Refs #576: Reject control chars in account transaction filters

[Squirbie]

Summary

• reject raw control characters in /accounts/{account}?tx_type=... before trimming the transaction-type filter
• add regression coverage so tx_type=%09 returns a bounded 400 instead of falling back to the all-transactions view

Validation

• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python -m pytest tests/test_account_routes.py::test_account_page_filters_transactions_by_type -q
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python -m pytest tests/test_account_routes.py -q
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python -m pytest -q
• uv run --extra dev ruff check .
• uv run --extra dev ruff check app/accounts.py tests/test_account_routes.py
• uv run --extra dev ruff format --check app/accounts.py tests/test_account_routes.py
• uv run --extra dev mypy app/accounts.py
• uv run --extra dev python scripts/docs_smoke.py
• git diff --check

Summary by CodeRabbit

• Bug Fixes

  • Transaction type filter validation now rejects inputs containing control characters and responds with HTTP 400 and a descriptive error message.

• Tests

  • Added test coverage for control character validation in the transaction type filter endpoint.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 3b3c9bac-e7a0-42c5-9f9d-eef28517555d

📥 Commits

Reviewing files that changed from the base of the PR and between e00dc75 and 5a37055.

📒 Files selected for processing (2)

• app/accounts.py
• tests/test_account_routes.py

---

📝 Walkthrough

Walkthrough

This PR adds validation to the transaction-type filtering endpoint in accounts. The _transaction_type_filter validator now rejects transaction-type query strings containing control characters by raising a 400 HTTP error, before normal normalization and whitelisting. Test coverage validates the rejection with the specific error message.

Changes

Control Character Validation

Layer / File(s)	Summary
Control character validation in transaction type filter app/accounts.py	CONTROL_CHAR_RE is imported from app.ledger.service and integrated into _transaction_type_filter, which now rejects tx_type values containing control characters with a 400 HTTPException before normalization/whitelisting logic executes.
Test coverage for control character validation tests/test_account_routes.py	A test request supplies a control character (%09) in the tx_type parameter and asserts HTTP 400 response with the error message that transaction types must not contain control characters.

Possibly related PRs

• ramimbo/mergework#519: Both PRs extend the /accounts/{account} tx_type filtering logic in app/accounts.py and add/adjust test coverage in tests/test_account_routes.py for invalid tx_type values.

🚥 Pre-merge checks | ✅ 5 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The description covers the summary, validation steps, and issue reference, but lacks the structured template sections for Evidence (confusion addressed, bounty capacity, intended files, expected PR size, out of scope) and Test Evidence checkboxes.	Add the missing Evidence sections and Test Evidence checkboxes from the template to provide complete context about the problem addressed and validation performed.

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concretely names the changed surface: rejecting control characters in account transaction filters, which matches the primary change described in the changeset.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Mergework Public Artifact Hygiene	✅ Passed	PR contains only technical code changes (control character validation). No investment, price, cash-out, or security claims found in modified files or PR description.
Bounty Pr Focus	✅ Passed	Diff matches stated scope: 2 files changed, both targeted. Control char validation added before normalization with test coverage for tab rejection.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[eliasx45]

Reviewed current head 5a37055b52b63e325f15148540d6eb2eeaa0397e. Verdict: approve.

The change is scoped and applies the existing ledger control-character validator before account transaction-type normalization. That matters because %09 previously trimmed down into the default/all path instead of being rejected as malformed input. The new regression proves the account page now returns a bounded 400 for that case while preserving the existing valid bounty_payment / github_claim filters and invalid-type error.

Validation on this head:

git diff --check origin/main...HEAD
# clean

git merge-tree --write-tree origin/main HEAD
# f5c1672930c7c4bed024585ccc600026d4516938

..\mergework\.venv\Scripts\python.exe -m pytest tests/test_account_routes.py::test_account_page_filters_transactions_by_type -q
# 1 passed

..\mergework\.venv\Scripts\python.exe -m pytest tests/test_account_routes.py -q
# 4 passed

..\mergework\.venv\Scripts\python.exe -m ruff check app/accounts.py tests/test_account_routes.py
# All checks passed!

..\mergework\.venv\Scripts\python.exe -m ruff format --check app/accounts.py tests/test_account_routes.py
# 2 files already formatted

..\mergework\.venv\Scripts\python.exe -m mypy app/accounts.py
# Success: no issues found in 1 source file

..\mergework\.venv\Scripts\python.exe scripts/docs_smoke.py
# docs smoke ok

Hosted quality checks and CodeRabbit are green.

[barnacleagent-svg]

Verdict: APPROVED

Scope: Adds control character validation to account transaction type filter. Uses existing CONTROL_CHAR_RE pattern. Consistent with prior PRs (#609, #608, etc.).

Checklist:

• Diff: +4/-0, focused validation
• Uses established CONTROL_CHAR_RE
• Test coverage
• CI passing

Conclusion: Clean, consistent input validation. Ready to merge.