2025-10-25 19:21:04 +00:00
|
|
|
-- Create notes table for user notes functionality
|
|
|
|
|
CREATE TABLE IF NOT EXISTS notes (
|
|
|
|
|
id TEXT PRIMARY KEY DEFAULT generate_random_string(24),
|
|
|
|
|
title VARCHAR(255) NOT NULL,
|
|
|
|
|
content TEXT,
|
|
|
|
|
user_id UUID NOT NULL,
|
|
|
|
|
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
deleted_at TIMESTAMP WITH TIME ZONE DEFAULT NULL,
|
|
|
|
|
|
|
|
|
|
-- Foreign key constraint to users table (auth.users)
|
|
|
|
|
CONSTRAINT fk_notes_user_id
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
-- Create indexes for performance
|
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_notes_user_id ON notes(user_id);
|
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_notes_deleted_at ON notes(deleted_at);
|
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_notes_created_at ON notes(created_at);
|
|
|
|
|
|
|
|
|
|
-- Enable Row Level Security
|
|
|
|
|
ALTER TABLE notes ENABLE ROW LEVEL SECURITY;
|
|
|
|
|
|
2025-10-26 20:52:57 +00:00
|
|
|
-- Policy to allow users to view their own notes and public notes
|
|
|
|
|
CREATE POLICY "Users can view their own notes and public notes" ON notes
|
2025-10-25 19:21:04 +00:00
|
|
|
FOR SELECT
|
2025-10-26 20:52:57 +00:00
|
|
|
TO authenticated, anon
|
|
|
|
|
USING (
|
|
|
|
|
user_id = (SELECT auth.uid())
|
|
|
|
|
OR EXISTS (
|
|
|
|
|
SELECT 1 FROM shared_notes
|
|
|
|
|
WHERE shared_notes.note_id = notes.id
|
|
|
|
|
AND shared_notes.is_public = TRUE
|
|
|
|
|
)
|
|
|
|
|
);
|
2025-10-25 19:21:04 +00:00
|
|
|
|
|
|
|
|
-- Policy to allow users to insert their own notes
|
|
|
|
|
CREATE POLICY "Users can insert their own notes" ON notes
|
|
|
|
|
FOR INSERT
|
|
|
|
|
TO authenticated
|
|
|
|
|
WITH CHECK (
|
|
|
|
|
user_id = (SELECT auth.uid())
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
-- Policy to allow users to update their own notes
|
|
|
|
|
CREATE POLICY "Users can update their own notes" ON notes
|
|
|
|
|
FOR UPDATE
|
|
|
|
|
TO authenticated
|
|
|
|
|
USING (
|
|
|
|
|
user_id = (SELECT auth.uid())
|
|
|
|
|
)
|
|
|
|
|
WITH CHECK (
|
|
|
|
|
user_id = (SELECT auth.uid())
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
CREATE POLICY "Users can delete their own notes (soft)" ON notes
|
|
|
|
|
FOR UPDATE
|
|
|
|
|
TO authenticated
|
|
|
|
|
USING (user_id = auth.uid() AND deleted_at IS NULL)
|
|
|
|
|
WITH CHECK (user_id = auth.uid());
|
|
|
|
|
|
|
|
|
|
-- Policy to allow users to delete their own notes (soft delete)
|
|
|
|
|
CREATE POLICY "Users can delete their own notes" ON notes
|
|
|
|
|
FOR DELETE
|
|
|
|
|
TO authenticated
|
|
|
|
|
USING (
|
|
|
|
|
user_id = (SELECT auth.uid())
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
-- Add comments to document the table
|
|
|
|
|
COMMENT ON TABLE notes IS
|
2025-10-26 20:52:57 +00:00
|
|
|
'User notes with Row Level Security. Users can access their own notes and public notes (marked in shared_notes table)';
|
2025-10-25 19:21:04 +00:00
|
|
|
|
|
|
|
|
COMMENT ON COLUMN notes.id IS
|
|
|
|
|
'Primary key: random 24-character alphanumeric string';
|
|
|
|
|
|
|
|
|
|
COMMENT ON COLUMN notes.title IS
|
|
|
|
|
'Title of the note';
|
|
|
|
|
|
|
|
|
|
COMMENT ON COLUMN notes.content IS
|
|
|
|
|
'Content of the note (can be plain text or formatted text)';
|
|
|
|
|
|
|
|
|
|
COMMENT ON COLUMN notes.user_id IS
|
|
|
|
|
'Foreign key reference to auth.users.id - owner of the note';
|
|
|
|
|
|
|
|
|
|
COMMENT ON COLUMN notes.deleted_at IS
|
|
|
|
|
'Soft delete timestamp - when not NULL, the note is considered deleted';
|
|
|
|
|
|
