fix(handlers/delegation): fix fallback query to use source_id not workspace_id

The listDelegationsFromActivityLogs fallback query previously filtered on workspace_id (the workspace that owns the activity row) instead of source_id (the workspace that fired the delegation). This caused GET /workspaces/:id/delegations to return [] when delegation rows had workspace_id set to a non-caller value (e.g. rows created via the a2a proxy path), while the agent's local _delegations dict showed active delegations. Fix: WHERE workspace_id = $1 → WHERE source_id = $1, aligning the fallback with the ledger's caller_id filter and the correct semantic for "list all delegations I fired." Also add TestListDelegationsFromActivityLogs_UsesSourceID regression test that explicitly pins the source_id filter via a precise mock expectation. Closes: PLAN.md backlog item "Delegations list endpoint mismatch"
2026-05-15 13:18:12 +00:00
2 changed files with 56 additions and 1 deletions
@@ -753,7 +753,7 @@ func (h *DelegationHandler) listDelegationsFromActivityLogs(ctx context.Context,
 		       COALESCE(request_body->>'delegation_id', response_body->>'delegation_id', ''),
 		       created_at
 		FROM activity_logs
-		WHERE workspace_id = $1 AND method IN ('delegate', 'delegate_result')
+		WHERE source_id = $1 AND method IN ('delegate', 'delegate_result')
 		ORDER BY created_at DESC
 		LIMIT 50
 	`, workspaceID)
@@ -445,3 +445,58 @@ func TestListDelegationsFromActivityLogs_RowsErr(t *testing.T) {
 // sqlmock.NewRows([]string{}).AddRow(...) to panic in test SETUP. The handler
 // has no recover(), so a scan panic would crash the process — the correct
 // behaviour. Real-DB integration tests cover this path.
+
+// TestListDelegationsFromActivityLogs_UsesSourceID pins the fix for the
+// "delegations list endpoint mismatch" bug: the fallback query previously
+// filtered on workspace_id (the workspace that owns the row) instead of
+// source_id (the workspace that fired the delegation). Both happen to be equal
+// for rows created by insertDelegationRow, but using source_id aligns the
+// fallback with the ledger's caller_id filter and is the semantically correct
+// column for "list all delegations I fired".
+func TestListDelegationsFromActivityLogs_UsesSourceID(t *testing.T) {
+	mockDB, mock, err := sqlmock.New()
+	if err != nil {
+		t.Fatalf("failed to create sqlmock: %v", err)
+	}
+	prevDB := db.DB
+	db.DB = mockDB
+	t.Cleanup(func() { db.DB = prevDB; mockDB.Close() })
+
+	now := time.Now()
+	rows := sqlmock.NewRows([]string{
+		"id", "activity_type", "source_id", "target_id",
+		"summary", "status", "error_detail",
+		"response_preview", "delegation_id", "created_at",
+	}).AddRow(
+		"act-1", "delegate",
+		"ws-caller", "ws-callee",
+		"analyse Q1 numbers",
+		"in_progress",
+		"", "", "",
+		now,
+	)
+	// