41 lines
1.0 KiB
SQL
41 lines
1.0 KiB
SQL
-- Allow teachers to create and manage their own lessons for schools they manage
|
|
|
|
-- Teachers can insert lessons for their managed schools
|
|
CREATE POLICY "Teachers can insert lessons for their schools"
|
|
ON "Lesson"
|
|
FOR INSERT
|
|
TO authenticated
|
|
WITH CHECK (
|
|
requesting_user_role() = 'teacher'
|
|
AND "teacherId" = requesting_user_id()
|
|
AND teacher_can_manage_school("schoolId")
|
|
);
|
|
|
|
-- Teachers can update their own lessons
|
|
CREATE POLICY "Teachers can update their lessons"
|
|
ON "Lesson"
|
|
FOR UPDATE
|
|
TO authenticated
|
|
USING (
|
|
requesting_user_role() = 'teacher'
|
|
AND "teacherId" = requesting_user_id()
|
|
AND teacher_can_manage_school("schoolId")
|
|
)
|
|
WITH CHECK (
|
|
requesting_user_role() = 'teacher'
|
|
AND "teacherId" = requesting_user_id()
|
|
AND teacher_can_manage_school("schoolId")
|
|
);
|
|
|
|
-- Teachers can delete their own lessons
|
|
CREATE POLICY "Teachers can delete their lessons"
|
|
ON "Lesson"
|
|
FOR DELETE
|
|
TO authenticated
|
|
USING (
|
|
requesting_user_role() = 'teacher'
|
|
AND "teacherId" = requesting_user_id()
|
|
AND teacher_can_manage_school("schoolId")
|
|
);
|
|
|