Update documentation references

Update remaining documentation files to remove references to the old approval flow and feature flags.

docs/SECURITY_FIXES_P0.md

@@ -139,7 +139,7 @@ SELECT * FROM user_roles; -- Should return all roles
 ### Problem
 Public edge functions lacked rate limiting, allowing abuse:
 - `/upload-image` - Unlimited file upload requests
-- `/process-selective-approval` - Unlimited moderation actions
+- `/process-selective-approval` - Unlimited moderation actions (atomic transaction RPC)
 - Risk of DoS attacks and resource exhaustion
 
 ### Solution
@@ -156,7 +156,7 @@ Created shared rate limiting middleware with multiple tiers:
 
 ### Files Modified
 - `supabase/functions/upload-image/index.ts`
-- `supabase/functions/process-selective-approval/index.ts`
+- `supabase/functions/process-selective-approval/index.ts` (atomic transaction RPC)
 
 ### Implementation
 
@@ -171,12 +171,12 @@ serve(withRateLimit(async (req) => {
 }, uploadRateLimiter, corsHeaders));
 ```
 
-#### Process-selective-approval (Per-user)
+#### Process-selective-approval (Per-user, Atomic Transaction RPC)
 ```typescript
 const approvalRateLimiter = rateLimiters.perUser(10); // 10 req/min per moderator
 
 serve(withRateLimit(async (req) => {
-  // Existing logic
+  // Atomic transaction RPC logic
 }, approvalRateLimiter, corsHeaders));
 ```
 
@@ -197,7 +197,7 @@ serve(withRateLimit(async (req) => {
 
 ### Verification
 ✅ Upload-image limited to 5 requests/minute  
-✅ Process-selective-approval limited to 10 requests/minute per moderator  
+✅ Process-selective-approval (atomic transaction RPC) limited to 10 requests/minute per moderator  
 ✅ Detect-location already has rate limiting (10 req/min)  
 ✅ Rate limit headers included in responses  
 ✅ 429 responses include Retry-After header