Fix row level security policies for waterway admin Since 'staging_done OR' was added to the conditions to improve performance for read access, it was also allowed to delete and partly update entries with staging_done set to true but otherwise being outside the country of the respective waterway admin. Using an extra policy for each command and using the 'staging_done OR' tweak only FOR SELECT should fix authorization while keeping performance.

# documentation
**/README*
**/docs
**/*.md

# backend binary
cmd/gemma/gemma

# Dependency directories
.buildbase
**/node_modules

# local dotenv environment variables file
client/.env.local

# Tags tables
**/TAGS