amcs/migrations/100_rls_and_grants.sql

-- Grant these permissions to the database role used by the application.
-- Replace amcs with the actual role in your deployment before applying.
GRANT ALL ON TABLE public.thoughts TO amcs;
GRANT ALL ON TABLE public.projects TO amcs;
GRANT ALL ON TABLE public.thought_links TO amcs;
GRANT ALL ON TABLE public.embeddings TO amcs;

-- Household Knowledge (011)
-- GRANT ALL ON TABLE public.household_items TO amcs;
-- GRANT ALL ON TABLE public.household_vendors TO amcs;

-- Home Maintenance (012)
-- GRANT ALL ON TABLE public.maintenance_tasks TO amcs;
-- GRANT ALL ON TABLE public.maintenance_logs TO amcs;

-- Family Calendar (013)
-- GRANT ALL ON TABLE public.family_members TO amcs;
-- GRANT ALL ON TABLE public.activities TO amcs;
-- GRANT ALL ON TABLE public.important_dates TO amcs;

-- -- Meal Planning (014)
-- GRANT ALL ON TABLE public.recipes TO amcs;
-- GRANT ALL ON TABLE public.meal_plans TO amcs;
-- GRANT ALL ON TABLE public.shopping_lists TO amcs;

-- -- Professional CRM (015)
-- GRANT ALL ON TABLE public.professional_contacts TO amcs;
-- GRANT ALL ON TABLE public.contact_interactions TO amcs;
-- GRANT ALL ON TABLE public.opportunities TO amcs;

-- GRANT ALL ON TABLE public.stored_files TO amcs;
-- GRANT ALL ON TABLE public.agent_guardrails TO amcs;
-- GRANT ALL ON TABLE public.agent_skills TO amcs;

-- GRANT ALL ON TABLE public.project_skills TO amcs;

-- GRANT ALL ON TABLE public.project_guardrails TO amcs;

-- Chat Histories (018)
GRANT ALL ON TABLE public.chat_histories TO amcs;

GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO amcs;

DO $$ 
DECLARE 
    r RECORD;
BEGIN
    FOR r IN 
        SELECT tablename 
        FROM pg_tables 
        WHERE schemaname = 'public' -- Change 'public' to your schema name
    LOOP
        EXECUTE format('ALTER TABLE public.%I OWNER TO amcs', r.tablename);
    END LOOP;
END $$;