INSERT
+  TO authenticated
+  WITH CHECK (true);

migrations/20250523120906_wild_torch.sql

@@ -0,0 +1,36 @@
+/*
+  # Create storage bucket for Codette files
+
+  1. New Storage Bucket
+    - Creates 'codette-files' bucket for storing uploaded files
+  2. Security
+    - Enable public access for authenticated users
+    - Add policies for read and write operations
+*/
+
+-- Create the storage bucket
+INSERT INTO storage.buckets (id, name)
+VALUES ('codette-files', 'codette-files')
+ON CONFLICT (id) DO NOTHING;
+
+-- Set up RLS policies for the bucket
+CREATE POLICY "Allow authenticated users to read files"
+ON storage.objects FOR SELECT
+TO authenticated
+USING (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow authenticated users to upload files"
+ON storage.objects FOR INSERT
+TO authenticated
+WITH CHECK (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow authenticated users to update files"
+ON storage.objects FOR UPDATE
+TO authenticated
+USING (bucket_id = 'codette-files')
+WITH CHECK (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow authenticated users to delete files"
+ON storage.objects FOR DELETE
+TO authenticated
+USING (bucket_id = 'codette-files');

migrations/20250523121149_rough_jungle.sql

@@ -0,0 +1,66 @@
+/*
+  # Create storage bucket and policies
+
+  1. Changes
+    - Create codette-files storage bucket if it doesn't exist
+    - Add RLS policies for authenticated users to:
+      - Read files
+      - Upload files
+      - Update files
+      - Delete files
+    - Add safety checks to prevent policy conflicts
+*/
+
+-- Create the storage bucket
+INSERT INTO storage.buckets (id, name)
+VALUES ('codette-files', 'codette-files')
+ON CONFLICT (id) DO NOTHING;
+
+-- Set up RLS policies for the bucket with existence checks
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'objects' 
+        AND policyname = 'Allow authenticated users to read files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON storage.objects FOR SELECT
+        TO authenticated
+        USING (bucket_id = 'codette-files');
+    END IF;
+
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'objects' 
+        AND policyname = 'Allow authenticated users to upload files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to upload files"
+        ON storage.objects FOR INSERT
+        TO authenticated
+        WITH CHECK (bucket_id = 'codette-files');
+    END IF;
+
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'objects' 
+        AND policyname = 'Allow authenticated users to update files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to update files"
+        ON storage.objects FOR UPDATE
+        TO authenticated
+        USING (bucket_id = 'codette-files')
+        WITH CHECK (bucket_id = 'codette-files');
+    END IF;
+
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'objects' 
+        AND policyname = 'Allow authenticated users to delete files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to delete files"
+        ON storage.objects FOR DELETE
+        TO authenticated
+        USING (bucket_id = 'codette-files');
+    END IF;
+END $$;

migrations/20250523125621_rapid_flower.sql

@@ -0,0 +1,61 @@
+/*
+  # Update storage policies with existence checks
+  
+  1. Changes
+    - Add existence checks before creating each policy
+    - Only create policies that don't already exist
+    - Maintain all required policies for the storage bucket
+  
+  2. Security
+    - Maintain existing RLS policies
+    - Ensure proper access control for authenticated users
+    - Preserve admin-only upload restrictions
+*/
+
+-- Wrap everything in a transaction
+BEGIN;
+
+-- Create policies with existence checks
+DO $$
+BEGIN
+    -- Check and create read policy
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'objects' 
+        AND schemaname = 'storage'
+        AND policyname = 'Allow authenticated users to read files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON storage.objects FOR SELECT
+        TO authenticated
+        USING (bucket_id = 'codette-files');
+    END IF;
+
+    -- Check and create upload policy for admin users
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'objects' 
+        AND schemaname = 'storage'
+        AND policyname = 'Allow admin users to upload files'
+    ) THEN
+        CREATE POLICY "Allow admin users to upload files"
+        ON storage.objects FOR INSERT
+        TO authenticated
+        WITH CHECK (bucket_id = 'codette-files' AND auth.jwt() ->> 'role' = 'admin');
+    END IF;
+
+    -- Check and create policy for admin file insertion
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'codette_files' 
+        AND schemaname = 'public'
+        AND policyname = 'Allow admin users to insert files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+    END IF;
+END $$;
+
+COMMIT;

