feat(admin): complete decoration module database integration including DIY pages, RLS and RPCs

docs/sql/20_rls/decoration/ml_decoration_rls_v1.sql

@@ -0,0 +1,18 @@
+-- =====================================================================================
+-- RLS: 装修模块 - DIY 页面安全策略
+-- 位置：docs/sql/20_rls/decoration/ml_decoration_rls_v1.sql
+-- 对象类型：RLS 策略
+-- 版本：v1
+-- 说明：消费者端公开只读已发布的页面；管理端通过 SECURITY DEFINER RPC 进行管理
+-- =====================================================================================
+
+-- 1. 启用 RLS
+ALTER TABLE public.ak_diy_pages ENABLE ROW LEVEL SECURITY;
+
+-- 2. 消费者端策略：允许匿名和登录用户读取已启用的页面
+DROP POLICY IF EXISTS diy_pages_select_active ON public.ak_diy_pages;
+CREATE POLICY diy_pages_select_active ON public.ak_diy_pages 
+FOR SELECT TO anon, authenticated 
+USING (is_active = true);
+
+-- 管理端全量管理将通过 SECURITY DEFINER 的 RPC 接口执行，此处不再额外开放直接表操作