supabase: extend initial migration and add first campaigns test

supabase/migrations/20250926123152_initial.sql

@@ -3,26 +3,56 @@ create table profiles (
     user_type text not null check (user_type in ('brand', 'creator', 'admin'))
 );
 alter table profiles enable row level security;
+create policy profiles_everyone_select
+    on profiles for select
+    to authenticated, anon
+    using (true);
+create policy profiles_user_update
+    on profiles for update
+    using ( (select auth.uid()) = user_id );
 
 create table brands (
-    profile_id uuid primary key references profiles(user_id) on delete cascade,
+    user_id uuid primary key references profiles(user_id) on delete cascade,
     company_name text not null,
     website text not null
 );
 alter table brands enable row level security;
+create policy brands_everyone_select
+    on brands for select
+    to authenticated, anon
+    using (true);
+create policy brands_user_update
+    on brands for update
+    using ( (select auth.uid()) = user_id );
 
 create table creators (
-    profile_id uuid primary key references profiles(user_id) on delete cascade,
+    user_id uuid primary key references profiles(user_id) on delete cascade,
     nickname text not null,
     bio text,
     social_links jsonb
 );
 alter table creators enable row level security;
+create policy creators_everyone_select
+    on creators for select
+    to authenticated, anon
+    using (true);
+create policy creators_user_update
+    on creators for update
+    using ( (select auth.uid()) = user_id );
+
 
 create table admins (
-    profile_id uuid primary key references profiles(user_id) on delete cascade
+    user_id uuid primary key references profiles(user_id) on delete cascade
 );
 alter table admins enable row level security;
+create policy admins_everyone_select
+    on admins for select
+    to authenticated, anon
+    using (true);
+create policy admins_user_update
+    on admins for update
+    using ( (select auth.uid()) = user_id );
+
 
 -- based on raw_user_meta_data, create a profile and subprofile for new users
 create function public.handle_new_user()
@@ -39,18 +69,18 @@ begin
     end if;
     insert into profiles (user_id, user_type) values (new.id, new.raw_user_meta_data ->> 'user_type');
     if user_type = 'brand' then
-        insert into brands (profile_id, company_name, website)
+        insert into brands (user_id, company_name, website)
         values (new.id,
                 new.raw_user_meta_data ->> 'company_name',
                 new.raw_user_meta_data ->> 'website');
     elsif user_type = 'creator' then
-        insert into creators (profile_id, nickname, bio, social_links)
+        insert into creators (user_id, nickname, bio, social_links)
         values (new.id,
                 new.raw_user_meta_data ->> 'nickname',
                 new.raw_user_meta_data ->> 'bio',
                 new.raw_user_meta_data ->> 'social_links');
     elsif user_type = 'admin' then
-        insert into admins (profile_id) values (new.id);
+        insert into admins (user_id) values (new.id);
     end if;
     return new;
 end;
@@ -61,7 +91,7 @@ create trigger on_auth_user_created
     for each row execute procedure public.handle_new_user();
 
 -- keep validation on subprofiles
-create or replace function public.enforce_profile_type(profile_id uuid, expected_type text)
+create or replace function public.enforce_profile_type(user_id uuid, expected_type text)
     returns void
     language plpgsql
     security definer set search_path = ''
@@ -70,10 +100,10 @@ declare
     actual_type text;
 begin
     select user_type into actual_type
-    from profiles where user_id = profile_id;
+    from profiles where user_id = user_id;
 
     if actual_type is null then
-        raise exception 'profile not found for id: %', profile_id;
+        raise exception 'profile not found for id: %', user_id;
     end if;
 
     if actual_type <> expected_type then
@@ -87,7 +117,7 @@ create or replace function public.check_brand_user_type()
     language plpgsql
     security definer set search_path = ''
 as $$ begin
-    perform public.enforce_profile_type(new.profile_id, 'brand');
+    perform public.enforce_profile_type(new.user_id, 'brand');
     return new;
 end; $$;
 
@@ -96,7 +126,7 @@ create or replace function public.check_creator_user_type()
     language plpgsql
     security definer set search_path = ''
 as $$ begin
-    perform public.enforce_profile_type(new.profile_id, 'creator');
+    perform public.enforce_profile_type(new.user_id, 'creator');
     return new;
 end; $$;
 
@@ -105,7 +135,7 @@ create or replace function public.check_admin_user_type()
     language plpgsql
     security definer set search_path = ''
 as $$ begin
-    perform public.enforce_profile_type(new.profile_id, 'admin');
+    perform public.enforce_profile_type(new.user_id, 'admin');
     return new;
 end; $$;
 

supabase/migrations/20250926150848_campaigns.sql

@@ -0,0 +1,19 @@
+create table public.campaigns (
+    id uuid primary key default gen_random_uuid(),
+    created_at timestamp with time zone not null default now(),
+    brand_id uuid not null references public.brands(user_id) on delete cascade,
+    description text not null default ''::text
+);
+alter table public.campaigns enable row level security;
+create policy everyone_view_only
+    on public.campaigns
+    as permissive
+    for select
+    to authenticated, anon
+    using (true);
+create policy users_manage_their_own_data
+    on public.campaigns
+    as permissive
+    for all
+    to authenticated
+    using ((( SELECT auth.uid() AS uid) = brand_id));