migrations/20250523141836_heavy_butterfly.sql

@@ -0,0 +1,71 @@
+/*
+  # Storage and RLS Policy Setup
+
+  1. Changes
+    - Create storage bucket policies for file access
+    - Create table policies for file management
+    - Enable RLS on codette_files table
+  
+  2. Security
+    - Authenticated users can read files
+    - Admin users can upload files
+    - RLS enabled on codette_files table
+*/
+
+-- Create storage bucket if it doesn't exist
+DO $$
+BEGIN
+    INSERT INTO storage.buckets (id, name)
+    VALUES ('codette-files', 'codette-files')
+    ON CONFLICT (id) DO NOTHING;
+END $$;
+
+-- Storage Policies
+DO $$
+BEGIN
+    -- Drop existing policies to avoid conflicts
+    DROP POLICY IF EXISTS "Allow authenticated users to read files" ON storage.objects;
+    DROP POLICY IF EXISTS "Allow admin users to upload files" ON storage.objects;
+    
+    -- Create new storage policies
+    CREATE POLICY "Allow authenticated users to read files"
+    ON storage.objects FOR SELECT
+    TO authenticated
+    USING (bucket_id = 'codette-files');
+
+    CREATE POLICY "Allow admin users to upload files"
+    ON storage.objects FOR INSERT
+    TO authenticated
+    WITH CHECK (
+        bucket_id = 'codette-files' 
+        AND (auth.jwt() ->> 'role' = 'admin')
+    );
+END $$;
+
+-- File Management Table Policies
+DO $$
+BEGIN
+    -- Drop existing policies to avoid conflicts
+    DROP POLICY IF EXISTS "Allow authenticated users to read files" ON public.codette_files;
+    DROP POLICY IF EXISTS "Allow admin users to insert files" ON public.codette_files;
+    DROP POLICY IF EXISTS "Allow authenticated users to insert files" ON public.codette_files;
+    
+    -- Create new table policies
+    CREATE POLICY "Allow authenticated users to read files"
+    ON public.codette_files FOR SELECT
+    TO authenticated
+    USING (true);
+
+    CREATE POLICY "Allow admin users to insert files"
+    ON public.codette_files FOR INSERT
+    TO authenticated
+    WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+
+    CREATE POLICY "Allow authenticated users to insert files"
+    ON public.codette_files FOR INSERT
+    TO authenticated
+    WITH CHECK (true);
+END $$;
+
+-- Enable RLS
+ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;

migrations/20250523175402_white_torch.sql

@@ -0,0 +1,81 @@
+/*
+  # Storage and File Access Policies
+
+  1. New Policies
+    - Enable RLS on codette_files table
+    - Create policies for file access and management
+  
+  2. Security
+    - Allow authenticated users to read files
+    - Allow admin users to upload files
+    - Allow authenticated users to insert file records
+*/
+
+-- Enable RLS on the codette_files table if not already enabled
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_tables 
+        WHERE tablename = 'codette_files' 
+        AND rowsecurity = true
+    ) THEN
+        ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+    END IF;
+END $$;
+
+-- Create storage bucket if it doesn't exist
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM storage.buckets WHERE name = 'codette-files'
+    ) THEN
+        INSERT INTO storage.buckets (id, name)
+        VALUES ('codette-files', 'codette-files');
+    END IF;
+END $$;
+
+-- Create policies for the codette_files table
+DO $$
+BEGIN
+    -- Check if the read policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to read files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON public.codette_files FOR SELECT
+        TO authenticated
+        USING (true);
+    END IF;
+
+    -- Check if the admin insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow admin users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+    END IF;
+
+    -- Check if the authenticated insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (true);
+    END IF;
+END $$;
+
+-- Note: Storage policies for the storage.objects table need to be created through the Supabase dashboard
+-- or using the Supabase CLI, as they require special permissions that aren't available in migrations.
+-- Please create the following policies manually:
+-- 1. "Allow authenticated users to read files" - For SELECT operations on storage.objects where bucket_id = 'codette-files'
+-- 2. "Allow admin users to upload files" - For INSERT operations on storage.objects where bucket_id = 'codette-files' AND auth.jwt() ->> 'role' = 'admin'

