Mega push vol 4

supabase/migrations/017_avatars_storage.sql

@@ -0,0 +1,28 @@
+-- Create storage bucket for avatars
+INSERT INTO storage.buckets (id, name, public)
+VALUES ('avatars', 'avatars', true)
+ON CONFLICT (id) DO NOTHING;
+
+-- Allow authenticated users to upload to org-avatars folder
+CREATE POLICY "Authenticated users can upload org avatars"
+ON storage.objects FOR INSERT
+TO authenticated
+WITH CHECK (bucket_id = 'avatars' AND (storage.foldername(name))[1] = 'org-avatars');
+
+-- Allow authenticated users to update (upsert) their org avatars
+CREATE POLICY "Authenticated users can update org avatars"
+ON storage.objects FOR UPDATE
+TO authenticated
+USING (bucket_id = 'avatars' AND (storage.foldername(name))[1] = 'org-avatars');
+
+-- Allow public read access to all avatars
+CREATE POLICY "Public read access for avatars"
+ON storage.objects FOR SELECT
+TO public
+USING (bucket_id = 'avatars');
+
+-- Allow authenticated users to delete org avatars
+CREATE POLICY "Authenticated users can delete org avatars"
+ON storage.objects FOR DELETE
+TO authenticated
+USING (bucket_id = 'avatars' AND (storage.foldername(name))[1] = 'org-avatars');