-- Create notes table for user notes functionality
CREATE TABLE IF NOT EXISTS notes (
    id TEXT PRIMARY KEY DEFAULT generate_random_string(24),
    title VARCHAR(255) NOT NULL,
    content TEXT,
    user_id UUID NOT NULL,
    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    deleted_at TIMESTAMP WITH TIME ZONE DEFAULT NULL,
    
    -- Foreign key constraint to users table (auth.users)
    CONSTRAINT fk_notes_user_id 
        FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE
);

-- Create indexes for performance
CREATE INDEX IF NOT EXISTS idx_notes_user_id ON notes(user_id);
CREATE INDEX IF NOT EXISTS idx_notes_deleted_at ON notes(deleted_at);
CREATE INDEX IF NOT EXISTS idx_notes_created_at ON notes(created_at);

-- Enable Row Level Security
ALTER TABLE notes ENABLE ROW LEVEL SECURITY;

-- Policy to allow users to view their own notes
CREATE POLICY "Users can view their own notes" ON notes
    FOR SELECT 
    TO authenticated
    USING (user_id = (SELECT auth.uid()));

-- Policy to allow users to insert their own notes
CREATE POLICY "Users can insert their own notes" ON notes
    FOR INSERT 
    TO authenticated
    WITH CHECK (
        user_id = (SELECT auth.uid())
    );

-- Policy to allow users to update their own notes
CREATE POLICY "Users can update their own notes" ON notes
    FOR UPDATE 
    TO authenticated
    USING (
        user_id = (SELECT auth.uid())
    )
    WITH CHECK (
        user_id = (SELECT auth.uid())
    );
    
CREATE POLICY "Users can delete their own notes (soft)" ON notes
    FOR UPDATE
    TO authenticated
    USING (user_id = auth.uid() AND deleted_at IS NULL)
    WITH CHECK (user_id = auth.uid());

-- Policy to allow users to delete their own notes (soft delete)
CREATE POLICY "Users can delete their own notes" ON notes
    FOR DELETE 
    TO authenticated
    USING (
        user_id = (SELECT auth.uid())
    );

-- Add comments to document the table
COMMENT ON TABLE notes IS 
    'User notes with Row Level Security to ensure users can only access their own notes';

COMMENT ON COLUMN notes.id IS 
    'Primary key: random 24-character alphanumeric string';

COMMENT ON COLUMN notes.title IS 
    'Title of the note';

COMMENT ON COLUMN notes.content IS 
    'Content of the note (can be plain text or formatted text)';

COMMENT ON COLUMN notes.user_id IS 
    'Foreign key reference to auth.users.id - owner of the note';

COMMENT ON COLUMN notes.deleted_at IS 
    'Soft delete timestamp - when not NULL, the note is considered deleted';