34 lines
1.5 KiB
SQL
34 lines
1.5 KiB
SQL
-- Create storage buckets for audio files and cover images
|
|
insert into storage.buckets (id, name, public)
|
|
values
|
|
('podcasts', 'podcasts', true),
|
|
('covers', 'covers', true)
|
|
on conflict (id) do nothing;
|
|
|
|
-- Allow anyone to read files (public buckets)
|
|
create policy "Public read access on podcasts" on storage.objects
|
|
for select using (bucket_id = 'podcasts');
|
|
|
|
create policy "Public read access on covers" on storage.objects
|
|
for select using (bucket_id = 'covers');
|
|
|
|
-- Allow authenticated users to upload files
|
|
create policy "Authenticated users can upload podcasts" on storage.objects
|
|
for insert with check (bucket_id = 'podcasts' and auth.role() = 'authenticated');
|
|
|
|
create policy "Authenticated users can upload covers" on storage.objects
|
|
for insert with check (bucket_id = 'covers' and auth.role() = 'authenticated');
|
|
|
|
-- Allow users to update/delete their own files
|
|
create policy "Users can update own podcast files" on storage.objects
|
|
for update using (bucket_id = 'podcasts' and auth.uid()::text = (storage.foldername(name))[1]);
|
|
|
|
create policy "Users can delete own podcast files" on storage.objects
|
|
for delete using (bucket_id = 'podcasts' and auth.uid()::text = (storage.foldername(name))[1]);
|
|
|
|
create policy "Users can update own cover files" on storage.objects
|
|
for update using (bucket_id = 'covers' and auth.uid()::text = (storage.foldername(name))[1]);
|
|
|
|
create policy "Users can delete own cover files" on storage.objects
|
|
for delete using (bucket_id = 'covers' and auth.uid()::text = (storage.foldername(name))[1]);
|