-- Allow authenticated users to upload to user-avatars folder
CREATE POLICY "Authenticated users can upload user avatars"
ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (bucket_id = 'avatars' AND (storage.foldername(name))[1] = 'user-avatars');

-- Allow authenticated users to update (upsert) their user avatars
CREATE POLICY "Authenticated users can update user avatars"
ON storage.objects FOR UPDATE
TO authenticated
USING (bucket_id = 'avatars' AND (storage.foldername(name))[1] = 'user-avatars');

-- Allow authenticated users to delete user avatars
CREATE POLICY "Authenticated users can delete user avatars"
ON storage.objects FOR DELETE
TO authenticated
USING (bucket_id = 'avatars' AND (storage.foldername(name))[1] = 'user-avatars');