Skip to content

bug: ACP prompt delivery fails — tenantId fallback 'system' vs SYSTEM_TENANT mismatch #3237

Description

@OneStepAt4time

Summary

When req.tenantId is undefined (auth disabled / no master-tenant header), ACP-routed prompt delivery fails with:

ACP session not found in the requested tenant and owner scope: <id>

acpBackend.createSession(...) stores the session under tenantId: req.tenantId ?? SYSTEM_TENANT (= '_system'), but four downstream acpBackend.sendPrompt(...) call sites fall back to the literal 'system'. The lookup misses every time the request doesn't carry an authenticated tenant.

Affected call sites

  • src/routes/sessions.ts:401 — existing-idle-session prompt
  • src/routes/sessions.ts:472 — new-session initial prompt
  • src/routes/session-actions.ts:57POST /v1/sessions/:id/send
  • src/routes/session-actions.ts:275POST /v1/sessions/:id/command

Reproduction

  1. Build: npm run build
  2. Start with auth disabled: AEGIS_DISABLE_AUTH=true node dist/cli.js
  3. POST /v1/sessions with a prompt field → response includes promptDelivery.delivered=false, error: "ACP session not found in the requested tenant and owner scope".
  4. ACP child process and Claude CLI spawn correctly — only the prompt delivery JSON-RPC fails because the lookup scope doesn't match the create scope.

Fix

Replace the four literal 'system' fallbacks with the existing SYSTEM_TENANT constant so the unauth scope matches the create-time scope.

Verification

Reproduced and validated locally on develop (HEAD 536ff01) with Claude Code 2.1.139. After the fix, both initial prompt and /send follow-up are delivered (delivered: true) and assistant text appears in the JSONL transcript.

Phase / scope

Phase 3.5 — ACP backend migration. Tenant scoping is part of the multi-tenancy primitives. The fix is surgical: 4 swaps + 1 missing import.

Metadata

Metadata

Assignees

No one assigned

    Labels

    P2backendbugSomething isn't workingreleasedIncluded in a published release

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions