-- Run this in your Supabase SQL editor or via psql

create table if not exists public.notes (
  id         uuid primary key default gen_random_uuid(),
  user_id    uuid not null references auth.users(id) on delete cascade,
  body       text not null check (char_length(body) > 0),
  created_at timestamptz not null default now()
);

-- Row Level Security: users can only touch their own notes
alter table public.notes enable row level security;

create policy "Users can select own notes"
  on public.notes for select
  using (auth.uid() = user_id);

create policy "Users can insert own notes"
  on public.notes for insert
  with check (auth.uid() = user_id);

create policy "Users can delete own notes"
  on public.notes for delete
  using (auth.uid() = user_id);