tophe-garage/gestiondescompetences
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ajout de nv fichier de migration SQL

Browse Source
This commit is contained in:
Chris TOPHE
2026-05-26 01:12:28 +02:00
parent 664044bcd6
commit 2a756e0980
3 changed files with 25919 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
supabase/migrations/002_rls_and_indexes.sql
+80
View File
@@ -0,0 +1,80 @@
-- ============================================================
-- Migration 002: RLS WITH CHECK + GIN indexes + level_descriptions policies
-- ============================================================
-- 1. Ajout WITH CHECK sur les policies UPDATE existantes
-- (fonctionnellement identique au USING, mais explicite)
ALTER POLICY "categories_update_admin" ON categories
RENAME TO "categories_update_admin_old";
CREATE POLICY "categories_update_admin" ON categories FOR UPDATE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
) WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
DROP POLICY "categories_update_admin_old" ON categories;
ALTER POLICY "skills_update_admin" ON skills
RENAME TO "skills_update_admin_old";
CREATE POLICY "skills_update_admin" ON skills FOR UPDATE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
) WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
DROP POLICY "skills_update_admin_old" ON skills;
ALTER POLICY "members_update_admin" ON members
RENAME TO "members_update_admin_old";
CREATE POLICY "members_update_admin" ON members FOR UPDATE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
) WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
DROP POLICY "members_update_admin_old" ON members;
ALTER POLICY "skill_levels_update_admin" ON skill_levels
RENAME TO "skill_levels_update_admin_old";
CREATE POLICY "skill_levels_update_admin" ON skill_levels FOR UPDATE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
) WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
DROP POLICY "skill_levels_update_admin_old" ON skill_levels;
ALTER POLICY "invitations_update_admin" ON invitations
RENAME TO "invitations_update_admin_old";
CREATE POLICY "invitations_update_admin" ON invitations FOR UPDATE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
) WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
DROP POLICY "invitations_update_admin_old" ON invitations;
-- 2. Filtre expiration sur invitations_read_admin
ALTER POLICY "invitations_read_admin" ON invitations
RENAME TO "invitations_read_admin_old";
CREATE POLICY "invitations_read_admin" ON invitations FOR SELECT USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
AND expires_at > now()
);
DROP POLICY "invitations_read_admin_old" ON invitations;
-- 3. Policies d'écriture pour level_descriptions
CREATE POLICY "level_descriptions_insert_admin" ON level_descriptions FOR INSERT WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
CREATE POLICY "level_descriptions_update_admin" ON level_descriptions FOR UPDATE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
) WITH CHECK (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
CREATE POLICY "level_descriptions_delete_admin" ON level_descriptions FOR DELETE USING (
EXISTS (SELECT 1 FROM members WHERE id = auth.uid() AND role = 'admin')
);
-- 4. Index GIN pour full-text search (stemming français)
CREATE INDEX idx_skills_name_gin ON skills USING gin(to_tsvector('french', name));
CREATE INDEX idx_members_full_name_gin ON members USING gin(to_tsvector('french', full_name));