AIBE5_Project1_Team6/supabase_schema.sql at Develop · prgrms-aibe-devcourse/AIBE5_Project1_Team6 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

-- Create table for storing plans
create table if not exists plans (
  id uuid default gen_random_uuid() primary key,
  user_id uuid references auth.users(id) not null,
  title text not null,
  subtitle text,
  image text,
  nights int default 1,
  people int default 2,
  plan_text text,
  lat float,
  lon float,
  created_at timestamp with time zone default timezone('utc'::text, now()) not null,
  updated_at timestamp with time zone default timezone('utc'::text, now()) not null
);

-- Profiles Table (Users)
create table if not exists public.profiles (
  id uuid references auth.users(id) on delete cascade not null primary key,
  username text,
  avatar_url text,
  introduction text,
  updated_at timestamp with time zone default timezone('utc'::text, now()) not null
);

-- Enable RLS
alter table plans enable row level security;
alter table profiles enable row level security;

-- Profile Policies
create policy "Public profiles are viewable by everyone." on profiles for select using ( true );
create policy "Users can insert their own profile." on profiles for insert with check ( auth.uid() = id );
create policy "Users can update own profile." on profiles for update using ( auth.uid() = id );

-- Profile Triggers
create or replace function public.handle_new_user()
returns trigger language plpgsql security definer set search_path = public
as $$
begin
  insert into public.profiles (id, username, avatar_url)
  values (
    new.id,
    COALESCE(new.raw_user_meta_data ->> 'username', new.raw_user_meta_data ->> 'name', 'User_' || substr(new.id::text, 1, 8)),
    COALESCE(new.raw_user_meta_data ->> 'avatar_url', new.raw_user_meta_data ->> 'picture', '')
  ) on conflict (id) do nothing;
  return new;
end;
$$;

drop trigger if exists on_auth_user_created on auth.users;
create trigger on_auth_user_created after insert on auth.users for each row execute procedure public.handle_new_user();


-- Enable RLS
alter table plans enable row level security;

-- Create policy to allow users to see and manage only their own plans
create policy "Users can view their own plans" on plans
  for select using (auth.uid() = user_id);

create policy "Users can insert their own plans" on plans
  for insert with check (auth.uid() = user_id);

create policy "Users can update their own plans" on plans
  for update using (auth.uid() = user_id);

create policy "Users can delete their own plans" on plans
  for delete using (auth.uid() = user_id);

-- Chat tables
create table if not exists chat_room (
  id uuid default gen_random_uuid() primary key,
  user_id uuid references auth.users(id) not null,
  title text default 'Trip AI Chat',
  created_at timestamp with time zone default timezone('utc'::text, now()) not null
);

create table if not exists chat_message (
  id uuid default gen_random_uuid() primary key,
  room_id uuid references chat_room(id) on delete cascade not null,
  user_id uuid references auth.users(id) not null,
  role text check (role in ('user','assistant')) not null,
  content text not null,
  created_at timestamp with time zone default timezone('utc'::text, now()) not null
);

alter table chat_room enable row level security;
alter table chat_message enable row level security;

create policy "Users can manage own chat_room" on chat_room
  for all using (auth.uid() = user_id) with check (auth.uid() = user_id);

create policy "Users can manage own chat_message" on chat_message
  for all using (auth.uid() = user_id) with check (auth.uid() = user_id);