Lago/mc_cars_gmbh_infraestructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: update upload functionality and permissions for document handling

Browse Source 
- Removed the `upsert` option from the file upload in `uploadDoc` function to prevent unintended overwrites.
- Enhanced German translations in `i18n.js` for better clarity and consistency in the admin interface.
- Added new CSS styles for link interactions to improve user experience in `styles.css`.
- Updated Supabase SQL migration to grant additional permissions for anonymous users to insert and update storage objects, ensuring proper functionality during the booking flow.

Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
LagoESP
2026-04-29 20:09:27 +02:00
parent 30e296f61b
commit 4c1931cdf4
830 changed files with 9051 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files
supabase/migrations/post-boot.sql
+19 -2
View File
@@ -66,6 +66,8 @@ grant anon, authenticated, service_role to supabase_storage_admin;
grant select on storage.buckets to anon, authenticated;
grant all on storage.buckets to service_role;
grant select on storage.objects to anon;
grant insert on storage.objects to anon;
grant update on storage.objects to anon;
grant select, insert, update, delete on storage.objects to authenticated;
grant all on storage.objects to service_role;
@@ -101,15 +103,30 @@ on conflict (id) do update
allowed_mime_types = excluded.allowed_mime_types;
drop policy if exists "custdocs_anon_upload" on storage.objects;
drop policy if exists "custdocs_anon_select" on storage.objects;
drop policy if exists "custdocs_anon_update" on storage.objects;
drop policy if exists "custdocs_anon_upsert_update" on storage.objects;
drop policy if exists "custdocs_public_upload" on storage.objects;
drop policy if exists "custdocs_public_upsert_update" on storage.objects;
drop policy if exists "custdocs_admin_read" on storage.objects;
drop policy if exists "custdocs_admin_delete" on storage.objects;
-- Anon can upload during booking flow
-- Anon can upload (insert) during booking flow
create policy "custdocs_anon_upload"
on storage.objects for insert to anon
with check (bucket_id = 'customer-documents');
-- Only authenticated admins can read/delete
-- Anon needs SELECT + UPDATE for x-upsert to work (Supabase storage requirement)
create policy "custdocs_anon_select"
on storage.objects for select to anon
using (bucket_id = 'customer-documents');
create policy "custdocs_anon_update"
on storage.objects for update to anon
using (bucket_id = 'customer-documents')
with check (bucket_id = 'customer-documents');
-- Authenticated admins can read/delete
create policy "custdocs_admin_read"
on storage.objects for select to authenticated
using (bucket_id = 'customer-documents');