Class Members Tablosu RLS Politikaları#

ALTER TABLE "public"."class_members" ENABLE ROW LEVEL SECURITY;

CREATE POLICY "users_can_view_memberships" 
ON "public"."class_members" 
FOR SELECT 
TO "authenticated" 
USING (
  -- Öğrenciler: Kendi üyelikleri
  (("student_id" IN ( 
    SELECT "users"."id"
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = 1))
  ))) 
  OR 
  -- Admin/Editor: Tüm üyelikler
  (EXISTS ( 
    SELECT 1
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = ANY (ARRAY[3, 4])))
  ))
);

CREATE POLICY "authenticated_can_insert_memberships" 
ON "public"."class_members" 
FOR INSERT 
TO "authenticated" 
WITH CHECK (
  -- Öğrenci: Kendi üyeliği
  (("student_id" IN ( 
    SELECT "users"."id"
    FROM "public"."users"
    WHERE ("users"."auth_user_id" = "auth"."uid"())
  ))) 
  OR 
  -- Admin/Editor: Herhangi bir üyelik
  (EXISTS ( 
    SELECT 1
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = ANY (ARRAY[3, 4])))
  ))
);

CREATE POLICY "students_can_update_own_memberships" 
ON "public"."class_members" 
FOR UPDATE 
TO "authenticated" 
USING (
  -- Öğrenci: Kendi üyeliği
  (("student_id" IN ( 
    SELECT "users"."id"
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = 1))
  ))) 
  OR 
  -- Admin/Editor: Tüm üyelikler
  (EXISTS ( 
    SELECT 1
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = ANY (ARRAY[3, 4])))
  ))
) 
WITH CHECK (
  -- Öğrenci: Kendi üyeliği
  (("student_id" IN ( 
    SELECT "users"."id"
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = 1))
  ))) 
  OR 
  -- Admin/Editor: Tüm üyelikler
  (EXISTS ( 
    SELECT 1
    FROM "public"."users"
    WHERE (("users"."auth_user_id" = "auth"."uid"()) 
      AND ("users"."role_id" = ANY (ARRAY[3, 4])))
  ))
);

-- RPC fonksiyonu kullanımı (önerilen)
SELECT join_class_by_code('A2X9K7B1');

-- Alternatif: Direkt INSERT (RLS geçerli)
INSERT INTO class_members (class_id, student_id, joined_at)
VALUES (10, current_user_id, NOW());

UPDATE class_members
SET deleted_at = NOW()
WHERE id = 123 AND student_id = current_user_id;

INSERT INTO class_members (class_id, student_id, joined_at)
VALUES (10, 42, NOW());
-- Admin olduğu için herhangi bir student_id kullanabilir