validate run id

Zylphrex · Zylphrex · commit 99b9dc4f6bb8 · 2026-03-26T17:08:12.000-04:00
diff --git a/src/sentry/seer/autofix/autofix_agent.py b/src/sentry/seer/autofix/autofix_agent.py
@@ -31,6 +31,7 @@
 from sentry.seer.explorer.client import SeerExplorerClient
 from sentry.seer.explorer.client_models import SeerRunState
 from sentry.seer.models import SeerRepoDefinition
+from sentry.seer.models.seer_api_models import SeerPermissionError
 from sentry.sentry_apps.metrics import SentryAppEventType
 from sentry.sentry_apps.tasks.sentry_apps import broadcast_webhooks_for_organization
 from sentry.sentry_apps.utils.webhooks import SeerActionType
@@ -451,12 +452,7 @@ def trigger_coding_agent_handoff(
             "failures": [{"error_message": "No repositories configured in project preferences"}],
         }
 
-    client = SeerExplorerClient(
-        organization=group.organization,
-        user=None,
-        category_key="autofix",
-        category_value=str(group.id),
-    )
+    client = get_autofix_explorer_client(group)
     state = client.get_run(run_id)
 
     repo = _get_relevant_repo(state, repo_definitions, run_id, group)
@@ -500,4 +496,10 @@ def trigger_coding_agent_handoff(
 
 def trigger_push_changes(group: Group, run_id: int):
     client = get_autofix_explorer_client(group)
+
+    state = client.get_run(run_id)
+    group_id = state.metadata.get("group_id") if state.metadata else None
+    if group_id != group.id:
+        raise SeerPermissionError("Unknown run id for group")
+
     client.push_changes(run_id, blocking=False)
diff --git a/src/sentry/seer/endpoints/group_ai_autofix.py b/src/sentry/seer/endpoints/group_ai_autofix.py
@@ -261,7 +261,10 @@ def _post_explorer(self, request: Request, group: Group) -> Response:
         if step == "open_pr":
             if not run_id:
                 return Response({"detail": "run_id is required for open_pr"}, status=400)
-            trigger_push_changes(group, run_id)
+            try:
+                trigger_push_changes(group, run_id)
+            except SeerPermissionError as e:
+                raise PermissionDenied(str(e))
             return Response({"run_id": run_id}, status=202)
 
         # Handle all built-in Seer steps
