diff --git a/server/src/__tests__/authorization-service.test.ts b/server/src/__tests__/authorization-service.test.ts index 12292707..09b98af2 100644 --- a/server/src/__tests__/authorization-service.test.ts +++ b/server/src/__tests__/authorization-service.test.ts @@ -706,6 +706,54 @@ describeEmbeddedPostgres("authorization service", () => { })).resolves.toMatchObject({ allowed: false, reason: "deny_low_trust_boundary" }); }); + it("allows a mentioned non-assignee to comment when the mention author is the issue assignee", async () => { + const company = await createCompany(db, "MentionCommentAssigneeGrant"); + const allowedProject = await createProject(db, company.id, "MentionAssigneeAllowed"); + const targetProject = await createProject(db, company.id, "MentionAssigneeTarget"); + const assigneeAgent = await createAgent(db, company.id, { role: "coach" }); + const mentionedAgent = await createAgent(db, company.id, { + role: "qa", + permissions: { + trustPreset: LOW_TRUST_REVIEW_PRESET, + authorizationPolicy: { + trustBoundary: { + mode: LOW_TRUST_REVIEW_PRESET, + companyId: company.id, + projectIds: [allowedProject.id], + }, + }, + }, + }); + const issue = await createIssue(db, company.id, { + title: "Assignee-authored mention reply target", + projectId: targetProject.id, + assigneeAgentId: assigneeAgent.id, + }); + await db.insert(issueComments).values({ + companyId: company.id, + issueId: issue.id, + authorAgentId: assigneeAgent.id, + authorType: "agent", + body: `[@QA](agent://${mentionedAgent.id}) please reply on this issue.`, + }); + + await expect(authorizationService(db).decide({ + actor: { type: "agent", agentId: mentionedAgent.id, companyId: company.id, source: "agent_key" }, + action: "issue:comment", + resource: { + type: "issue", + companyId: company.id, + issueId: issue.id, + projectId: issue.projectId, + assigneeAgentId: assigneeAgent.id, + status: issue.status, + }, + })).resolves.toMatchObject({ + allowed: true, + reason: "allow_issue_mention_grant", + }); + }); + it("does not grant mention-scoped issue access from self-authored or unauthorized-author comments", async () => { const company = await createCompany(db, "MentionCommentDenied"); const allowedProject = await createProject(db, company.id, "MentionDeniedAllowed"); diff --git a/server/src/__tests__/issue-agent-mutation-ownership-routes.test.ts b/server/src/__tests__/issue-agent-mutation-ownership-routes.test.ts index 701f3d50..436915de 100644 --- a/server/src/__tests__/issue-agent-mutation-ownership-routes.test.ts +++ b/server/src/__tests__/issue-agent-mutation-ownership-routes.test.ts @@ -19,6 +19,7 @@ const mockIssueService = vi.hoisted(() => ({ getAttachmentById: vi.fn(), getByIdentifier: vi.fn(), getById: vi.fn(), + getComment: vi.fn(), getRelationSummaries: vi.fn(), getWakeableParentAfterChildCompletion: vi.fn(), list: vi.fn(), @@ -376,6 +377,7 @@ describe("agent issue mutation checkout ownership", () => { mockIssueService.getAttachmentById.mockReset(); mockIssueService.getByIdentifier.mockReset(); mockIssueService.getById.mockReset(); + mockIssueService.getComment.mockReset(); mockIssueService.getRelationSummaries.mockReset(); mockIssueService.getWakeableParentAfterChildCompletion.mockReset(); mockIssueService.list.mockReset(); @@ -484,6 +486,12 @@ describe("agent issue mutation checkout ownership", () => { mockCompanyService.getById.mockResolvedValue({ id: companyId, issuePrefix: "PAP" }); mockIssueService.getById.mockResolvedValue(makeIssue()); mockIssueService.getByIdentifier.mockResolvedValue(null); + mockIssueService.getComment.mockResolvedValue({ + id: "comment-1", + issueId, + companyId, + body: "Mentioned reply context.", + }); mockIssueService.list.mockResolvedValue([makeIssue()]); mockIssueService.assertCheckoutOwner.mockResolvedValue({ adoptedFromRunId: null }); mockIssueService.create.mockImplementation(async (_companyId: string, input: Record) => ({ @@ -801,6 +809,23 @@ describe("agent issue mutation checkout ownership", () => { }); }); + it("rejects peer agents from reading a specific comment when issue read is outside their boundary", async () => { + mockAccessService.decide.mockImplementation(async (input: { action: string }) => ({ + allowed: false, + action: input.action, + reason: "deny_low_trust_boundary", + explanation: "Issue is outside this low-trust boundary.", + })); + + const res = await request(await createApp(peerActor())) + .get(`/api/issues/${issueId}/comments/comment-1`); + + expect(res.status, JSON.stringify(res.body)).toBe(403); + expect(res.body.error).toBe("Issue is outside this actor's authorization boundary"); + expect(mockAccessService.decide).toHaveBeenCalledWith(expect.objectContaining({ action: "issue:read" })); + expect(mockIssueService.getComment).not.toHaveBeenCalled(); + }); + it("keeps true issue mutations denied for mentioned peer agents", async () => { mockIssueService.getById.mockResolvedValue(makeIssue({ status: "todo", assigneeAgentId: ownerAgentId })); mockAccessService.decide.mockImplementation(async (input: { action: string }) => ({ diff --git a/server/src/__tests__/low-trust-red-team-routes.test.ts b/server/src/__tests__/low-trust-red-team-routes.test.ts index d97a8400..e34a42b0 100644 --- a/server/src/__tests__/low-trust-red-team-routes.test.ts +++ b/server/src/__tests__/low-trust-red-team-routes.test.ts @@ -586,6 +586,50 @@ describeEmbeddedPostgres("low-trust red-team HTTP route regression suite", () => }); }); + it("allows mentioned low-trust agents to comment on out-of-bound assigned issues", async () => { + const fixture = await seedLowTrustFixture(db); + const [targetIssue] = await db.insert(issues).values({ + companyId: fixture.company.id, + projectId: fixture.projects.outOfScope.id, + title: "Coach-owned mention target", + status: "in_progress", + priority: "medium", + assigneeAgentId: fixture.agents.standard.id, + }).returning(); + await db.insert(issueComments).values({ + companyId: fixture.company.id, + issueId: targetIssue!.id, + authorAgentId: fixture.agents.standard.id, + authorType: "agent", + body: `[@Low Trust Reviewer](agent://${fixture.agents.lowTrust.id}) please verify this issue.`, + }); + + const unmentioned = await db.insert(agents).values({ + companyId: fixture.company.id, + name: "Unmentioned Low Trust Reviewer", + role: "engineer", + adapterType: "process", + adapterConfig: {}, + runtimeConfig: {}, + permissions: fixture.agents.lowTrust.permissions, + }).returning().then((rows) => rows[0]!); + + const comment = await request(createApp(db, agentActor(fixture))) + .post(`/api/issues/${targetIssue!.id}/comments`) + .send({ body: "Mention-scoped verification complete." }); + expect(comment.status, JSON.stringify(comment.body)).toBe(201); + expect(comment.body).toMatchObject({ + issueId: targetIssue!.id, + authorAgentId: fixture.agents.lowTrust.id, + }); + + const unmentionedComment = await request(createApp(db, agentActor(fixture, unmentioned.id))) + .post(`/api/issues/${targetIssue!.id}/comments`) + .send({ body: "I was not mentioned." }); + expect(unmentionedComment.status, JSON.stringify(unmentionedComment.body)).toBe(403); + expect(unmentionedComment.body.error).toBe("Issue is outside this actor's authorization boundary"); + }); + it("propagates denied low-trust policy conflicts on control-plane guards", async () => { const fixture = await seedLowTrustFixture(db); const conflictingExecutionPolicy = { diff --git a/server/src/routes/issues.ts b/server/src/routes/issues.ts index 2565eb3f..1a4897b0 100644 --- a/server/src/routes/issues.ts +++ b/server/src/routes/issues.ts @@ -7122,6 +7122,7 @@ export function issueRoutes( return; } assertCompanyAccess(req, issue.companyId); + if (!(await assertIssueReadAllowed(req, res, issue))) return; const comment = await svc.getComment(commentId); if (!comment || comment.issueId !== id) { res.status(404).json({ error: "Comment not found" });