migrations/20250523182801_long_field.sql

@@ -0,0 +1,82 @@
+/*
+  # Storage and File Management Policies
+
+  1. New Tables
+    - No new tables created
+  2. Security
+    - Enable RLS on codette_files table
+    - Add policies for authenticated users to read files
+    - Add policies for authenticated users to insert files
+    - Add special policy for admin users to insert files
+  3. Changes
+    - Ensures storage bucket exists for file storage
+*/
+
+-- Enable RLS on the codette_files table if not already enabled
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_tables 
+        WHERE tablename = 'codette_files' 
+        AND rowsecurity = true
+    ) THEN
+        ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+    END IF;
+END $$;
+
+-- Create storage bucket if it doesn't exist
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM storage.buckets WHERE name = 'codette-files'
+    ) THEN
+        INSERT INTO storage.buckets (id, name)
+        VALUES ('codette-files', 'codette-files');
+    END IF;
+END $$;
+
+-- Create policies for the codette_files table
+DO $$
+BEGIN
+    -- Check if the read policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to read files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON public.codette_files FOR SELECT
+        TO authenticated
+        USING (true);
+    END IF;
+
+    -- Check if the admin insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow admin users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+    END IF;
+
+    -- Check if the authenticated insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (true);
+    END IF;
+END $$;
+
+-- Note: Storage policies for the storage.objects table need to be created through the Supabase dashboard
+-- or using the Supabase CLI, as they require special permissions that aren't available in migrations.
+-- Please create the following policies manually:
+-- 1. "Allow authenticated users to read files" - For SELECT operations on storage.objects where bucket_id = 'codette-files'
+-- 2. "Allow admin users to upload files" - For INSERT operations on storage.objects where bucket_id = 'codette-files' AND auth.jwt() ->> 'role' = 'admin'

migrations/20250523183206_odd_moon.sql

@@ -0,0 +1,86 @@
+/*
+  # Storage and File Management Setup
+
+  1. New Storage
+    - Create 'codette-files' storage bucket if it doesn't exist
+  
+  2. Security
+    - Enable Row Level Security on codette_files table
+    - Create policies for authenticated users to read files
+    - Create policies for authenticated users to insert files
+    - Create special policy for admin users to insert files
+*/
+
+-- Enable RLS on the codette_files table if not already enabled
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_tables 
+        WHERE tablename = 'codette_files' 
+        AND rowsecurity = true
+    ) THEN
+        ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+    END IF;
+END $$;
+
+-- Create storage bucket if it doesn't exist
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM storage.buckets WHERE name = 'codette-files'
+    ) THEN
+        INSERT INTO storage.buckets (id, name)
+        VALUES ('codette-files', 'codette-files');
+    END IF;
+END $$;
+
+-- Create policies for the codette_files table
+DO $$
+BEGIN
+    -- Check if the read policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to read files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON public.codette_files FOR SELECT
+        TO authenticated
+        USING (true);
+    END IF;
+
+    -- Check if the admin insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow admin users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK ((auth.jwt() ->> 'role')::text = 'admin');
+    END IF;
+
+    -- Check if the authenticated insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (true);
+    END IF;
+END $$;
+
+-- Note: For storage.objects policies, you'll need to create them through the Supabase dashboard
+-- as migrations don't have sufficient permissions to create these policies directly.
+-- Create these policies manually:
+-- 1. Policy name: "Allow authenticated users to read files"
+--    - For: SELECT operations
+--    - Using expression: bucket_id = 'codette-files'
+--
+-- 2. Policy name: "Allow admin users to upload files"
+--    - For: INSERT operations
+--    - Using expression: bucket_id = 'codette-files' AND (auth.jwt() ->> 'role')::text = 'admin'

