feat(seer): Fall back to contextvar ViewerContext for Seer requests#112221
Merged
feat(seer): Fall back to contextvar ViewerContext for Seer requests#112221
Conversation
When no explicit viewer_context is passed to make_signed_seer_api_request, read from the contextvar set by ViewerContextMiddleware. If both exist, explicit fields override but a mismatch logs a warning and strips the token from the payload as a safety measure. Also serializes actor_type and token (kind + scopes) when available, enriching the context Seer receives. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
github-actions
bot
added
the
Scope: Backend
azulus
approved these changes
Apr 3, 2026
JoshFerge
reviewed
Apr 3, 2026
|
|
||
| def _resolve_viewer_context( | ||
| explicit: SeerViewerContext | None, | ||
| ) -> dict[str, Any] | None: |
Member
There was a problem hiding this comment.
is it possible to type the dict more narrowly with e.g. a TypedDict?
JoshFerge
reviewed
Apr 3, 2026
|
|
||
|
|
||
| @sentry_sdk.tracing.trace | ||
| def make_signed_seer_api_request( |
Member
There was a problem hiding this comment.
does it make sense to add any tests to this function based on the viewer context possibilities?
gricha
force-pushed
the
gricha/feat/seer-viewer-context-fallback
branch
from
0b25b89 to
188f576
Compare
gricha
force-pushed
the
gricha/feat/seer-viewer-context-fallback
branch
from
188f576 to
cd16fea
Compare
Address review feedback: add tests covering all branches of the viewer context resolution (contextvar only, explicit only, merge, mismatch warning, token stripping). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
gricha
force-pushed
the
gricha/feat/seer-viewer-context-fallback
branch
from
cd16fea to
f6e109e
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| result["user_id"] = self.user_id | ||
| if self.token is not None: | ||
| result["token"] = {"kind": self.token.kind, "scopes": list(self.token.get_scopes())} | ||
| return result |
Contributor
There was a problem hiding this comment.
Wire format change breaks existing callers' X-Viewer-Context header
Medium Severity
The X-Viewer-Context header wire format changes for all existing callers even when the contextvar middleware is disabled. Previously, orjson.dumps(viewer_context) serialized SeerViewerContext as {"organization_id": X, "user_id": Y}. Now, orjson.dumps(resolved.serialize()) always includes "actor_type": "unknown" (and potentially "token") in the payload. The PR claims "Existing callers that pass explicit context continue to work unchanged," but the Seer service now receives a different JSON shape for every request that includes viewer context.
Additional Locations (1)
Contributor
Backend Test FailuresFailures on
|
ViewerContext.serialize() now always includes actor_type. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
make_signed_seer_api_requestnow auto-reads from theViewerContextcontextvar when no explicitviewer_contextparameter is passed. This means Seer calls made during API requests (where the middleware sets the contextvar) automatically get identity context without callers needing to construct and passSeerViewerContext.Behavior:
actor_typeandtoken(kind + scopes) when availableSeerViewerContextparam overridesorganization_id/user_idif passedseer.viewer_context_mismatchwarning and strips the token from the payloadThis is safe to land independently — it's a no-op until the ViewerContext middleware is enabled (
viewer-context.enabledoption). Existing callers that pass explicit context continue to work unchanged.Part of the ViewerContext RFC.