//prev

((auth.uid() = id) OR (institution_id = ( SELECT profiles_1.institution_id
   FROM profiles profiles_1
  WHERE (profiles_1.id = auth.uid()))))


// current
  -- Drop all existing policies on profiles (including any bad ones)
  do $$
  declare pol record;
  begin
    for pol in select policyname from pg_policies
               where tablename = 'profiles' and schemaname = 'public'
    loop
      execute format('drop policy if exists %I on public.profiles', pol.policyname);
    end loop;
  end $$;

  -- Recreate clean non-recursive policies
  create policy "Users can view own profile"
    on public.profiles for select
    using (auth.uid() = id);

  create policy "Users can update own profile"
    on public.profiles for update
    using (auth.uid() = id)
    with check (auth.uid() = id);