krao/fourge-portal
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
719209fa25240572616b4c6916231f2c1dc7c2f6
fourge-portal/supabase/schema.sql
T
Krao Hasanee 719209fa25 Refactor: clients → companies schema v2
2026-03-26 23:42:06 -04:00

277 lines
11 KiB
PL/PgSQL
Executable File
Raw Blame History

-- ============================================================
-- Fourge Branding Portal — Database Schema v2
-- Paste this entire file into Supabase → SQL Editor → Run
-- ============================================================
-- Companies (client companies — created and managed by team)
create table public.companies (
id uuid default gen_random_uuid() primary key,
name text not null,
email text default '',
phone text default '',
created_at timestamptz default now() not null
);
alter table public.companies enable row level security;
-- Profiles (extends auth.users — auto-created on signup)
create table public.profiles (
id uuid references auth.users on delete cascade primary key,
name text not null default '',
email text default '',
role text not null check (role in ('team', 'client')) default 'client',
company_id uuid references public.companies(id) on delete set null,
created_at timestamptz default now() not null
);
alter table public.profiles enable row level security;
-- Projects (belong to a company)
create table public.projects (
id uuid default gen_random_uuid() primary key,
company_id uuid references public.companies(id) on delete cascade not null,
name text not null,
description text default '',
status text not null check (status in ('active', 'completed')) default 'active',
created_at timestamptz default now() not null
);
alter table public.projects enable row level security;
-- Tasks (belong to a project)
create table public.tasks (
id uuid default gen_random_uuid() primary key,
project_id uuid references public.projects(id) on delete cascade not null,
title text not null,
assigned_to uuid references public.profiles(id) on delete set null,
assigned_name text,
status text not null check (status in ('not_started', 'in_progress', 'on_hold', 'client_review', 'client_approved')) default 'not_started',
current_version integer default 0 not null,
invoiced boolean default false,
submitted_at timestamptz default now() not null,
completed_at timestamptz
);
alter table public.tasks enable row level security;
-- Submissions (each version of a request)
create table public.submissions (
id uuid default gen_random_uuid() primary key,
task_id uuid references public.tasks(id) on delete cascade not null,
version_number integer not null,
type text not null check (type in ('initial', 'revision')) default 'initial',
service_type text default '',
deadline date,
description text default '',
submitted_by uuid references public.profiles(id) on delete set null,
submitted_by_name text default '',
submitted_at timestamptz default now() not null
);
alter table public.submissions enable row level security;
-- Submission Files
create table public.submission_files (
id uuid default gen_random_uuid() primary key,
submission_id uuid references public.submissions(id) on delete cascade not null,
name text not null,
storage_path text,
size bigint default 0
);
alter table public.submission_files enable row level security;
-- Deliveries (work sent to client)
create table public.deliveries (
id uuid default gen_random_uuid() primary key,
submission_id uuid references public.submissions(id) on delete cascade not null unique,
sent_at timestamptz default now() not null,
sent_by text default '',
message text default ''
);
alter table public.deliveries enable row level security;
-- Delivery Files
create table public.delivery_files (
id uuid default gen_random_uuid() primary key,
delivery_id uuid references public.deliveries(id) on delete cascade not null,
name text not null,
storage_path text,
size bigint default 0
);
alter table public.delivery_files enable row level security;
-- Company Prices (per service type, per company)
create table public.company_prices (
id uuid default gen_random_uuid() primary key,
company_id uuid references public.companies(id) on delete cascade not null,
service_type text not null,
price numeric(10,2) default 0,
unique(company_id, service_type)
);
alter table public.company_prices enable row level security;
-- Invoices
create table public.invoices (
id uuid default gen_random_uuid() primary key,
company_id uuid references public.companies(id) on delete cascade not null,
invoice_number text not null,
status text not null check (status in ('draft', 'sent', 'paid')) default 'draft',
invoice_date date default current_date,
due_date date,
total numeric(10,2) default 0,
notes text default '',
created_by uuid references public.profiles(id) on delete set null,
created_at timestamptz default now() not null
);
alter table public.invoices enable row level security;
-- Invoice Items
create table public.invoice_items (
id uuid default gen_random_uuid() primary key,
invoice_id uuid references public.invoices(id) on delete cascade not null,
task_id uuid references public.tasks(id) on delete set null,
description text not null,
quantity numeric(10,2) default 1,
unit_price numeric(10,2) default 0,
created_at timestamptz default now() not null
);
alter table public.invoice_items enable row level security;
-- ============================================================
-- Helpers
-- ============================================================
create or replace function public.get_my_role()
returns text as $$
select role from public.profiles where id = auth.uid();
$$ language sql security definer stable;
create or replace function public.get_my_company_id()
returns uuid as $$
select company_id from public.profiles where id = auth.uid();
$$ language sql security definer stable;
-- ============================================================
