mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-23 04:11:14 -05:00
23 lines
746 B
SQL
23 lines
746 B
SQL
-- Restrict direct photo modifications - require moderation queue
|
|
-- Drop existing policies that allow direct modification
|
|
DROP POLICY IF EXISTS "Moderators can update photos" ON public.photos;
|
|
DROP POLICY IF EXISTS "Moderators can delete photos" ON public.photos;
|
|
|
|
-- Keep read policies
|
|
-- Public read access to photos already exists
|
|
|
|
-- Only service role (edge functions) can modify photos after approval
|
|
CREATE POLICY "Service role can insert photos"
|
|
ON public.photos FOR INSERT
|
|
TO service_role
|
|
WITH CHECK (true);
|
|
|
|
CREATE POLICY "Service role can update photos"
|
|
ON public.photos FOR UPDATE
|
|
TO service_role
|
|
USING (true);
|
|
|
|
CREATE POLICY "Service role can delete photos"
|
|
ON public.photos FOR DELETE
|
|
TO service_role
|
|
USING (true); |