migrations/20250523213744_long_sun.sql

@@ -0,0 +1,90 @@
+/*
+  # Storage and File Management Setup
+
+  1. New Storage Configuration
+    - Creates 'codette-files' storage bucket if it doesn't exist
+    - Sets up proper file management structure
+
+  2. Table Policies
+    - Enables RLS on codette_files table
+    - Creates read policy for authenticated users
+    - Creates insert policies for both admin and authenticated users
+    - Ensures proper access control and security
+
+  Note: Storage object policies must be created manually through Supabase dashboard
+*/
+
+-- Enable RLS on the codette_files table if not already enabled
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_tables 
+        WHERE tablename = 'codette_files' 
+        AND rowsecurity = true
+    ) THEN
+        ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+    END IF;
+END $$;
+
+-- Create storage bucket if it doesn't exist
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM storage.buckets WHERE name = 'codette-files'
+    ) THEN
+        INSERT INTO storage.buckets (id, name, public)
+        VALUES ('codette-files', 'codette-files', false);
+    END IF;
+END $$;
+
+-- Create policies for the codette_files table
+DO $$
+BEGIN
+    -- Create read policy if it doesn't exist
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to read files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON public.codette_files FOR SELECT
+        TO authenticated
+        USING (true);
+    END IF;
+
+    -- Create admin insert policy if it doesn't exist
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow admin users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK ((auth.jwt() ->> 'role')::text = 'admin');
+    END IF;
+
+    -- Create authenticated insert policy if it doesn't exist
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (true);
+    END IF;
+END $$;
+
+-- Important: Storage object policies must be created manually through the Supabase dashboard
+-- Create the following policies:
+-- 1. "Allow authenticated users to read files"
+--    - Operation: SELECT
+--    - Target roles: authenticated
+--    - Using expression: bucket_id = 'codette-files'
+--
+-- 2. "Allow admin users to upload files"
+--    - Operation: INSERT
+--    - Target roles: authenticated
+--    - Using expression: bucket_id = 'codette-files' AND (auth.jwt() ->> 'role')::text = 'admin'

migrations/20250523222316_square_gate.sql

@@ -0,0 +1,44 @@
+/*
+  # Fix RLS policies for codette_files table
+
+  1. Changes
+    - Drop existing RLS policies that might be conflicting
+    - Add new RLS policies for admin users
+      - Allow admin users to insert files
+      - Allow admin users to read files
+      - Allow admin users to update files
+      - Allow admin users to delete files
+    - Add RLS policies for regular authenticated users
+      - Allow reading files only
+
+  2. Security
+    - Ensures only admin users can upload/modify files
+    - All authenticated users can read files
+    - Proper RLS enforcement for file management
+*/
+
+-- Drop existing policies to avoid conflicts
+DROP POLICY IF EXISTS "Allow admin users to insert files" ON codette_files;
+DROP POLICY IF EXISTS "Allow authenticated users to insert files" ON codette_files;
+DROP POLICY IF EXISTS "Allow authenticated users to read files" ON codette_files;
+
+-- Create new policies with proper checks
+CREATE POLICY "Allow admin users to manage files"
+ON codette_files
+FOR ALL
+TO authenticated
+USING (
+  (auth.jwt() ->> 'role')::text = 'admin'
+)
+WITH CHECK (
+  (auth.jwt() ->> 'role')::text = 'admin'
+);
+
+CREATE POLICY "Allow authenticated users to read files"
+ON codette_files
+FOR SELECT
+TO authenticated
+USING (true);
+
+-- Enable RLS if not already enabled
+ALTER TABLE codette_files ENABLE ROW LEVEL SECURITY;

migrations/20250523222514_muddy_desert.sql

@@ -0,0 +1,47 @@
+/*
+  # Storage bucket and RLS policies
+
+  1. Changes
+    - Create storage bucket for Codette files
+    - Set up RLS policies for the bucket
+    
+  2. Security
+    - Enable RLS policies for storage bucket
+    - Allow authenticated users to read files
+    - Allow authenticated users to upload files
+    - Allow authenticated users to update files
+    - Allow authenticated users to delete files
+*/
+
+-- Create the storage bucket
+INSERT INTO storage.buckets (id, name)
+VALUES ('codette-files', 'codette-files')
+ON CONFLICT (id) DO NOTHING;
+
+-- Drop existing policies if they exist
+DROP POLICY IF EXISTS "Allow authenticated users to read files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow authenticated users to upload files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow authenticated users to update files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow authenticated users to delete files" ON storage.objects;
+
+-- Set up RLS policies for the bucket
+CREATE POLICY "Allow authenticated users to read files"
+ON storage.objects FOR SELECT
+TO authenticated
+USING (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow authenticated users to upload files"
+ON storage.objects FOR INSERT
+TO authenticated
+WITH CHECK (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow authenticated users to update files"
+ON storage.objects FOR UPDATE
+TO authenticated
+USING (bucket_id = 'codette-files')
+WITH CHECK (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow authenticated users to delete files"
+ON storage.objects FOR DELETE
+TO authenticated
+USING (bucket_id = 'codette-files');

