fix: use ROOT role for extract context to bypass peer isolation in trusted auth mode#3172
Open
njuboy11 wants to merge 1 commit into
Open
fix: use ROOT role for extract context to bypass peer isolation in trusted auth mode#3172njuboy11 wants to merge 1 commit into
njuboy11 wants to merge 1 commit into
Conversation
…usted auth mode In _run_memory_extraction(), the session's self.ctx has Role.USER when running in trusted auth mode. This triggers is_hidden_by_actor_peer_view() checks that block VLM tool calls on peers/<id>/memories/ paths, causing all memory extraction to silently fail with 0/0/0 memory_diff. Create extract_ctx with Role.ROOT for the internal extract operations, which need full access to read/write the owner's peer memories. Fixes volcengine#3171
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When OV runs with
auth_mode=trusted, the REST API handler createsRequestContextwithrole=Role.USER. This USER context is passed through to_run_memory_extraction()asself.ctx, then forwarded toextract_long_term_memories()andextract_execution_memories().The extract VLM tools use this context. When they try to read/search
peers/<peer_id>/memories/paths,is_hidden_by_actor_peer_view()(namespace.py:207) blocks access — because the peer URIs belong to a differentactor_peer_id.Result: Every memory extraction silently produces
add=0 / update=0 / delete=0inmemory_diff.json.Fix
Create a ROOT-privileged
extract_ctxin_run_memory_extraction():Replace
ctx=self.ctxwithctx=extract_ctxin both extract calls.Extract is the session's own internal background operation — it needs full access to read/write the owner's peer memories, not the restricted USER scope.
Verification
Access deniederrors per commitChanges
session.py: 14 lines added, 2 lines changedself.ctxusageFixes #3171