From aef065275e8ffbce5a769e01500798697653f0a1 Mon Sep 17 00:00:00 2001
From: "Builder.io" <builder-bot@builder.io>
Date: Sat, 18 Oct 2025 04:25:19 +0000
Subject: [PATCH] Add storage policies for post_media bucket

cgen-cc02d60c869540d2809ca079dcd364e1
---
 .../20251018_storage_post_media_policies.sql  | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 supabase/migrations/20251018_storage_post_media_policies.sql

diff --git a/supabase/migrations/20251018_storage_post_media_policies.sql b/supabase/migrations/20251018_storage_post_media_policies.sql
new file mode 100644
index 00000000..b5f7625b
--- /dev/null
+++ b/supabase/migrations/20251018_storage_post_media_policies.sql
@@ -0,0 +1,21 @@
+-- Storage policies for post_media uploads
+begin;
+
+-- Ensure RLS is enabled on storage.objects
+alter table if exists storage.objects enable row level security;
+
+-- Allow public read for objects in post_media bucket (because bucket is public)
+DO $$ BEGIN
+  CREATE POLICY IF NOT EXISTS post_media_public_read ON storage.objects
+    FOR SELECT TO public
+    USING (bucket_id = 'post_media');
+EXCEPTION WHEN duplicate_object THEN NULL; END $$;
+
+-- Allow authenticated users to upload to post_media bucket
+DO $$ BEGIN
+  CREATE POLICY IF NOT EXISTS post_media_auth_insert ON storage.objects
+    FOR INSERT TO authenticated
+    WITH CHECK (bucket_id = 'post_media');
+EXCEPTION WHEN duplicate_object THEN NULL; END $$;
+
+commit;