fix: enforce Tess session ownership scope #715

Merged
jason.woltje merged 1 commits from fix/tess-session-ownership into main 2026-07-12 22:14:18 +00:00
Owner

Refs #707

Task: TESS-M1-SEC-002

Refs #707 Task: TESS-M1-SEC-002
jason.woltje added 1 commit 2026-07-12 21:34:26 +00:00
fix: enforce Tess session ownership scope
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
43ffbe7be3
Author
Owner

VERIFIED APPROVE reviewer-of-record [W-jarvis:reviewer] head 43ffbe7be3

Reviewed PR #715 as non-author against main at exact head 43ffbe7be3f67d20a565e50a464ae83d1175ad71.

Evidence:

  • Exact head verified: PR ref resolves to 43ffbe7be3f67d20a565e50a464ae83d1175ad71.
  • Scope verified: gateway session ownership/tenant binding only (apps/gateway plus scratchpad), no unrelated source surfaces.
  • REST and WebSocket session paths now derive owner/tenant scope server-side via authenticated user data and pass it into AgentService operations.
  • Cross-owner/tenant guessed session IDs return not-found/error without attaching, prompting, mutating thinking/model/agent state, or destroying foreign sessions.
  • System override and model override keys are scoped by tenant+user+conversation, preventing cross-tenant/session bleed.
  • Admin/system health keeps an explicit system-only session listing path; normal session APIs are scoped.
  • Tests cover AgentService owner/tenant checks, REST list/read/delete/chat denial, WebSocket attach/send/thinking/abort denial, and command override scope propagation.
  • git diff --check clean.
  • CI verified green on exact head: Woodpecker push pipeline #1684 and PR pipeline #1687 both success via pr-ci-wait -n 715.

No merge performed by reviewer.

VERIFIED APPROVE reviewer-of-record [W-jarvis:reviewer] head 43ffbe7be3f67d20a565e50a464ae83d1175ad71 Reviewed PR #715 as non-author against `main` at exact head `43ffbe7be3f67d20a565e50a464ae83d1175ad71`. Evidence: - Exact head verified: PR ref resolves to `43ffbe7be3f67d20a565e50a464ae83d1175ad71`. - Scope verified: gateway session ownership/tenant binding only (`apps/gateway` plus scratchpad), no unrelated source surfaces. - REST and WebSocket session paths now derive owner/tenant scope server-side via authenticated user data and pass it into `AgentService` operations. - Cross-owner/tenant guessed session IDs return not-found/error without attaching, prompting, mutating thinking/model/agent state, or destroying foreign sessions. - System override and model override keys are scoped by tenant+user+conversation, preventing cross-tenant/session bleed. - Admin/system health keeps an explicit system-only session listing path; normal session APIs are scoped. - Tests cover AgentService owner/tenant checks, REST list/read/delete/chat denial, WebSocket attach/send/thinking/abort denial, and command override scope propagation. - `git diff --check` clean. - CI verified green on exact head: Woodpecker push pipeline #1684 and PR pipeline #1687 both success via `pr-ci-wait -n 715`. No merge performed by reviewer.
jason.woltje merged commit 353e43c947 into main 2026-07-12 22:14:18 +00:00
jason.woltje deleted branch fix/tess-session-ownership 2026-07-12 22:14:18 +00:00
Sign in to join this conversation.
No Reviewers
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaicstack/stack#715