user_actions
Overview
The user_actions table records specific administrative actions taken against users, such as warnings, suspensions, or bans. Each action has a type, reason, and optional expiration for temporary actions.
Schema
-- From 20260202_admin_system.sql
CREATE TABLE user_actions (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID NOT NULL REFERENCES auth.users(id),
action_type TEXT NOT NULL CHECK (action_type IN ('warn', 'suspend', 'ban', 'unban', 'note')),
reason TEXT,
performed_by UUID NOT NULL REFERENCES auth.users(id),
expires_at TIMESTAMPTZ,
created_at TIMESTAMPTZ DEFAULT NOW()
);
Columns
| Column | Type | Nullable | Default | Description |
|---|---|---|---|---|
id | uuid | No | gen_random_uuid() | Primary key |
user_id | uuid | No | -- | User the action was taken against |
action_type | text | No | -- | Action type: warn, suspend, ban, unban, note |
reason | text | Yes | -- | Reason for the action |
performed_by | uuid | No | -- | Admin who performed the action |
expires_at | timestamptz | Yes | -- | When temporary action expires |
created_at | timestamptz | No | NOW() | When action was taken |
RLS Policies
-- SELECT: Admins can view all; users can view their own actions
CREATE POLICY "Users can view own actions, admins view all"
ON user_actions FOR SELECT
USING (
auth.uid() = user_id OR
EXISTS (SELECT 1 FROM admin_roles WHERE admin_roles.user_id = auth.uid())
);
-- INSERT: Only admins can create actions
CREATE POLICY "Admins can create user actions"
ON user_actions FOR INSERT
WITH CHECK (EXISTS (SELECT 1 FROM admin_roles WHERE admin_roles.user_id = auth.uid()));
Related
- profiles -- Target user
- admin_roles -- Admin who took action
- admin_audit_log -- Action also logged in audit
Last updated: 2026-02-07