xtablo-source/supabase/tests/database/03_rls_policies_notes.test.sql

begin;
select plan(36); -- Total number of tests (reduced - removed 2 DELETE policy tests that don't exist)

-- ============================================================================
-- RLS Enabled Tests
-- ============================================================================

SELECT is(
    (SELECT relrowsecurity FROM pg_class WHERE relname = 'notes' AND relnamespace = 'public'::regnamespace),
    true,
    'RLS should be enabled on notes table'
);

SELECT is(
    (SELECT relrowsecurity FROM pg_class WHERE relname = 'shared_notes' AND relnamespace = 'public'::regnamespace),
    true,
    'RLS should be enabled on shared_notes table'
);

SELECT is(
    (SELECT relrowsecurity FROM pg_class WHERE relname = 'note_access' AND relnamespace = 'public'::regnamespace),
    true,
    'RLS should be enabled on note_access table'
);

-- ============================================================================
-- Notes Table RLS Policies
-- ============================================================================

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes') > 0,
    'Policy for viewing own and public notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can insert their own notes') > 0,
    'Policy for inserting own notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can update their own notes') > 0,
    'Policy for updating own notes should exist'
);

-- Note: There is only a soft delete policy (FOR UPDATE), no hard DELETE policy
SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can delete their own notes (soft)') > 0,
    'Policy for soft deleting own notes should exist'
);

-- Test policy commands
SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes' LIMIT 1),
    'SELECT',
    'View notes policy should be for SELECT'
);

SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can insert their own notes' LIMIT 1),
    'INSERT',
    'Insert notes policy should be for INSERT'
);

SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can update their own notes' LIMIT 1),
    'UPDATE',
    'Update notes policy should be for UPDATE'
);

-- Note: Soft delete policy is FOR UPDATE, not DELETE
SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can delete their own notes (soft)' LIMIT 1),
    'UPDATE',
    'Soft delete notes policy should be for UPDATE'
);

-- Test policy roles include both authenticated and anon for viewing
SELECT ok(
    (SELECT COALESCE('authenticated' = ANY(roles), false) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes' LIMIT 1),
    'View notes policy should include authenticated role'
);

SELECT ok(
    (SELECT COALESCE('anon' = ANY(roles), false) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes' LIMIT 1),
    'View notes policy should include anon role for public notes'
);

-- ============================================================================
-- Shared Notes Table RLS Policies
-- ============================================================================

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can view their own shared notes') > 0,
    'Policy for viewing own shared notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes') > 0,
    'Policy for viewing public notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can insert their own shared notes') > 0,
    'Policy for inserting shared notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can update their own shared notes') > 0,
    'Policy for updating shared notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can delete their own shared notes') > 0,
    'Policy for deleting shared notes should exist'
);

-- Test policy commands
SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can view their own shared notes' LIMIT 1),
    'SELECT',
    'View own shared notes policy should be for SELECT'
);

SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes' LIMIT 1),
    'SELECT',
    'View public notes policy should be for SELECT'
);

-- Test that public notes policy applies to both authenticated and anon
SELECT ok(
    (SELECT COALESCE('authenticated' = ANY(roles), false) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes' LIMIT 1),
    'Public notes policy should include authenticated role'
);

SELECT ok(
    (SELECT COALESCE('anon' = ANY(roles), false) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes' LIMIT 1),
    'Public notes policy should include anon role'
);

-- ============================================================================
-- Note Access Table RLS Policies
-- ============================================================================

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can view their own note access') > 0,
    'Policy for viewing own note access should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can view notes shared with their tablos') > 0,
    'Policy for viewing shared notes should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can insert their own note access') > 0,
    'Policy for inserting note access should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can update their own note access') > 0,
    'Policy for updating note access should exist'
);

SELECT ok(
    (SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can delete their own note access') > 0,
    'Policy for deleting note access should exist'
);

-- Test policy commands
SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can view their own note access' LIMIT 1),
    'SELECT',
    'View own note access policy should be for SELECT'
);

SELECT is(
    (SELECT cmd FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can insert their own note access' LIMIT 1),
    'INSERT',
    'Insert note access policy should be for INSERT'
);

-- ============================================================================
-- Notes Behavior Tests with Mock Data
-- ============================================================================