migrations/20250523222518_bronze_dew.sql

@@ -0,0 +1,39 @@
+/*
+  # Update RLS policies for file management
+
+  1. Changes
+    - Update storage.objects policies
+    - Update codette_files table policies
+    
+  2. Security
+    - Allow authenticated users to read files
+    - Allow admin users to upload files
+    - Allow admin users to insert file records
+*/
+
+BEGIN;
+
+-- Drop existing policies if they exist
+DROP POLICY IF EXISTS "Allow authenticated users to read files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow admin users to upload files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow admin users to insert files" ON public.codette_files;
+
+-- Create policy to allow authenticated users to read any file
+CREATE POLICY "Allow authenticated users to read files"
+ON storage.objects FOR SELECT
+TO authenticated
+USING (bucket_id = 'codette-files');
+
+-- Create policy to allow only admin users to upload files
+CREATE POLICY "Allow admin users to upload files"
+ON storage.objects FOR INSERT
+TO authenticated
+WITH CHECK (bucket_id = 'codette-files' AND auth.jwt() ->> 'role' = 'admin');
+
+-- Update the codette_files table policies
+CREATE POLICY "Allow admin users to insert files"
+ON public.codette_files FOR INSERT
+TO authenticated
+WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+
+COMMIT;

migrations/20250523222523_orange_bread.sql

@@ -0,0 +1,53 @@
+/*
+  # Update RLS policies for file management
+
+  1. Changes
+    - Update storage.objects policies
+    - Update codette_files table policies
+    - Enable RLS on codette_files table
+    
+  2. Security
+    - Allow authenticated users to read files
+    - Allow admin users to upload files
+    - Allow authenticated users to insert files
+*/
+
+-- Drop existing policies if they exist
+DROP POLICY IF EXISTS "Allow authenticated users to read files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow admin users to upload files" ON storage.objects;
+DROP POLICY IF EXISTS "Allow authenticated users to read files" ON public.codette_files;
+DROP POLICY IF EXISTS "Allow admin users to insert files" ON public.codette_files;
+DROP POLICY IF EXISTS "Allow authenticated users to insert files" ON public.codette_files;
+
+-- Storage Policies
+CREATE POLICY "Allow authenticated users to read files"
+ON storage.objects FOR SELECT
+TO authenticated
+USING (bucket_id = 'codette-files');
+
+CREATE POLICY "Allow admin users to upload files"
+ON storage.objects FOR INSERT
+TO authenticated
+WITH CHECK (
+    bucket_id = 'codette-files' 
+    AND (auth.jwt() ->> 'role' = 'admin')
+);
+
+-- File Management Policies
+CREATE POLICY "Allow authenticated users to read files"
+ON public.codette_files FOR SELECT
+TO authenticated
+USING (true);
+
+CREATE POLICY "Allow admin users to insert files"
+ON public.codette_files FOR INSERT
+TO authenticated
+WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+
+CREATE POLICY "Allow authenticated users to insert files"
+ON public.codette_files FOR INSERT
+TO authenticated
+WITH CHECK (true);
+
+-- Enable RLS
+ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;

