22 lines
807 B
SQL
22 lines
807 B
SQL
-- Allow users to read profiles of collaborators that share at least one active tablo.
|
|
-- This unblocks assignee avatars/names in tasks_with_assignee while keeping profile
|
|
-- visibility scoped to collaboration relationships.
|
|
|
|
DROP POLICY IF EXISTS "Users can view shared tablo member profiles" ON public.profiles;
|
|
|
|
CREATE POLICY "Users can view shared tablo member profiles"
|
|
ON public.profiles
|
|
FOR SELECT
|
|
TO authenticated
|
|
USING (
|
|
EXISTS (
|
|
SELECT 1
|
|
FROM public.tablo_access viewer_access
|
|
JOIN public.tablo_access member_access
|
|
ON member_access.tablo_id = viewer_access.tablo_id
|
|
WHERE viewer_access.user_id = auth.uid()
|
|
AND viewer_access.is_active = TRUE
|
|
AND member_access.user_id = profiles.id
|
|
AND member_access.is_active = TRUE
|
|
)
|
|
);
|