Reject caller-supplied execution identity fields at /api/deepchat boundary
>>> [!note] Migrated issue <!-- Drupal.org comment --> <!-- Migrated from issue #3574662. --> Reported by: [scott falconer](https://www.drupal.org/user/52557) Related to !1227 >>> <p><strong> Problem/Motivation<br> </strong><br> As part of <a href="https://www.drupal.org/project/ai/issues/3573899">https://www.drupal.org/project/ai/issues/3573899</a> (Execution Principal / execution envelope), outside-in API boundaries must not accept caller-supplied execution identity fields.</p> <p>The /api/deepchat endpoint currently processes request payloads without explicitly rejecting reserved identity fields. This allows caller-supplied fields like executor_uid / initiator_uid to pass the boundary and only fail later on unrelated validation (for example invalid assistant ID).</p> <p>We need explicit boundary enforcement so caller payloads cannot influence execution principal resolution.</p> <p><strong>Proposed resolution<br> </strong> </p> <p>In ai_chatbot:</p> <p> 1. Add an early guard in DeepChatApi::api() to reject caller-supplied reserved identity fields:</p> <p> - executor_uid<br> - initiator_uid<br> - initiator_subject</p> <p> 2. Keep response semantics consistent with existing endpoint validation style (422), but return a specific reserved-field error message.<br> 3. Add kernel coverage that proves ordering:</p> <p> - Baseline payload (invalid assistant_id, no reserved fields) returns the existing assistant validation error.<br> - Same payload + reserved field returns reserved-field error instead, proving boundary rejection happens<br> before assistant validation/business logic.</p> <p><strong> Acceptance criteria<br> </strong><br> - /api/deepchat rejects caller-supplied executor_uid.<br> - /api/deepchat rejects caller-supplied initiator_uid.<br> - /api/deepchat rejects caller-supplied initiator_subject.<br> - Rejection happens before assistant validation/business logic.<br> - Tests cover baseline-vs-reserved-field ordering and pass in CI.</p> <p><strong> Remaining tasks<br> </strong><br> - Add/adjust kernel tests under modules/ai_chatbot/tests/src/Kernel/Controller/.<br> - Add reserved-field boundary guard in modules/ai_chatbot/src/Controller/DeepChatApi.php.<br> - Run PHPCS and targeted PHPUnit.<br> - Open/update MR and set issue to Needs review.</p> <p><strong> API changes<br> </strong> Yes. /api/deepchat will now explicitly reject reserved execution identity fields in the request payload.</p> <p><strong> Data model changes<br> </strong> None.</p> <p> AI usage<br> The code and issue drafting for this change are AI-assisted, with human review of scope, implementation, and test results.</p> > Related issue: [Issue #3573899](https://www.drupal.org/node/3573899)
issue