-- Create test users and notes
DO $$
DECLARE
    user1_id uuid := gen_random_uuid();
    user2_id uuid := gen_random_uuid();
    note1_id text := 'test_note_' || gen_random_uuid()::text;
    note2_id text := 'test_note_' || gen_random_uuid()::text;
    public_note_id text := 'public_note_' || gen_random_uuid()::text;
BEGIN
    -- Insert test users
    INSERT INTO auth.users (id, instance_id, aud, role, email, encrypted_password, email_confirmed_at, created_at, updated_at)
    VALUES 
        (user1_id, '00000000-0000-0000-0000-000000000000', 'authenticated', 'authenticated', 'noteuser1_' || user1_id::text || '@test.com', 'encrypted', now(), now(), now()),
        (user2_id, '00000000-0000-0000-0000-000000000000', 'authenticated', 'authenticated', 'noteuser2_' || user2_id::text || '@test.com', 'encrypted', now(), now(), now())
    ON CONFLICT DO NOTHING;
    
    -- Insert test profiles
    INSERT INTO public.profiles (id, email, first_name, last_name, short_user_id)
    VALUES 
        (user1_id, 'noteuser1_' || user1_id::text || '@test.com', 'Note User', 'One', substring(user1_id::text from 1 for 8)),
        (user2_id, 'noteuser2_' || user2_id::text || '@test.com', 'Note User', 'Two', substring(user2_id::text from 1 for 8))
    ON CONFLICT DO NOTHING;
    
    -- Insert test notes
    INSERT INTO public.notes (id, title, content, user_id)
    VALUES 
        (note1_id, 'User 1 Private Note', 'This is a private note', user1_id),
        (note2_id, 'User 2 Private Note', 'This is another private note', user2_id),
        (public_note_id, 'Public Note', 'This is a public note', user1_id);
    
    -- Make one note public
    INSERT INTO public.shared_notes (note_id, user_id, is_public)
    VALUES (public_note_id, user1_id, true);
    
    -- Store test IDs
    PERFORM set_config('test.note_user1_id', user1_id::text, true);
    PERFORM set_config('test.note_user2_id', user2_id::text, true);
    PERFORM set_config('test.note1_id', note1_id, true);
    PERFORM set_config('test.public_note_id', public_note_id, true);
END $$;

-- Test: Verify notes were created
SELECT is(
    (SELECT count(*)::integer FROM public.notes WHERE id = current_setting('test.note1_id')),
    1,
    'User 1 private note should be created'
);

SELECT is(
    (SELECT count(*)::integer FROM public.notes WHERE id = current_setting('test.public_note_id')),
    1,
    'Public note should be created'
);

-- Test: Verify shared_notes entry for public note
SELECT is(
    (SELECT is_public FROM public.shared_notes WHERE note_id = current_setting('test.public_note_id') LIMIT 1),
    true,
    'Public note should be marked as public in shared_notes'
);

-- ============================================================================
-- Foreign Key Constraints Tests
-- ============================================================================

SELECT has_fk('public', 'shared_notes', 'shared_notes should have foreign key constraints');
SELECT has_fk('public', 'note_access', 'note_access should have foreign key constraints');

-- Test that shared_notes.note_id references notes.id
SELECT fk_ok(
    'public', 'shared_notes', 'note_id',
    'public', 'notes', 'id',
    'shared_notes.note_id should reference notes.id'
);

-- Test that note_access.note_id references notes.id
SELECT fk_ok(
    'public', 'note_access', 'note_id',
    'public', 'notes', 'id',
    'note_access.note_id should reference notes.id'
);

select * from finish();
rollback;
supabase tests temp 2025-11-04 21:20:56 +00:00			`begin;`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`select plan(36); -- Total number of tests (reduced - removed 2 DELETE policy tests that don't exist)`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- ============================================================================`
			`-- RLS Enabled Tests`
			`-- ============================================================================`

			`SELECT is(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT relrowsecurity FROM pg_class WHERE relname = 'notes' AND relnamespace = 'public'::regnamespace),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`true,`
			`'RLS should be enabled on notes table'`
			`);`

			`SELECT is(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT relrowsecurity FROM pg_class WHERE relname = 'shared_notes' AND relnamespace = 'public'::regnamespace),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`true,`
			`'RLS should be enabled on shared_notes table'`
			`);`

