-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsupabase_schema.sql
More file actions
49 lines (42 loc) · 2.24 KB
/
Copy pathsupabase_schema.sql
File metadata and controls
49 lines (42 loc) · 2.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
-- Ghost Shell Supabase Database Schema
-- Run this schema in your Supabase SQL Editor to set up all tables and security policies.
-- 1. USER PROFILES TABLE
CREATE TABLE IF NOT EXISTS public.user_profiles (
user_id uuid NOT NULL PRIMARY KEY REFERENCES auth.users(id) ON DELETE CASCADE,
salt text NOT NULL,
password_verification text NOT NULL,
created_at timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL,
updated_at timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL
);
-- 2. USER HOSTS TABLE
CREATE TABLE IF NOT EXISTS public.user_hosts (
user_id uuid NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE,
host_id text NOT NULL,
encrypted_data text NOT NULL,
created_at timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL,
updated_at timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL,
CONSTRAINT user_hosts_pkey PRIMARY KEY (user_id, host_id)
);
-- 3. USER KEYS TABLE
CREATE TABLE IF NOT EXISTS public.user_keys (
user_id uuid NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE,
key_id text NOT NULL,
encrypted_data text NOT NULL,
created_at timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL,
updated_at timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL,
CONSTRAINT user_keys_pkey PRIMARY KEY (user_id, key_id)
);
-- ENABLE ROW LEVEL SECURITY (RLS) ON ALL TABLES
ALTER TABLE public.user_profiles ENABLE ROW LEVEL SECURITY;
ALTER TABLE public.user_hosts ENABLE ROW LEVEL SECURITY;
ALTER TABLE public.user_keys ENABLE ROW LEVEL SECURITY;
-- CREATE SECURITY POLICIES FOR USER-SPECIFIC READ/WRITE ACCESS
-- User Profiles Policies
CREATE POLICY "Allow individual read/write access to profiles" ON public.user_profiles
FOR ALL TO authenticated USING (auth.uid() = user_id) WITH CHECK (auth.uid() = user_id);
-- User Hosts Policies
CREATE POLICY "Allow individual read/write access to hosts" ON public.user_hosts
FOR ALL TO authenticated USING (auth.uid() = user_id) WITH CHECK (auth.uid() = user_id);
-- User Keys Policies
CREATE POLICY "Allow individual read/write access to keys" ON public.user_keys
FOR ALL TO authenticated USING (auth.uid() = user_id) WITH CHECK (auth.uid() = user_id);