-- ============================================================================
-- OrbiQuant IA - Trading Platform
-- Schema: auth
-- File: tables/99-deferred-constraints.sql
-- Description: Notes on deferred constraints
-- ============================================================================

-- NOTE: The password_or_oauth constraint has been removed because PostgreSQL
-- does not support subqueries in CHECK constraints.
--
-- Original constraint intent:
--   Ensure user has either a password OR an OAuth account for authentication
--
-- This validation should be implemented at the application level:
--   - Backend: Validate in auth.service.ts during user creation/update
--   - Database: Consider using a TRIGGER if strict enforcement is required
--
-- Alternative: Create a trigger function
-- CREATE OR REPLACE FUNCTION auth.check_password_or_oauth()
-- RETURNS TRIGGER AS $$
-- BEGIN
--   IF NEW.password_hash IS NULL THEN
--     IF NOT EXISTS (SELECT 1 FROM auth.oauth_accounts WHERE user_id = NEW.id) THEN
--       RAISE EXCEPTION 'User must have either password or OAuth account';
--     END IF;
--   END IF;
--   RETURN NEW;
-- END;
-- $$ LANGUAGE plpgsql;
--
-- CREATE TRIGGER trg_check_password_or_oauth
--   AFTER INSERT OR UPDATE ON auth.users
--   FOR EACH ROW
--   EXECUTE FUNCTION auth.check_password_or_oauth();