25 lines
1.1 KiB
SQL
25 lines
1.1 KiB
SQL
-- ───────────────────────────────────────────────────────────
|
|
-- Profiles: Enable RLS and allow users to update their own profile
|
|
-- ───────────────────────────────────────────────────────────
|
|
|
|
-- Enable RLS if not already enabled
|
|
ALTER TABLE profiles ENABLE ROW LEVEL SECURITY;
|
|
|
|
-- Remove recursive admin policy (caused infinite recursion in earlier revision)
|
|
DROP POLICY IF EXISTS "Admins can view all profiles" ON profiles;
|
|
|
|
-- Drop existing policy if it exists
|
|
DROP POLICY IF EXISTS "Users can update own profile" ON profiles;
|
|
|
|
-- Allow users to update their own profile
|
|
CREATE POLICY "Users can update own profile"
|
|
ON profiles FOR UPDATE
|
|
USING (auth.uid() = id)
|
|
WITH CHECK (auth.uid() = id);
|
|
|
|
-- Also ensure users can select their own profile
|
|
DROP POLICY IF EXISTS "Users can view own profile" ON profiles;
|
|
CREATE POLICY "Users can view own profile"
|
|
ON profiles FOR SELECT
|
|
USING (auth.uid() = id);
|