-- Set filtered_profiles view to use security_invoker
-- This makes the view execute with the permissions of the invoking user, not the creator
ALTER VIEW public.filtered_profiles SET (security_invoker = true);

COMMENT ON VIEW public.filtered_profiles IS 'Profile view with field-level privacy controls using security_invoker. Uses security definer functions for granular permission checks but view respects querying user context.';