feat: add first-class system handle semantics#682
feat: add first-class system handle semantics#682noodleonthecape wants to merge 2 commits intomainfrom
Conversation
noodleonthecape
requested review from
khaliqgant and
willwashburn
as code owners
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
There was a problem hiding this comment.
🔴 is_human_sender falls through to heuristic for SenderKind::System, allowing potential ACL bypass
The is_human_sender function in src/control.rs only explicitly handles SenderKind::Human (return true) and SenderKind::Agent (return false). The new SenderKind::System variant falls through to the string-based heuristic, which checks whether the sender name starts with "human:". If a system-kind sender happens to have a name matching the human heuristic (e.g. "human:scheduler"), is_human_sender would incorrectly return true. This matters because can_release_child at src/control.rs:16 grants release privileges to human senders — so a misclassified system sender could bypass the owner-check ACL.
(Refers to lines 8-13)
Was this helpful? React with 👍 or 👎 to provide feedback.
|
|
||
| event_id: str | ||
| from_name: str | ||
| from_kind: Optional[SenderKind] |
There was a problem hiding this comment.
🔴 Python Message.from_kind is a required field without a default, breaking the public API
In packages/sdk-py/src/agent_relay/relay.py, the Message dataclass has from_kind: Optional[SenderKind] inserted between from_name and to without a default value of None. Despite being Optional, Python dataclasses require fields without defaults to be provided by all callers. Since Message is exported in __all__ (packages/sdk-py/src/agent_relay/__init__.py:82), any external code constructing a Message without specifying from_kind will get a TypeError. Adding = None would maintain backward compatibility.
| from_kind: Optional[SenderKind] | |
| from_kind: Optional[SenderKind] = None |
Was this helpful? React with 👍 or 👎 to provide feedback.
1 participant
Summary
Notes
This removes the old conflation where system() was effectively a human handle. System-origin messages remain ergonomic to send, but are now modeled as a distinct participant kind.