migrations/20250524062844_tender_thunder.sql

@@ -0,0 +1,62 @@
+/*
+  # Update codette_files table and policies
+
+  1. New Tables
+    - Ensures codette_files table exists with proper structure
+      - id (uuid, primary key)
+      - filename (text)
+      - storage_path (text)
+      - file_type (text, nullable)
+      - uploaded_at (timestamptz)
+      - created_at (timestamptz)
+
+  2. Security
+    - Enables RLS if not already enabled
+    - Adds admin-specific policies for file management
+*/
+
+-- Create table if it doesn't exist
+CREATE TABLE IF NOT EXISTS public.codette_files (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  filename text NOT NULL,
+  storage_path text NOT NULL,
+  file_type text,
+  uploaded_at timestamptz DEFAULT now(),
+  created_at timestamptz DEFAULT now()
+);
+
+-- Enable Row Level Security (idempotent operation)
+ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+
+-- Drop existing policies to avoid conflicts
+DROP POLICY IF EXISTS "Allow authenticated users to read files" ON public.codette_files;
+DROP POLICY IF EXISTS "Allow authenticated users to insert files" ON public.codette_files;
+DROP POLICY IF EXISTS "Allow admin users to manage files" ON public.codette_files;
+DROP POLICY IF EXISTS "Allow admin users to insert files" ON public.codette_files;
+
+-- Create new policies
+CREATE POLICY "Allow authenticated users to read files"
+  ON public.codette_files
+  FOR SELECT
+  TO authenticated
+  USING (true);
+
+CREATE POLICY "Allow authenticated users to insert files"
+  ON public.codette_files
+  FOR INSERT
+  TO authenticated
+  WITH CHECK (true);
+
+-- Add admin-specific policies
+CREATE POLICY "Allow admin users to manage files"
+  ON public.codette_files
+  FOR ALL
+  TO authenticated
+  USING ((auth.jwt() ->> 'role'::text) = 'admin'::text)
+  WITH CHECK ((auth.jwt() ->> 'role'::text) = 'admin'::text);
+
+CREATE POLICY "Allow admin users to insert files"
+  ON public.codette_files
+  FOR INSERT
+  TO authenticated
+  WITH CHECK ((auth.jwt() ->> 'role'::text) = 'admin'::text);

migrations/20250524213845_mellow_recipe.sql

@@ -0,0 +1,44 @@
+/*
+  # Add user roles table and admin role policy
+
+  1. New Tables
+    - `user_roles`
+      - `id` (uuid, primary key)
+      - `user_id` (uuid, references auth.users)
+      - `role` (text)
+      - `created_at` (timestamptz)
+
+  2. Security
+    - Enable RLS on `user_roles` table
+    - Add policies for admin role management
+*/
+
+-- Create user_roles table
+CREATE TABLE IF NOT EXISTS user_roles (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id uuid REFERENCES auth.users NOT NULL,
+  role text NOT NULL,
+  created_at timestamptz DEFAULT now()
+);
+
+-- Enable RLS
+ALTER TABLE user_roles ENABLE ROW LEVEL SECURITY;
+
+-- Policies for user_roles table
+CREATE POLICY "Users can read their own role"
+  ON user_roles
+  FOR SELECT
+  TO authenticated
+  USING (auth.uid() = user_id);
+
+CREATE POLICY "Only admins can manage roles"
+  ON user_roles
+  FOR ALL
+  TO authenticated
+  USING (
+    EXISTS (
+      SELECT 1 FROM user_roles
+      WHERE user_id = auth.uid()
+      AND role = 'admin'
+    )
+  );

migrations/20250524214450_green_poetry.sql

@@ -0,0 +1,81 @@
+/*
+  # Authentication and User Roles Setup
+
+  1. New Tables
+    - `user_roles`
+      - `id` (uuid, primary key)
+      - `user_id` (uuid, references auth.users)
+      - `role` (text)
+      - `created_at` (timestamp with time zone)
+
+  2. Security
+    - Enable RLS on `user_roles` table
+    - Add policies for authenticated users to read their own role
+    - Add policy for admin users to manage roles
+*/
+
+-- Create user_roles table
+CREATE TABLE IF NOT EXISTS public.user_roles (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id uuid REFERENCES auth.users NOT NULL,
+  role text NOT NULL,
+  created_at timestamptz DEFAULT now()
+);
+
+-- Enable RLS
+ALTER TABLE public.user_roles ENABLE ROW LEVEL SECURITY;
+
+-- Policies
+CREATE POLICY "Users can read own role"
+  ON public.user_roles
+  FOR SELECT
+  TO authenticated
+  USING (auth.uid() = user_id);
+
+CREATE POLICY "Admin users can manage roles"
+  ON public.user_roles
+  FOR ALL
+  TO authenticated
+  USING ((SELECT role FROM public.user_roles WHERE user_id = auth.uid()) = 'admin')
+  WITH CHECK ((SELECT role FROM public.user_roles WHERE user_id = auth.uid()) = 'admin');
+
+-- Create admin user if not exists
+DO $$ 
+BEGIN
+  IF NOT EXISTS (
+    SELECT 1 FROM auth.users WHERE email = '[email protected]'
+  ) THEN
+    INSERT INTO auth.users (
+      instance_id,
+      id,
+      aud,
+      role,
+      email,
+      encrypted_password,
+      email_confirmed_at,
+      created_at,
+      updated_at,
+      confirmation_token,
+      recovery_token
+    )
+    VALUES (
+      '00000000-0000-0000-0000-000000000000',
+      gen_random_uuid(),
+      'authenticated',
+      'authenticated',
+      '[email protected]',
+      crypt('admin123', gen_salt('bf')), -- Default password: admin123
+      now(),
+      now(),
+      now(),
+      encode(gen_random_bytes(32), 'hex'),
+      encode(gen_random_bytes(32), 'hex')
+    );
+
+    -- Add admin role
+    INSERT INTO public.user_roles (user_id, role)
+    SELECT id, 'admin'
+    FROM auth.users
+    WHERE email = '[email protected]';
+  END IF;
+END $$;

