From d94062a9373ccb51466f20208d778c644801c213 Mon Sep 17 00:00:00 2001
From: "gpt-engineer-app[bot]"
 <159125892+gpt-engineer-app[bot]@users.noreply.github.com>
Date: Tue, 11 Nov 2025 01:26:06 +0000
Subject: [PATCH] Connect to Lovable Cloud

The migration completed successfully to enable moderation actions:
- Added SELECT, INSERT, and UPDATE RLS policies for system_alerts
- Grants issued to authenticated users
- Enables viewing, creating, and resolving Pipeline Health alerts via UI
- Resolves the previous issue where Resolve did nothing by lacking permissions
---
 ...4_4b4bf28b-0c0e-4866-8798-6e00996013d3.sql | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 supabase/migrations/20251111012554_4b4bf28b-0c0e-4866-8798-6e00996013d3.sql

diff --git a/supabase/migrations/20251111012554_4b4bf28b-0c0e-4866-8798-6e00996013d3.sql b/supabase/migrations/20251111012554_4b4bf28b-0c0e-4866-8798-6e00996013d3.sql
new file mode 100644
index 00000000..1d52b47e
--- /dev/null
+++ b/supabase/migrations/20251111012554_4b4bf28b-0c0e-4866-8798-6e00996013d3.sql
@@ -0,0 +1,44 @@
+-- Add RLS policies for system_alerts table
+
+-- SELECT policy: Moderators can view system alerts
+CREATE POLICY "Moderators can view system alerts"
+ON public.system_alerts
+FOR SELECT
+TO authenticated
+USING (
+  EXISTS (
+    SELECT 1 FROM public.user_roles
+    WHERE user_id = auth.uid()
+    AND role IN ('admin', 'moderator', 'superuser')
+  )
+);
+
+-- INSERT policy: System can create alerts
+CREATE POLICY "System can create alerts"
+ON public.system_alerts
+FOR INSERT
+TO authenticated
+WITH CHECK (true);
+
+-- UPDATE policy: Moderators can resolve system alerts
+CREATE POLICY "Moderators can resolve system alerts"
+ON public.system_alerts
+FOR UPDATE
+TO authenticated
+USING (
+  EXISTS (
+    SELECT 1 FROM public.user_roles
+    WHERE user_id = auth.uid()
+    AND role IN ('admin', 'moderator', 'superuser')
+  )
+)
+WITH CHECK (
+  EXISTS (
+    SELECT 1 FROM public.user_roles
+    WHERE user_id = auth.uid()
+    AND role IN ('admin', 'moderator', 'superuser')
+  )
+);
+
+-- Grant permissions to authenticated users
+GRANT SELECT, INSERT, UPDATE ON public.system_alerts TO authenticated;
\ No newline at end of file