B2B-87: add company statistics consent (#29)

* B2B-87: add company statistics consent * add toggle for company statistics consent under profile * add toggle for company statistics consent under profile * add audit logging to accounts * change policy * add audit logging to accounts * remove full account data query and just query the entire account every time * add comment about consent toggle * make constants hardcoded, as dynamic ones do not work * add back pending check --------- Co-authored-by: Helena <helena@Helenas-MacBook-Pro.local>
2025-07-03 17:55:23 +03:00
parent 517dce3146
commit ad08155063
18 changed files with 298 additions and 36 deletions
--- a/supabase/migrations/20250630163951_alter_accounts_personal_code.sql
+++ b/supabase/migrations/20250630163951_alter_accounts_personal_code.sql
@@ -1,3 +1,5 @@
+ALTER TABLE "public"."invitations" ADD COLUMN IF NOT EXISTS personal_code text;
+
 DO $$
 BEGIN
  IF NOT EXISTS (
--- a/supabase/migrations/20250702095302_add_anonymized_company_statistics_consent_field.sql
+++ b/supabase/migrations/20250702095302_add_anonymized_company_statistics_consent_field.sql
@@ -0,0 +1,23 @@
+alter table "public"."accounts" add column "has_consent_anonymized_company_statistics" boolean;
+
+alter table "audit"."log_entries" alter column "record_key" set data type text using "record_key"::text;
+
+create policy "insert_own"
+on "audit"."log_entries"
+as permissive
+for insert
+to authenticated
+with check ((( SELECT auth.uid() AS uid) = changed_by));
+
+drop policy "service_role_all" on "audit"."sync_entries";
+
+create policy "service_role_all"
+on "audit"."sync_entries"
+as permissive
+for all
+to service_role
+using (true);
+
+CREATE TRIGGER log_account_change AFTER DELETE OR UPDATE ON public.accounts FOR EACH ROW EXECUTE FUNCTION audit.log_audit_changes();
+GRANT USAGE ON SCHEMA audit TO authenticated;
+grant insert on table audit.log_entries to authenticated;