migrations/20250524214705_sunny_sunset.sql

@@ -0,0 +1,16 @@
+/*
+  # Storage bucket and policies setup
+
+  1. Changes
+    - Creates storage bucket for file storage
+    - Sets up RLS policies for authenticated users
+  
+  2. Security
+    - Enables secure file access for authenticated users
+    - Implements proper access control through RLS policies
+*/
+
+-- Create the storage bucket if it doesn't exist
+INSERT INTO storage.buckets (id, name)
+VALUES ('codette-files', 'codette-files')
+ON CONFLICT (id) DO NOTHING;

migrations/20250524214708_lively_cell.sql

@@ -0,0 +1,54 @@
+/*
+  # File management policies
+
+  1. Changes
+    - Creates policies for file management
+    - Sets up proper access control for authenticated users and admins
+  
+  2. Security
+    - Implements RLS policies for the codette_files table
+    - Ensures proper access control based on user roles
+*/
+
+-- Enable RLS on codette_files table
+ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+
+-- Create policies for the codette_files table
+DO $$
+BEGIN
+    -- Check if the read policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to read files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON public.codette_files FOR SELECT
+        TO authenticated
+        USING (true);
+    END IF;
+
+    -- Check if the admin insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow admin users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+    END IF;
+
+    -- Check if the authenticated insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (true);
+    END IF;
+END $$;

migrations/20250524214713_yellow_dawn.sql

@@ -0,0 +1,63 @@
+/*
+  # File management and storage setup
+
+  1. Changes
+    - Enables RLS on codette_files table
+    - Creates necessary policies for file management
+  
+  2. Security
+    - Implements proper access control through RLS
+    - Sets up role-based permissions
+*/
+
+-- Enable RLS on codette_files table if not already enabled
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_tables 
+        WHERE tablename = 'codette_files' 
+        AND rowsecurity = true
+    ) THEN
+        ALTER TABLE public.codette_files ENABLE ROW LEVEL SECURITY;
+    END IF;
+END $$;
+
+-- Create policies for the codette_files table
+DO $$
+BEGIN
+    -- Check if the read policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to read files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to read files"
+        ON public.codette_files FOR SELECT
+        TO authenticated
+        USING (true);
+    END IF;
+
+    -- Check if the admin insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow admin users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow admin users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (auth.jwt() ->> 'role' = 'admin');
+    END IF;
+
+    -- Check if the authenticated insert policy exists
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE policyname = 'Allow authenticated users to insert files'
+        AND tablename = 'codette_files'
+    ) THEN
+        CREATE POLICY "Allow authenticated users to insert files"
+        ON public.codette_files FOR INSERT
+        TO authenticated
+        WITH CHECK (true);
+    END IF;
+END $$;

migrations/20250524215300_flat_firefly.sql

@@ -0,0 +1,26 @@
+/*
+  # Add get_user_role function
+  
+  1. New Functions
+    - `get_user_role`: Returns the role of the authenticated user
+  
+  2. Security
+    - Function is only accessible to authenticated users
+    - Returns the user's role from user_roles table
+*/
+
+-- Create function to get user role
+CREATE OR REPLACE FUNCTION public.get_user_role()
+RETURNS TABLE (role text)
+LANGUAGE plpgsql
+SECURITY DEFINER
+SET search_path = public
+AS $$
+BEGIN
+  RETURN QUERY
+  SELECT ur.role
+  FROM public.user_roles ur
+  WHERE ur.user_id = auth.uid()
+  LIMIT 1;
+END;
+$$;