Overwrite repo with local files

This commit is contained in:
2026-02-20 14:59:31 -06:00
commit 82d5829ff4
53 changed files with 2630 additions and 0 deletions
+16
View File
@@ -0,0 +1,16 @@
-- If PostgREST is continually returning a 503, it's often because the base
-- `authenticator` role used by the API gateway lost privileges to switch to the
-- `anon` or `authenticated` roles, which breaks OpenAPI cache generation.
-- 1. Ensure the authenticator role has permission to assume the anon and authenticated roles
GRANT anon TO authenticator;
GRANT authenticated TO authenticator;
-- 2. Ensure authenticator can access the public schema
GRANT USAGE ON SCHEMA public TO authenticator;
-- 3. In some setups, the API explicitly needs the 'service_role' granted to authenticator as well
GRANT service_role TO authenticator;
-- 4. Reload the cache one last time
NOTIFY pgrst, 'reload schema';
+24
View File
@@ -0,0 +1,24 @@
-- 1. Grant usage and select privileges to authenticated users
GRANT USAGE ON SCHEMA public TO authenticated;
GRANT ALL ON ALL TABLES IN SCHEMA public TO authenticated;
GRANT ALL ON ALL SEQUENCES IN SCHEMA public TO authenticated;
-- 2. Relax RLS policies to allow authenticated users to see the structure
-- We will temporarily downgrade the strict chat_members RLS so you can actually
-- see the chats before we build the admin UI to add users to chats.
drop policy if exists "Members can view members of their chats." on chat_members;
create policy "Authenticated users can view members" on chat_members for select using ((select auth.role()) = 'authenticated');
drop policy if exists "Sub-chats viewable by chat members." on sub_chats;
create policy "Sub-chats viewable by authenticated users" on sub_chats for select using ((select auth.role()) = 'authenticated');
drop policy if exists "Messages viewable by chat members." on messages;
create policy "Messages viewable by authenticated users" on messages for select using ((select auth.role()) = 'authenticated');
-- Keep insert restrictions but allow basic usage
drop policy if exists "Members can insert messages." on messages;
create policy "Authenticated users can insert messages" on messages for insert with check ((select auth.uid()) = user_id);
-- Finally, notify API to reload
NOTIFY pgrst, 'reload schema';
+114
View File
@@ -0,0 +1,114 @@
-- Project RiverTalk: Core Database Schema
-- Enable UUID extension
create extension if not exists "uuid-ossp";
-- 1. Users Profile Table (Extends Supabase Auth Auth.users)
create table public.users (
id uuid references auth.users not null primary key,
name text,
email text,
language_preference text default 'en' check (language_preference in ('en', 'es')),
voice_clone_id text,
created_at timestamp with time zone default timezone('utc'::text, now()) not null
);
-- Row Level Security (RLS) for Users
alter table public.users enable row level security;
create policy "Public profiles are viewable by everyone." on users for select using (true);
create policy "Users can insert their own profile." on users for insert with check ((select auth.uid()) = id);
create policy "Users can update own profile." on users for update using ((select auth.uid()) = id);
-- 2. Categories (Level 1)
create table public.categories (
id uuid default uuid_generate_v4() primary key,
name text not null,
type text check (type in ('dm', 'job', 'office')),
created_at timestamp with time zone default timezone('utc'::text, now()) not null
);
alter table public.categories enable row level security;
create policy "Categories are viewable by everyone." on categories for select using (true);
-- 3. Chats (Level 2)
create table public.chats (
id uuid default uuid_generate_v4() primary key,
category_id uuid references public.categories(id) on delete cascade not null,
name text not null,
created_at timestamp with time zone default timezone('utc'::text, now()) not null
);
alter table public.chats enable row level security;
create policy "Chats are viewable by everyone." on chats for select using (true);
-- 4. Chat Members (Access Control)
create table public.chat_members (
user_id uuid references public.users(id) on delete cascade not null,
chat_id uuid references public.chats(id) on delete cascade not null,
role text default 'member' check (role in ('admin', 'member')),
joined_at timestamp with time zone default timezone('utc'::text, now()) not null,
primary key (user_id, chat_id)
);
alter table public.chat_members enable row level security;
create policy "Members can view members of their chats." on chat_members for select using (
exists (select 1 from public.chat_members cm where cm.chat_id = chat_members.chat_id and cm.user_id = (select auth.uid()))
);
-- 5. Sub-Chats (Level 3)
create table public.sub_chats (
id uuid default uuid_generate_v4() primary key,
chat_id uuid references public.chats(id) on delete cascade not null,
name text not null,
created_at timestamp with time zone default timezone('utc'::text, now()) not null
);
alter table public.sub_chats enable row level security;
create policy "Sub-chats viewable by chat members." on sub_chats for select using (
exists (select 1 from public.chat_members cm where cm.chat_id = sub_chats.chat_id and cm.user_id = (select auth.uid()))
);
-- 6. Threads (Level 4)
create table public.threads (
id uuid default uuid_generate_v4() primary key,
parent_id uuid not null, -- Can be chat_id or sub_chat_id
title text,
created_at timestamp with time zone default timezone('utc'::text, now()) not null
);
alter table public.threads enable row level security;
create policy "Threads viewable by authenticated users." on threads for select using ((select auth.role()) = 'authenticated');
-- 7. Messages
create table public.messages (
id uuid default uuid_generate_v4() primary key,
user_id uuid references public.users(id) on delete set null,
thread_id uuid references public.threads(id) on delete cascade,
sub_chat_id uuid references public.sub_chats(id) on delete cascade,
chat_id uuid references public.chats(id) on delete cascade not null,
type text default 'text' check (type in ('text', 'audio', 'media', 'pdf')),
original_language text default 'en',
content text,
content_en text,
media_url text,
media_url_en text,
created_at timestamp with time zone default timezone('utc'::text, now()) not null
);
alter table public.messages enable row level security;
create policy "Messages viewable by chat members." on messages for select using (
exists (select 1 from public.chat_members cm where cm.chat_id = messages.chat_id and cm.user_id = (select auth.uid()))
);
create policy "Members can insert messages." on messages for insert with check (
(select auth.uid()) = user_id and
exists (select 1 from public.chat_members cm where cm.chat_id = messages.chat_id and cm.user_id = (select auth.uid()))
);
-- 8. Audio Metadata
create table public.audio_metadata (
message_id uuid references public.messages(id) on delete cascade primary key,
duration numeric,
waveform_data jsonb,
transcript text,
transcript_en text,
summary text
);
alter table public.audio_metadata enable row level security;
create policy "Audio metadata viewable by authenticated users." on audio_metadata for select using ((select auth.role()) = 'authenticated');
-- Turn on Realtime for Messages
alter publication supabase_realtime add table messages;
+17
View File
@@ -0,0 +1,17 @@
-- 9. Trigger to push new auth users into public.users
create or replace function public.handle_new_user()
returns trigger
language plpgsql
security definer set search_path = ''
as $$
begin
insert into public.users (id, email, name)
values (new.id, new.email, new.raw_user_meta_data->>'full_name');
return new;
end;
$$;
drop trigger if exists on_auth_user_created on auth.users;
create trigger on_auth_user_created
after insert on auth.users
for each row execute procedure public.handle_new_user();