R4R: validate sign tx request's body

[alessio]

Closes: #3176

• Linked to github-issue with discussion and accepted design OR link to spec that describes this work.
• Wrote tests
• Updated relevant documentation (docs/)
• Added entries in PENDING.md with issue #
• rereviewed Files changed in the github PR explorer

---

For Admin Use:

• Added appropriate labels to PR (ex. wip, ready-for-review, docs)
• Reviewers Assigned
• Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

[alexanderbez]

Thanks @alessio -- a few minor remarks ^__^

[codecov]

Codecov Report

Merging #3179 into develop will increase coverage by <.01%.
The diff coverage is 0%.

@@             Coverage Diff             @@
##           develop    #3179      +/-   ##
===========================================
+ Coverage    54.72%   54.73%   +<.01%     
===========================================
  Files          132      132              
  Lines         9425     9427       +2     
===========================================
+ Hits          5158     5160       +2     
  Misses        3949     3949              
  Partials       318      318

[codecov]

Codecov Report

Merging #3179 into develop will increase coverage by 0.01%.
The diff coverage is 20%.

@@             Coverage Diff             @@
##           develop    #3179      +/-   ##
===========================================
+ Coverage    54.83%   54.84%   +0.01%     
===========================================
  Files          133      133              
  Lines         9559     9557       -2     
===========================================
  Hits          5242     5242              
+ Misses        3996     3994       -2     
  Partials       321      321

[fedekunze]

why are we using a flag on the REST tests ?

[alessio]

You may find the answer in InitializeTestLCD()

[fedekunze]

@alexanderbez your request was only for signing or for all of the unmarshal errors ?

[fedekunze]

add BaseReq and json:"base_req"

[alessio]

why? that would break the interface. Do we really need a nested object?

[fedekunze]

were using it like that everywhere on the POST requests. But maybe we need to consider removing it. Thoughts @alexanderbez @jackzampolin @faboweb ?

[alessio]

In that case, I'm fine with either

[alexanderbez]

Hmm, yes. So, me personally, I'd rather avoid having to use base_req. These are all primary/first-class-citizen fields of the request and not some inner resource, so I don't think it should be nested.

tl;dr I think we should leave this as-is and update the other REST requests (breaking, sorry I know).

[faboweb]

hmmm, currently the standard is to have base_req. I vote to keep this here to the standard and open an issue about changing this in all request to first class citizens. This should then probably also be discussed with others.
side note: I actually think this structure makes sense as it decouples the content and the meta information.

[fedekunze]

I'd also have the base_req for consistency, but I don't have a strong opinion on it since we weren't using it before on this request

[alexanderbez]

utACK ☕️

[jackzampolin]

I think this requires a swagger.yaml update. Can you please add that @alessio

[rigelrozanski]

Pretty straight forward changes

[rigelrozanski]

++

[rigelrozanski]

I'm a little bit confused as to why CodeUnautherized implies that there tx comes with no signatures... maybe we should have CodeNoSignatures? Don't deal with this code a lot just an outsider's perspective

[alessio]

CodeNoSignatures sounds good and self-explanatory to me 👍

[alessio]

Amended, please review again

[alessio]

@jackzampolin changed applied, please review

[jackzampolin]

Thanks @alessio, this works for me locally!