From fe176d941684edc632865b6856dd98f61b87222e Mon Sep 17 00:00:00 2001
From: IV <ivan@ensam.pl>
Date: Thu, 29 May 2025 12:10:17 +0200
Subject: [PATCH] Adds a way to force pgledger_entries to be an append-only
 relation

---
 pgledger.sql | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/pgledger.sql b/pgledger.sql
index 83f780a..0443365 100644
--- a/pgledger.sql
+++ b/pgledger.sql
@@ -56,6 +56,21 @@ CREATE TABLE pgledger_entries (
 CREATE INDEX ON pgledger_entries(account_id);
 CREATE INDEX ON pgledger_entries(transfer_id);
 
+-- It's recommended to make pgledger_entries an append-only table
+-- REVOKE UPDATE, DELETE, INSERT ON pgledger_entries FROM PUBLIC;
+-- GRANT INSERT ON pgledger_entries TO app_role; -- change to the role your code uses
+
+-- CREATE OR REPLACE FUNCTION prevent_mutation_on_entries()
+-- RETURNS trigger AS $$
+-- BEGIN
+--     RAISE EXCEPTION
+--       'pgledger_entries is immutable – % not allowed', TG_OP;
+-- END;
+-- $$ LANGUAGE plpgsql;
+-- CREATE TRIGGER pgledger_entries_nochange
+-- BEFORE UPDATE OR DELETE ON pgledger_entries
+-- FOR EACH ROW EXECUTE FUNCTION prevent_mutation_on_entries();
+
 CREATE OR REPLACE FUNCTION pgledger_create_account(
     name_param TEXT,
     currency_param TEXT,