-- Fix moderation ledger delete protection: missing allow_ledger_delete setting must default to false

CREATE OR REPLACE FUNCTION ledger_prevent_delete()
RETURNS TRIGGER AS $$
BEGIN
    -- Allow deletion only by superuser (for legal compliance like GDPR)
    IF NOT COALESCE(current_setting('likwid.allow_ledger_delete', true), 'false')::boolean THEN
        RAISE EXCEPTION 'Moderation ledger entries cannot be deleted. Set likwid.allow_ledger_delete = true for legal compliance deletions.';
    END IF;

    -- Log the deletion attempt
    INSERT INTO ledger_deletion_log (entry_id, deleted_by, reason)
    VALUES (OLD.id, current_user, current_setting('likwid.deletion_reason', true));

    RETURN OLD;
END;
$$ LANGUAGE plpgsql;