hata düzeltme 1

2026-01-13 22:37:50 +03:00
parent 32009b4886
commit dc1b6f1359
11 changed files with 658 additions and 30 deletions
--- a/supabase_schema_netgsm.sql
+++ b/supabase_schema_netgsm.sql
@@ -0,0 +1,83 @@
+-- Create sms_settings table
+CREATE TABLE IF NOT EXISTS public.sms_settings (
+    id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+    provider TEXT DEFAULT 'netgsm',
+    api_url TEXT DEFAULT 'https://api.netgsm.com.tr/sms/send/get',
+    username TEXT,
+    password TEXT,
+    header TEXT,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now())
+);
+
+-- Create sms_logs table
+CREATE TABLE IF NOT EXISTS public.sms_logs (
+    id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+    phone TEXT NOT NULL,
+    message TEXT NOT NULL,
+    status TEXT, -- 'success' or 'error'
+    response_code TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now())
+);
+
+-- Enable RLS
+ALTER TABLE public.sms_settings ENABLE ROW LEVEL SECURITY;
+ALTER TABLE public.sms_logs ENABLE ROW LEVEL SECURITY;
+
+-- RLS Policies for sms_settings
+-- Only admins can view settings
+CREATE POLICY "Admins can view sms settings" ON public.sms_settings
+    FOR SELECT
+    USING (
+        exists (
+            select 1 from public.profiles
+            where profiles.id = auth.uid()
+            and profiles.role = 'admin'
+        )
+    );
+
+-- Only admins can update settings
+CREATE POLICY "Admins can update sms settings" ON public.sms_settings
+    FOR UPDATE
+    USING (
+        exists (
+            select 1 from public.profiles
+            where profiles.id = auth.uid()
+            and profiles.role = 'admin'
+        )
+    );
+
+-- Only admins can insert settings (though usually init script does this)
+CREATE POLICY "Admins can insert sms settings" ON public.sms_settings
+    FOR INSERT
+    WITH CHECK (
+        exists (
+            select 1 from public.profiles
+            where profiles.id = auth.uid()
+            and profiles.role = 'admin'
+        )
+    );
+
+-- RLS Policies for sms_logs
+-- Only admins can view logs
+CREATE POLICY "Admins can view sms logs" ON public.sms_logs
+    FOR SELECT
+    USING (
+        exists (
+            select 1 from public.profiles
+            where profiles.id = auth.uid()
+            and profiles.role = 'admin'
+        )
+    );
+
+-- System functionality (via Service Role) will bypass RLS, so we don't strictly need INSERT policies for user logic 
+-- unless we want admins to manually insert logs (unlikely).
+-- But for good measure, allow admins to delete logs if needed
+CREATE POLICY "Admins can delete sms logs" ON public.sms_logs
+    FOR DELETE
+    USING (
+        exists (
+            select 1 from public.profiles
+            where profiles.id = auth.uid()
+            and profiles.role = 'admin'
+        )
+    );