-- Allow our file-GC helpers to satisfy Supabase storage.protect_delete
-- without weakening the managed storage trigger for arbitrary raw deletes.
--
-- Supabase storage.protect_delete permits direct storage.objects deletes only
-- when the transaction-local GUC storage.allow_delete_query is 'true'.  The
-- Storage API sets that GUC for its own deletes.  public.files GC is our
-- trigger-side cleanup path, so scope the same GUC to these SECURITY DEFINER
-- helpers immediately before their storage.objects DELETE statements.

create or replace function public._delete_storage_objects(p_bucket text, p_path text)
returns void
language plpgsql security definer
set search_path to 'public', 'storage'
as $$
begin
  if p_bucket is null or p_path is null then
    return;
  end if;

  perform set_config('storage.allow_delete_query', 'true', true);

  delete from storage.objects where bucket_id = p_bucket and name = p_path;
  delete from storage.objects where bucket_id = p_bucket and name like p_path || '/%';
end
$$;

create or replace function public._delete_storage_prefix(p_bucket text, p_prefix text)
returns void
language plpgsql security definer
set search_path to 'public', 'storage'
as $$
begin
  if p_bucket is null or p_prefix is null then
    return;
  end if;

  perform set_config('storage.allow_delete_query', 'true', true);

  -- Delete any objects whose name starts with the prefix + '/'
  delete from storage.objects where bucket_id = p_bucket and name like p_prefix || '/%';
  -- In case an object exists exactly at the prefix (rare but safe)
  delete from storage.objects where bucket_id = p_bucket and name = p_prefix;
end
$$;

-- These helpers are intended for our SECURITY DEFINER GC triggers/helpers, not
-- as a general SQL delete API for application roles.
revoke all on function public._delete_storage_objects(text, text) from public;
revoke all on function public._delete_storage_prefix(text, text) from public;
revoke all on function public._delete_storage_objects(text, text) from anon, authenticated;
revoke all on function public._delete_storage_prefix(text, text) from anon, authenticated;