			`SELECT is(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT relrowsecurity FROM pg_class WHERE relname = 'note_access' AND relnamespace = 'public'::regnamespace),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`true,`
			`'RLS should be enabled on note_access table'`
			`);`

			`-- ============================================================================`
			`-- Notes Table RLS Policies`
			`-- ============================================================================`

Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes') > 0,`
			`'Policy for viewing own and public notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can insert their own notes') > 0,`
			`'Policy for inserting own notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can update their own notes') > 0,`
			`'Policy for updating own notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`-- Note: There is only a soft delete policy (FOR UPDATE), no hard DELETE policy`
			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can delete their own notes (soft)') > 0,`
			`'Policy for soft deleting own notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Test policy commands`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes' LIMIT 1),`
			`'SELECT',`
			`'View notes policy should be for SELECT'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can insert their own notes' LIMIT 1),`
			`'INSERT',`
			`'Insert notes policy should be for INSERT'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can update their own notes' LIMIT 1),`
			`'UPDATE',`
			`'Update notes policy should be for UPDATE'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`-- Note: Soft delete policy is FOR UPDATE, not DELETE`
			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can delete their own notes (soft)' LIMIT 1),`
			`'UPDATE',`
			`'Soft delete notes policy should be for UPDATE'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Test policy roles include both authenticated and anon for viewing`
			`SELECT ok(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT COALESCE('authenticated' = ANY(roles), false) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes' LIMIT 1),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`'View notes policy should include authenticated role'`
			`);`

			`SELECT ok(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT COALESCE('anon' = ANY(roles), false) FROM pg_policies WHERE tablename = 'notes' AND policyname = 'Users can view their own notes and public notes' LIMIT 1),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`'View notes policy should include anon role for public notes'`
			`);`

			`-- ============================================================================`
			`-- Shared Notes Table RLS Policies`
			`-- ============================================================================`

Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can view their own shared notes') > 0,`
			`'Policy for viewing own shared notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes') > 0,`
			`'Policy for viewing public notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can insert their own shared notes') > 0,`
			`'Policy for inserting shared notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can update their own shared notes') > 0,`
			`'Policy for updating shared notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can delete their own shared notes') > 0,`
			`'Policy for deleting shared notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Test policy commands`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Users can view their own shared notes' LIMIT 1),`
			`'SELECT',`
			`'View own shared notes policy should be for SELECT'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes' LIMIT 1),`
			`'SELECT',`
			`'View public notes policy should be for SELECT'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Test that public notes policy applies to both authenticated and anon`
			`SELECT ok(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT COALESCE('authenticated' = ANY(roles), false) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes' LIMIT 1),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`'Public notes policy should include authenticated role'`
			`);`

			`SELECT ok(`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(SELECT COALESCE('anon' = ANY(roles), false) FROM pg_policies WHERE tablename = 'shared_notes' AND policyname = 'Anyone can view public notes' LIMIT 1),`
supabase tests temp 2025-11-04 21:20:56 +00:00			`'Public notes policy should include anon role'`
			`);`

			`-- ============================================================================`
			`-- Note Access Table RLS Policies`
			`-- ============================================================================`

Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can view their own note access') > 0,`
			`'Policy for viewing own note access should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can view notes shared with their tablos') > 0,`
			`'Policy for viewing shared notes should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can insert their own note access') > 0,`
			`'Policy for inserting note access should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can update their own note access') > 0,`
			`'Policy for updating note access should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT ok(`
			`(SELECT COUNT(*) FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can delete their own note access') > 0,`
			`'Policy for deleting note access should exist'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Test policy commands`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can view their own note access' LIMIT 1),`
			`'SELECT',`
			`'View own note access policy should be for SELECT'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
Add migrations + tests 2025-11-06 07:38:38 +00:00			`SELECT is(`
			`(SELECT cmd FROM pg_policies WHERE tablename = 'note_access' AND policyname = 'Users can insert their own note access' LIMIT 1),`
			`'INSERT',`
			`'Insert note access policy should be for INSERT'`
			`);`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- ============================================================================`
			`-- Notes Behavior Tests with Mock Data`
			`-- ============================================================================`

