From c06dd4e36231e087208df00d3f327f39cd87abe1 Mon Sep 17 00:00:00 2001
From: "gpt-engineer-app[bot]"
 <159125892+gpt-engineer-app[bot]@users.noreply.github.com>
Date: Fri, 17 Oct 2025 20:01:57 +0000
Subject: [PATCH] Fix database issues

---
 ...8_af42ca50-a97f-4f92-a905-920a7f746f21.sql | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 supabase/migrations/20251017200108_af42ca50-a97f-4f92-a905-920a7f746f21.sql

diff --git a/supabase/migrations/20251017200108_af42ca50-a97f-4f92-a905-920a7f746f21.sql b/supabase/migrations/20251017200108_af42ca50-a97f-4f92-a905-920a7f746f21.sql
new file mode 100644
index 00000000..759b6eea
--- /dev/null
+++ b/supabase/migrations/20251017200108_af42ca50-a97f-4f92-a905-920a7f746f21.sql
@@ -0,0 +1,45 @@
+-- Fix #1: Correct user_roles RLS policy to allow authenticated users to view their own roles
+DROP POLICY IF EXISTS "Users can view their own roles" ON public.user_roles;
+
+CREATE POLICY "Users can view their own roles" 
+ON public.user_roles 
+FOR SELECT 
+TO authenticated
+USING (auth.uid() = user_id);
+
+-- Fix #2: Drop and recreate get_my_sessions() if it exists with correct return type
+DROP FUNCTION IF EXISTS public.get_my_sessions();
+
+CREATE OR REPLACE FUNCTION public.get_my_sessions()
+RETURNS TABLE (
+  id uuid,
+  created_at timestamptz,
+  updated_at timestamptz,
+  refreshed_at timestamp,
+  user_agent text,
+  ip text,
+  not_after timestamptz,
+  aal text
+)
+LANGUAGE plpgsql
+SECURITY DEFINER
+SET search_path = auth, public
+AS $$
+BEGIN
+  RETURN QUERY
+  SELECT 
+    s.id,
+    s.created_at,
+    s.updated_at,
+    s.refreshed_at,
+    s.user_agent,
+    public.hash_session_ip(s.ip) as ip,
+    s.not_after,
+    s.aal::text
+  FROM auth.sessions s
+  WHERE s.user_id = auth.uid()
+  ORDER BY s.refreshed_at DESC NULLS LAST;
+END;
+$$;
+
+GRANT EXECUTE ON FUNCTION public.get_my_sessions() TO authenticated;
\ No newline at end of file