fix: return to ballotpopup

[holloway]

• update the modal template route to take a param, rather than using request.path
• ensure every place that uses the ballot_icon template tag is added to the allow list of valid 'return to' route handlers.

[codecov]

Codecov Report

Attention: Patch coverage is 70.00000% with 3 lines in your changes missing coverage. Please review.

Project coverage is 88.78%. Comparing base (c7f6bde) to head (a7c575d).
Report is 48 commits behind head on main.

Files	Patch %	Lines
ietf/doc/views_doc.py	66.66%	2 Missing ⚠️
ietf/doc/templatetags/ballot_icon.py	75.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7858      +/-   ##
==========================================
- Coverage   88.78%   88.78%   -0.01%     
==========================================
  Files         296      303       +7     
  Lines       41320    41430     +110     
==========================================
+ Hits        36687    36784      +97     
- Misses       4633     4646      +13     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[holloway]

fyi @jennifer-richards: @rjsparks pointed out that the 'return to' param when coming from a modal doesn't make sense. Bootstrap modals are configured to scrape a modal template route (eg /doc/draft-ietf-opsawg-ipfix-tcpo-v6eh/ballotpopup/998718/) and then display that as a modal, so the 'return to' was the modal template route not the originating page from which the modal opened. This means there's a new layer of indirection when opening via modals, so the fix is to

• update the modal template route to take a param, rather than using request.path, and validate the param using the same logic as before.
• ensure every place that uses the ballot_icon template tag is added to the allow list of valid 'return to' route handlers. This is a bit like playing whack-a-mole, but I think I've found every usage.

[rjsparks]

This is a bit like playing whack-a-mole, but I think I've found every usage.

I think there are more, and the current behavior of the ballot modal is odd for pages that aren't included - it just dims the page the grid appears on, but the modal fails to appear.

Examples:

"GET /doc/draft-ietf-lamps-rfc8708bis/ballotpopup/1010652/?ballot_edit_return_point=/group/lamps/documents/ HTTP/1.0" 400 35
"GET /doc/draft-ietf-mls-architecture/ballotpopup/900022/?ballot_edit_return_point=/doc/in-last-call/ HTTP/1.0" 400 35
"GET /doc/draft-ietf-lamps-rfc8708bis/ballotpopup/1010652/?ballot_edit_return_point=/community/personal/[email protected]/ HTTP/1.0" 400 35

I think a careful traceback of any view that can include the ballot icon grid is what's going to have to happen, or the callback guard needs to be relaxed.

Could we review the threat model that leads to the current verification list?

[jennifer-richards]

Looking good, but I think a valid return point was missed. There are a couple minor bits of cleanup I suggest.

[jennifer-richards]

I hadn't noticed this pattern before, but you can avoid the lambda by using self.assertRaises() as a context manager:

with self.assertRaises(Exception):
    parse_ballot_edit_return_point(...)

I don't insist on changing this, but I find it a little easier to understand at a glance.

Should change Exception to ValueError though - I think that what comes back in every case, and it's better to be specific when possible. (And sorry for not catching this on an earlier review...)

[holloway]

Done

[jennifer-richards]

Lgtm. I didn't have a chance to double check that all the places search_result_row.html is included are in the allowed view list.

[holloway]

@jennifer-richards fyi here's my notes on tracing back from search_result_row.html

search_result_row.html
	search_results.html
		view_list.html
			ietf/community/views.view_list
		drafts_for_ad.html
			ietf/doc/views_search.docs_for_ad
		drafts_in_last_call.html
			ietf/doc/views_search.drafts_in_last_call
		recent_drafts.html
			ietf/doc/views_search.recent_drafts
		search/search.html
			ietf/doc/views_search.search
		group_documents.html
			ietf/group/views.group_documents
		stream_documents.html
			ietf/group/views.stream_documents
	agenda_documents.html
		ietf/iesg/views.agenda_documents

(those views are in the allowed list)