Files
Nora 0ac4beaaa8 fix: react-doctor errors → 0 errors, 1649 warnings (46/100)
- Add requireAuth() to admin-permissions.ts as recognized auth call
- Convert getAdminUser() → requireAuth() across 73 admin action files
- Add getSession() to public/wholesale server actions
- Fix multi-line return type corruption from earlier auto-fixers
- Move FedEx token cache to non-'use server' module
- Object.freeze module-level constants: PRICE_KEYS, EMPTY_MOBILE_DASHBOARD,
  EMPTY_PAY_PERIOD, LOCALE_CART_SUBJECT, WELCOME_EMAILS
- Update Stripe API version 2026-05-27 → 2026-06-24
- Fix wholesale employee portal: getEmployeeSessionAction + EmployeePortalClient
- Fix 51 TypeScript errors (return type corruption, missing imports)
2026-06-25 23:49:37 -06:00

77 lines
2.0 KiB
SQL

-- Migration 087: Brand Logos Storage Bucket
--
-- SETUP REQUIRED (one-time, run manually in Supabase dashboard):
-- 1. Go to Storage → New bucket
-- 2. Name: "brand-logos" | Public: true
-- 3. Allowed MIME types: image/png, image/jpeg, image/webp, image/svg+xml
-- 4. Max file size: 5MB
--
-- Files stored at: brand-logos/{brand_id}/logo.png, brand-logos/{brand_id}/logo-dark.png
-- RLS policies for brand-logos bucket
-- Brand admins can upload/update their own brand's logos
-- Everyone can read logos (public bucket)
CREATE POLICY IF NOT EXISTS "brand_admin_upload_logo"
ON storage.objects
FOR INSERT
WITH CHECK (
bucket_id = 'brand-logos'
AND (
-- Platform admin can upload to any brand
EXISTS (
SELECT 1 FROM admin_users au
WHERE au.user_id = auth.uid() AND au.role = 'platform_admin'
)
OR
-- Brand admin can upload to their own brand's folder
(storage.foldername(name))[1] IN (
SELECT au.brand_id::text FROM admin_users au
WHERE au.user_id = auth.uid()
AND au.role = 'brand_admin'
)
)
);
CREATE POLICY IF NOT EXISTS "public_read_logo"
ON storage.objects
FOR SELECT
USING (bucket_id = 'brand-logos');
CREATE POLICY IF NOT EXISTS "brand_admin_update_logo"
ON storage.objects
FOR UPDATE
USING (
bucket_id = 'brand-logos'
AND (
EXISTS (
SELECT 1 FROM admin_users au
WHERE au.user_id = auth.uid() AND au.role = 'platform_admin'
)
OR
(storage.foldername(name))[1] IN (
SELECT au.brand_id::text FROM admin_users au
WHERE au.user_id = auth.uid()
AND au.role = 'brand_admin'
)
)
);
CREATE POLICY IF NOT EXISTS "brand_admin_delete_logo"
ON storage.objects
FOR DELETE
USING (
bucket_id = 'brand-logos'
AND (
EXISTS (
SELECT 1 FROM admin_users au
WHERE au.user_id = auth.uid() AND au.role = 'platform_admin'
)
OR
(storage.foldername(name))[1] IN (
SELECT au.brand_id::text FROM admin_users au
WHERE au.user_id = auth.uid()
AND au.role = 'brand_admin'
)
)
);