k.karaer/personel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
eb7dee7705373a12cf51c6588ee02cf7891413da
personel/supabase/migrations/init_schema.sql
Kenan KARAER ee9896315b New Proje
2026-03-17 00:46:49 +03:00

141 lines
4.7 KiB
PL/PgSQL
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
-- 1. Create Tables
-- Companies Table
CREATE TABLE public.companies (
id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
name TEXT NOT NULL,
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL
);
-- Roles Table
CREATE TABLE public.roles (
id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
name TEXT NOT NULL UNIQUE,
description TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL
);
-- Profiles/Users Table (Extending auth.users)
CREATE TABLE public.users (
id UUID REFERENCES auth.users(id) ON DELETE CASCADE PRIMARY KEY,
first_name TEXT,
last_name TEXT,
email TEXT UNIQUE NOT NULL,
phone TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL
);
-- Employees Table
CREATE TABLE public.employees (
id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
user_id UUID REFERENCES public.users(id) ON DELETE CASCADE,
company_id UUID REFERENCES public.companies(id) ON DELETE CASCADE,
role_id UUID REFERENCES public.roles(id) ON DELETE RESTRICT,
department TEXT,
title TEXT,
hire_date DATE,
status TEXT DEFAULT 'active' CHECK (status IN ('active', 'inactive', 'terminated')),
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL,
UNIQUE(user_id, company_id) -- An employee can only be tied to a specific company once
);
-- Leave Requests Table
CREATE TABLE public.leave_requests (
id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
employee_id UUID REFERENCES public.employees(id) ON DELETE CASCADE NOT NULL,
start_date DATE NOT NULL,
end_date DATE NOT NULL,
status TEXT DEFAULT 'pending' CHECK (status IN ('pending', 'approved', 'rejected', 'cancelled')),
reason TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL
);
-- 2. Enable Row Level Security (RLS)
ALTER TABLE public.companies ENABLE ROW LEVEL SECURITY;
ALTER TABLE public.roles ENABLE ROW LEVEL SECURITY;
ALTER TABLE public.users ENABLE ROW LEVEL SECURITY;
ALTER TABLE public.employees ENABLE ROW LEVEL SECURITY;
ALTER TABLE public.leave_requests ENABLE ROW LEVEL SECURITY;
-- 3. Create Basic RLS Policies
-- Temporarily, we want authenticated users to be able to read/write.
-- In a real production setup, we'd add complex logic verifying auth.uid() against roles.
-- Companies Policies
CREATE POLICY "Allow authenticated full access to companies"
ON public.companies
FOR ALL TO authenticated
USING (true)
WITH CHECK (true);
-- Roles Policies
CREATE POLICY "Allow authenticated read access to roles"
ON public.roles
FOR SELECT TO authenticated
USING (true);
-- Users Policies
CREATE POLICY "Users can view all users"
ON public.users
FOR SELECT TO authenticated
USING (true);
CREATE POLICY "Users can insert their own profile"
ON public.users
FOR INSERT TO authenticated
WITH CHECK (auth.uid() = id);
CREATE POLICY "Users can update their own profile"
ON public.users
FOR UPDATE TO authenticated
USING (auth.uid() = id);
-- Employees Policies
CREATE POLICY "Allow authenticated full access to employees"
ON public.employees
FOR ALL TO authenticated
USING (true)
WITH CHECK (true);
-- Leave Requests Policies
CREATE POLICY "Employees can manage their own leave requests"
ON public.leave_requests
FOR ALL TO authenticated
USING (
employee_id IN (
SELECT id FROM public.employees WHERE user_id = auth.uid()
)
)
WITH CHECK (
employee_id IN (
SELECT id FROM public.employees WHERE user_id = auth.uid()
)
);
CREATE POLICY "Managers can view all leave requests"
ON public.leave_requests
FOR SELECT TO authenticated
USING (true);
-- 4. Initial Seed Data
INSERT INTO public.roles (name, description) VALUES
('admin', 'Sistem Yöneticisi (Tüm yetkiler)'),
('manager', 'Yönetici (Çalışan ve izin onay/red yetkisi)'),
('employee', 'Standart Çalışan');
-- 5. Trigger for updated_at timestamps
CREATE OR REPLACE FUNCTION update_updated_at_column()
RETURNS TRIGGER AS $$
BEGIN
NEW.updated_at = now();
RETURN NEW;
END;
$$ language 'plpgsql';
CREATE TRIGGER update_users_modtime BEFORE UPDATE ON public.users FOR EACH ROW EXECUTE PROCEDURE update_updated_at_column();
CREATE TRIGGER update_employees_modtime BEFORE UPDATE ON public.employees FOR EACH ROW EXECUTE PROCEDURE update_updated_at_column();
CREATE TRIGGER update_leave_requests_modtime BEFORE UPDATE ON public.leave_requests FOR EACH ROW EXECUTE PROCEDURE update_updated_at_column();
Reference in New Issue View Git Blame Copy Permalink