template-saas-database-v2/ddl/schemas/mlm/04-rls.sql

-- =============================================
-- RLS Policies: mlm
-- Module: SAAS-021 MLM (Multi-Level Marketing)
-- =============================================

-- Enable RLS on all tables
ALTER TABLE mlm.structures ENABLE ROW LEVEL SECURITY;
ALTER TABLE mlm.ranks ENABLE ROW LEVEL SECURITY;
ALTER TABLE mlm.nodes ENABLE ROW LEVEL SECURITY;
ALTER TABLE mlm.commissions ENABLE ROW LEVEL SECURITY;
ALTER TABLE mlm.bonuses ENABLE ROW LEVEL SECURITY;
ALTER TABLE mlm.rank_history ENABLE ROW LEVEL SECURITY;

-- ─────────────────────────────────────────────
-- structures policies
-- ─────────────────────────────────────────────
CREATE POLICY structures_tenant_isolation_select
    ON mlm.structures FOR SELECT
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY structures_tenant_isolation_insert
    ON mlm.structures FOR INSERT
    WITH CHECK (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY structures_tenant_isolation_update
    ON mlm.structures FOR UPDATE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY structures_tenant_isolation_delete
    ON mlm.structures FOR DELETE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

-- ─────────────────────────────────────────────
-- ranks policies
-- ─────────────────────────────────────────────
CREATE POLICY ranks_tenant_isolation_select
    ON mlm.ranks FOR SELECT
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY ranks_tenant_isolation_insert
    ON mlm.ranks FOR INSERT
    WITH CHECK (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY ranks_tenant_isolation_update
    ON mlm.ranks FOR UPDATE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY ranks_tenant_isolation_delete
    ON mlm.ranks FOR DELETE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

-- ─────────────────────────────────────────────
-- nodes policies
-- ─────────────────────────────────────────────
CREATE POLICY nodes_tenant_isolation_select
    ON mlm.nodes FOR SELECT
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY nodes_tenant_isolation_insert
    ON mlm.nodes FOR INSERT
    WITH CHECK (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY nodes_tenant_isolation_update
    ON mlm.nodes FOR UPDATE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY nodes_tenant_isolation_delete
    ON mlm.nodes FOR DELETE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

-- ─────────────────────────────────────────────
-- commissions policies
-- ─────────────────────────────────────────────
CREATE POLICY commissions_tenant_isolation_select
    ON mlm.commissions FOR SELECT
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY commissions_tenant_isolation_insert
    ON mlm.commissions FOR INSERT
    WITH CHECK (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY commissions_tenant_isolation_update
    ON mlm.commissions FOR UPDATE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY commissions_tenant_isolation_delete
    ON mlm.commissions FOR DELETE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

-- ─────────────────────────────────────────────
-- bonuses policies
-- ─────────────────────────────────────────────
CREATE POLICY bonuses_tenant_isolation_select
    ON mlm.bonuses FOR SELECT
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY bonuses_tenant_isolation_insert
    ON mlm.bonuses FOR INSERT
    WITH CHECK (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY bonuses_tenant_isolation_update
    ON mlm.bonuses FOR UPDATE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY bonuses_tenant_isolation_delete
    ON mlm.bonuses FOR DELETE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

-- ─────────────────────────────────────────────
-- rank_history policies
-- ─────────────────────────────────────────────
CREATE POLICY rank_history_tenant_isolation_select
    ON mlm.rank_history FOR SELECT
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY rank_history_tenant_isolation_insert
    ON mlm.rank_history FOR INSERT
    WITH CHECK (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY rank_history_tenant_isolation_update
    ON mlm.rank_history FOR UPDATE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);

CREATE POLICY rank_history_tenant_isolation_delete
    ON mlm.rank_history FOR DELETE
    USING (tenant_id = current_setting('app.current_tenant_id', true)::UUID);