Account type validation reads from env var instead of ledger settings — PATCH /settings has no effect

[gandalf-at-lerian]

Description

When validateAccountType is enabled via PATCH /v1/organizations/{org}/ledgers/{ledger}/settings, creating an account with an unregistered type still succeeds (201) instead of being rejected (400).

Root Cause

In components/ledger/internal/services/command/create-account.go, the applyAccountingValidations function reads from an environment variable:

accountingValidation := os.Getenv("ACCOUNT_TYPE_VALIDATION")
if !strings.Contains(accountingValidation, organizationID.String()+":"+ledgerID.String()) {
    logger.Log(ctx, libLog.LevelInfo, "Accounting validations are disabled")
    return nil
}

This is a legacy implementation. The newer PATCH /settings API stores the validateAccountType flag in the database, but applyAccountingValidations never reads from the DB — it only checks the env var ACCOUNT_TYPE_VALIDATION.

Meanwhile, other parts of the codebase (e.g. validate-accounting-routes.go) correctly read from GetLedgerSettingsParsed.

Expected Behavior

When validateAccountType: true is set via the settings API, the account creation flow should enforce type validation by reading from the DB settings, not from an env var.

Suggested Fix

Replace os.Getenv("ACCOUNT_TYPE_VALIDATION") in applyAccountingValidations with a call to the ledger settings query (e.g. GetLedgerSettingsParsed), consistent with how validate-accounting-routes.go handles it.