do $$
begin
  if not exists (
    select 1
    from pg_policies
    where schemaname = 'public'
      and tablename = 'posts'
      and policyname = 'Admins can see everything'
  ) then
    create policy "Admins can see everything"
      on posts
      for select
      to authenticated
      using (
        (select role from profiles where id = auth.uid()) in ('admin', 'moderator')
      );
  end if;
end $$;