feat(docs): Formal Schemas for Signed Docs

[stevenj]

Description

Thanks for contributing to the project!
Please fill out this template to help us review your changes.

Related Issue(s)

List the issue numbers related to this pull request.

e.g., Closes #123, Resolves #456 Fixes #367

Description of Changes

Provide a clear and concise description of what the pull request changes.

Breaking Changes

Describe any breaking changes and the impact.

Screenshots

If applicable, add screenshots to help explain your changes.

Related Pull Requests

If applicable, list any related pull requests.

e.g., #123, #456

Please confirm the following checks

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream module

[github-actions]

✅ Test Report | ${\color{lightgreen}Pass: 287/287}$ | ${\color{red}Fail: 0/287}$ |

[github-actions]

✅ Test Report | ${\color{lightgreen}Pass: 287/287}$ | ${\color{red}Fail: 0/287}$ |

[github-actions]

✅ Test Report | ${\color{lightgreen}Pass: 302/302}$ | ${\color{red}Fail: 0/302}$ |

[neil-iohk]

Question regarding the signer flow for actions and where we define any restrictions.

In proposal_submission_action.cue, I see referenced: true in the signers section. Is this what prevents unauthorised users from submitting other users proposals? This field is optional, so may not appear in the proposal doc. We will of course validate the ownership and signer in the backend but should we specifically state here that the signer of an action must be either the owner or collaborator of the referenced document.

If a proposal has multiple collaborators, and we enforce that a submission action must have the same signer as the referenced proposal, wouldn't this prevent collaborators from submitting the proposal if they weren't the original signer?

If validation is done on roles is it possible for someone to create an action on a proposal document that is not theirs, it will be ignored by the back end is there a way to prevent the creation of such a document?

Trying to understand the restrictions and rules and where they will be applied, not a blocking comment to merge code, but would like to explore further.

[neil-iohk]

Question regarding the signer flow for actions and where we define any restrictions.

In proposal_submission_action.cue, I see referenced: true in the signers section. Is this what prevents unauthorised users from submitting other users proposals? This field is optional, so may not appear in the proposal doc. We will of course validate the ownership and signer in the backend but should we specifically state here that the signer of an action must be either the owner or collaborator of the referenced document.

If a proposal has multiple collaborators, and we enforce that a submission action must have the same signer as the referenced proposal, wouldn't this prevent collaborators from submitting the proposal if they weren't the original signer?

If validation is done on roles is it possible for someone to create an action on a proposal document that is not theirs, it will be ignored by the back end is there a way to prevent the creation of such a document?

Trying to understand the restrictions and rules and where they will be applied, not a blocking comment to merge code, but would like to explore further.

happy with flow following discussion on flow and signing approach for various doc types and rules. 👍

[nathanbogale]

LGTM