drop policy if exists "Own profile update" on public.profiles;

create policy "Own profile update" on public.profiles
  for update
  using (id = auth.uid())
  with check (
    id = auth.uid()
    and role = (select role from public.profiles where id = auth.uid())
    and company_id is not distinct from (select company_id from public.profiles where id = auth.uid())
  );