-- RLS Policies
-- ============================================================
-- Companies
create policy "Team all companies" on public.companies for all using (get_my_role() = 'team');
create policy "Client reads own company" on public.companies for select using (id = get_my_company_id());
-- Profiles
create policy "Own profile select" on public.profiles for select using (id = auth.uid());
create policy "Team reads all profiles" on public.profiles for select using (get_my_role() = 'team');
create policy "Own profile update" on public.profiles for update using (id = auth.uid());
create policy "Team update profiles" on public.profiles for update using (get_my_role() = 'team');
-- Projects
create policy "Team all projects" on public.projects for all using (get_my_role() = 'team');
create policy "Client reads company projects" on public.projects for select using (company_id = get_my_company_id());
create policy "Client inserts company projects" on public.projects for insert with check (company_id = get_my_company_id());
-- Tasks
create policy "Team all tasks" on public.tasks for all using (get_my_role() = 'team');
create policy "Client reads company tasks" on public.tasks for select using (
project_id in (select id from public.projects where company_id = get_my_company_id())
);
create policy "Client insert task" on public.tasks for insert with check (
project_id in (select id from public.projects where company_id = get_my_company_id())
);
create policy "Client updates company tasks" on public.tasks for update using (
project_id in (select id from public.projects where company_id = get_my_company_id())
);
-- Submissions
create policy "Team all submissions" on public.submissions for all using (get_my_role() = 'team');
create policy "Client reads company submissions" on public.submissions for select using (
task_id in (
select t.id from public.tasks t
join public.projects p on p.id = t.project_id
where p.company_id = get_my_company_id()
)
);
create policy "Client inserts submissions" on public.submissions for insert with check (submitted_by = auth.uid());
-- Submission Files
create policy "Team all submission_files" on public.submission_files for all using (get_my_role() = 'team');
create policy "Client reads company submission_files" on public.submission_files for select using (
submission_id in (
select s.id from public.submissions s
join public.tasks t on t.id = s.task_id
join public.projects p on p.id = t.project_id
where p.company_id = get_my_company_id()
)
);
create policy "Client inserts submission_files" on public.submission_files for insert with check (true);
-- Deliveries
create policy "Team all deliveries" on public.deliveries for all using (get_my_role() = 'team');
create policy "Client reads company deliveries" on public.deliveries for select using (
submission_id in (
select s.id from public.submissions s
join public.tasks t on t.id = s.task_id
join public.projects p on p.id = t.project_id
where p.company_id = get_my_company_id()
)
);
-- Delivery Files
create policy "Team all delivery_files" on public.delivery_files for all using (get_my_role() = 'team');
create policy "Client reads company delivery_files" on public.delivery_files for select using (
delivery_id in (
select d.id from public.deliveries d
join public.submissions s on s.id = d.submission_id
join public.tasks t on t.id = s.task_id
join public.projects p on p.id = t.project_id
where p.company_id = get_my_company_id()
)
);
-- Company Prices
create policy "Team all company_prices" on public.company_prices for all using (get_my_role() = 'team');
create policy "Client reads own company prices" on public.company_prices for select using (company_id = get_my_company_id());
-- Invoices
create policy "Team all invoices" on public.invoices for all using (get_my_role() = 'team');
create policy "Client reads company invoices" on public.invoices for select using (company_id = get_my_company_id());
-- Invoice Items
create policy "Team all invoice_items" on public.invoice_items for all using (get_my_role() = 'team');
create policy "Client reads company invoice_items" on public.invoice_items for select using (
invoice_id in (select id from public.invoices where company_id = get_my_company_id())
);
-- ============================================================
-- Storage Buckets
-- ============================================================
insert into storage.buckets (id, name, public) values ('submissions', 'submissions', false);
insert into storage.buckets (id, name, public) values ('deliveries', 'deliveries', false);
create policy "Auth users upload to submissions" on storage.objects
for insert to authenticated with check (bucket_id = 'submissions');
create policy "Auth users read submissions" on storage.objects
for select to authenticated using (bucket_id = 'submissions');
create policy "Team upload deliveries" on storage.objects
for insert to authenticated with check (bucket_id = 'deliveries' and get_my_role() = 'team');
create policy "Auth users read deliveries" on storage.objects
for select to authenticated using (bucket_id = 'deliveries');
-- ============================================================
-- Trigger: auto-create profile on signup
-- Team assigns company_id later via the Companies page
-- ============================================================
create or replace function public.handle_new_user()
returns trigger as $$
begin
insert into public.profiles (id, name, email, role)
values (
new.id,
coalesce(new.raw_user_meta_data->>'name', ''),
new.email,
coalesce(new.raw_user_meta_data->>'role', 'client')
);
return new;
end;
$$ language plpgsql security definer;
create trigger on_auth_user_created
after insert on auth.users
for each row execute procedure public.handle_new_user();
Reference in New Issue View Git Blame Copy Permalink