			`-- Create test users and notes`
			`DO $$`
			`DECLARE`
			`user1_id uuid := gen_random_uuid();`
			`user2_id uuid := gen_random_uuid();`
			`note1_id text := 'test_note_' \|\| gen_random_uuid()::text;`
			`note2_id text := 'test_note_' \|\| gen_random_uuid()::text;`
			`public_note_id text := 'public_note_' \|\| gen_random_uuid()::text;`
			`BEGIN`
			`-- Insert test users`
			`INSERT INTO auth.users (id, instance_id, aud, role, email, encrypted_password, email_confirmed_at, created_at, updated_at)`
			`VALUES`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(user1_id, '00000000-0000-0000-0000-000000000000', 'authenticated', 'authenticated', 'noteuser1_' \|\| user1_id::text \|\| '@test.com', 'encrypted', now(), now(), now()),`
			`(user2_id, '00000000-0000-0000-0000-000000000000', 'authenticated', 'authenticated', 'noteuser2_' \|\| user2_id::text \|\| '@test.com', 'encrypted', now(), now(), now())`
			`ON CONFLICT DO NOTHING;`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Insert test profiles`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`INSERT INTO public.profiles (id, email, first_name, last_name, short_user_id)`
supabase tests temp 2025-11-04 21:20:56 +00:00			`VALUES`
Add migrations + tests 2025-11-06 07:38:38 +00:00			`(user1_id, 'noteuser1_' \|\| user1_id::text \|\| '@test.com', 'Note User', 'One', substring(user1_id::text from 1 for 8)),`
			`(user2_id, 'noteuser2_' \|\| user2_id::text \|\| '@test.com', 'Note User', 'Two', substring(user2_id::text from 1 for 8))`
			`ON CONFLICT DO NOTHING;`
supabase tests temp 2025-11-04 21:20:56 +00:00
			`-- Insert test notes`
			`INSERT INTO public.notes (id, title, content, user_id)`
			`VALUES`
			`(note1_id, 'User 1 Private Note', 'This is a private note', user1_id),`
			`(note2_id, 'User 2 Private Note', 'This is another private note', user2_id),`
			`(public_note_id, 'Public Note', 'This is a public note', user1_id);`

			`-- Make one note public`
			`INSERT INTO public.shared_notes (note_id, user_id, is_public)`
			`VALUES (public_note_id, user1_id, true);`

			`-- Store test IDs`
			`PERFORM set_config('test.note_user1_id', user1_id::text, true);`
			`PERFORM set_config('test.note_user2_id', user2_id::text, true);`
			`PERFORM set_config('test.note1_id', note1_id, true);`
			`PERFORM set_config('test.public_note_id', public_note_id, true);`
			`END $$;`

			`-- Test: Verify notes were created`
			`SELECT is(`
			`(SELECT count(*)::integer FROM public.notes WHERE id = current_setting('test.note1_id')),`
			`1,`
			`'User 1 private note should be created'`
			`);`

			`SELECT is(`
			`(SELECT count(*)::integer FROM public.notes WHERE id = current_setting('test.public_note_id')),`
			`1,`
			`'Public note should be created'`
			`);`

			`-- Test: Verify shared_notes entry for public note`
			`SELECT is(`
			`(SELECT is_public FROM public.shared_notes WHERE note_id = current_setting('test.public_note_id') LIMIT 1),`
			`true,`
			`'Public note should be marked as public in shared_notes'`
			`);`

			`-- ============================================================================`
			`-- Foreign Key Constraints Tests`
			`-- ============================================================================`

			`SELECT has_fk('public', 'shared_notes', 'shared_notes should have foreign key constraints');`
			`SELECT has_fk('public', 'note_access', 'note_access should have foreign key constraints');`

			`-- Test that shared_notes.note_id references notes.id`
			`SELECT fk_ok(`
			`'public', 'shared_notes', 'note_id',`
			`'public', 'notes', 'id',`
			`'shared_notes.note_id should reference notes.id'`
			`);`

			`-- Test that note_access.note_id references notes.id`
			`SELECT fk_ok(`
			`'public', 'note_access', 'note_id',`
			`'public', 'notes', 'id',`
			`'note_access.note_id should reference notes.id'`
			`);`

			`select * from finish();`
			`rollback;`