Files
webshop/shop/supabase/migrations/20260430230140_admin_crud_policies.sql

18 lines
1.4 KiB
SQL

-- Products: Admin CRUD
CREATE POLICY "Allow authenticated insert on products" ON public.products FOR INSERT WITH CHECK (auth.role() = 'authenticated');
CREATE POLICY "Allow authenticated update on products" ON public.products FOR UPDATE USING (auth.role() = 'authenticated');
CREATE POLICY "Allow authenticated delete on products" ON public.products FOR DELETE USING (auth.role() = 'authenticated');
-- Product Modules: Admin CRUD
CREATE POLICY "Allow authenticated insert on product_modules" ON public.product_modules FOR INSERT WITH CHECK (auth.role() = 'authenticated');
CREATE POLICY "Allow authenticated update on product_modules" ON public.product_modules FOR UPDATE USING (auth.role() = 'authenticated');
CREATE POLICY "Allow authenticated delete on product_modules" ON public.product_modules FOR DELETE USING (auth.role() = 'authenticated');
-- Categories: Admin CRUD
CREATE POLICY "Allow authenticated insert on categories" ON public.categories FOR INSERT WITH CHECK (auth.role() = 'authenticated');
CREATE POLICY "Allow authenticated update on categories" ON public.categories FOR UPDATE USING (auth.role() = 'authenticated');
CREATE POLICY "Allow authenticated delete on categories" ON public.categories FOR DELETE USING (auth.role() = 'authenticated');
-- Admin check for Orders (allow admins to see all orders)
CREATE POLICY "Admins can view all orders" ON public.orders FOR SELECT USING (auth.role() = 'authenticated');