fix(hybridcloud): Always set ViewerContext in RPC endpoint

The RPC endpoint ran inside ViewerContextMiddleware, which sets a
ViewerContext for the transport request itself. When no viewer_context
was provided in meta, nullcontext() left the middleware's context
active, leaking incorrect identity to the RPC handler.

Always enter viewer_context_scope with either the caller's deserialized
context or an empty ViewerContext(actor_type=UNKNOWN) to override
the middleware's context.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: gricha

src/sentry/api/endpoints/internal/rpc.py

@@ -1,5 +1,3 @@
-import contextlib
-
 import pydantic
 import sentry_sdk
 from rest_framework import status
@@ -66,16 +64,16 @@ def post(self, request: Request, service_name: str, method_name: str) -> Respons
 
         meta = request.data.get("meta") or {}
         vc_data = meta.get("viewer_context")
-        vc_scope: contextlib.AbstractContextManager[None] = contextlib.nullcontext()
+        vc = ViewerContext()
         if vc_data:
             try:
-                vc_scope = viewer_context_scope(ViewerContext.deserialize(vc_data))
+                vc = ViewerContext.deserialize(vc_data)
             except Exception as e:
                 sentry_sdk.capture_exception()
                 raise ParseError from e
 
         try:
-            with vc_scope, auth_context.applied_to_request(request):
+            with viewer_context_scope(vc), auth_context.applied_to_request(request):
                 result = dispatch_to_local_service(service_name, method_name, arguments)
         except RpcValidationException as e:
             return Response(

tests/sentry/api/endpoints/test_rpc.py

@@ -184,8 +184,8 @@ def capturing_dispatch(*args, **kwargs):
         assert ctx.user_id == 42
         assert ctx.actor_type == ActorType.USER
 
-    def test_viewer_context_none_when_meta_empty(self) -> None:
-        """No ViewerContext set when meta is empty."""
+    def test_viewer_context_unknown_when_meta_empty(self) -> None:
+        """Empty ViewerContext with UNKNOWN actor type when meta has no viewer_context."""
         organization = self.create_organization()
         captured_contexts: list[ViewerContext | None] = []
 
@@ -208,7 +208,11 @@ def capturing_dispatch(*args, **kwargs):
 
         assert response.status_code == 200
         assert len(captured_contexts) == 1
-        assert captured_contexts[0] is None
+        ctx = captured_contexts[0]
+        assert ctx is not None
+        assert ctx.user_id is None
+        assert ctx.organization_id is None
+        assert ctx.actor_type == ActorType.UNKNOWN
 
     def test_viewer_context_roundtrip_through_meta(self) -> None:
         """ViewerContext set on the sending side arrives on the receiving side."""