Follow-up from PR #25 (DELACC) review at the 3-round cap.
(medium) Validate body fields against path on DELETE
- File: src/main/java/com/augment/cbsa/web/delacc/DelaccController.java:51
- DelaccRequestDto is validated but its body fields are not consulted; the delete is driven solely by the {accno} path variable. A mismatched body (different DelAccAccno or sortcode) would still delete the path account. When DelAccAccno/DelAccScode are present in the body, validate they match the path/configured sortcode or return 400.
Same shape as the DELCUS path/body cross-validation tracked in #23 — both can be addressed together.
Follow-up from PR #25 (DELACC) review at the 3-round cap.
(medium) Validate body fields against path on DELETE
Same shape as the DELCUS path/body cross-validation tracked in #23 — both can be addressed together.