-- Fix profiles table public exposure vulnerability
-- Remove the public access policy that allows unauthenticated users to view profiles

-- Drop the existing public access policy
DROP POLICY IF EXISTS "Public can view non-banned public profiles" ON public.profiles;

-- Create a new policy that requires authentication to view other users' profiles
-- Only show profiles with public privacy level to authenticated users
CREATE POLICY "Authenticated users can view public profiles"
ON public.profiles
FOR SELECT
TO authenticated
USING (
  (auth.uid() = user_id) 
  OR is_moderator(auth.uid()) 
  OR ((privacy_level = 'public') AND (NOT banned))
);

-- Add comment explaining the security rationale
COMMENT ON POLICY "Authenticated users can view public profiles" ON public.profiles IS 
'Restricts profile viewing to authenticated users only. Prevents public scraping of user personal information including locations, timezones, bios, and contact details.';