-- Drop the restrictive authenticated-only policy
DROP POLICY IF EXISTS "Authenticated users can view profiles" ON public.profiles;

-- Create a new policy that allows both anonymous and authenticated users to view public profiles
CREATE POLICY "Public can view non-banned public profiles"
ON public.profiles
FOR SELECT
TO anon, authenticated
USING (
  (auth.uid() = user_id) 
  OR is_moderator(auth.uid()) 
  OR ((privacy_level = 'public') AND (NOT banned))
);