Adds a way to force pgledger_entries to be an append-only relation

[IvanVas]

No description provided.

[pgr0ss]

This is a cool idea. I'm wondering about the best way to include it, though. We can leave it as a comment, but then there's no guarantee it's correct. We could uncomment it and make it work with the default postgres from docker compose. But then it's a bit more work to port the sql to your own project.

Just brainstorming, but one idea would be to put it in its own file. That way, we can run it and write tests against it. But it would still be optional for someone using pgledger.sql in their own project.

[IvanVas]

no guarantee it's correct

True. I've tested it manually, but that's a one-time.

but one idea would be to put it in its own file

Yup, I like it! I was thinking about the same.
Smth like "security-hardening.sql", parameterised perhaps?

[pgr0ss]

Smth like "security-hardening.sql", parameterised perhaps?

Sure, let's try it and see how it goes. Thanks!

[Godwottery]

Generally good idea. Some minor comments.

[Godwottery]

Is there any particular reason why you choose the non-default "FOR EACH ROW" here? In my opinion it should be enough to fire it once per statement. If you try to UPDATE multiple rows in a single statement, you will unnecessarily raise many exceptions instead of only one.

[Godwottery]

Minor nit-pick only. For a full hardening, these should never be granted to PUBLIC. They should only be granted as necessary.

[Godwottery]

By always raising the exception, you prevent the option of having an admin that can update the row. Perhaps it would be useful to catch a missing permission error, and then raise this exception.

[aabbdev]

Nobody should ever update any entries. If the admin wants to make a change, they must append a new entry instead

[aabbdev]

It's good idea and mandatory for a ledger