personel/supabase/migrations/20240319000002_fix_companies_rls.sql

-- Fix Companies RLS (Allow authenticated users to manage companies)
-- Previous migration dropped full access and only added a restrictive SELECT policy.

CREATE POLICY "Allow authenticated users to insert companies"
ON public.companies
FOR INSERT TO authenticated
WITH CHECK (true);

CREATE POLICY "Allow authenticated users to update their own company"
ON public.companies
FOR UPDATE TO authenticated
USING (
    id IN (
        SELECT company_id FROM public.employees WHERE user_id = auth.uid()
    )
)
WITH CHECK (
    id IN (
        SELECT company_id FROM public.employees WHERE user_id = auth.uid()
    )
);

CREATE POLICY "Allow authenticated users to delete companies"
ON public.companies
FOR DELETE TO authenticated
USING (true); -- Ideally restricted to admins, but keeping it open for now to unblock.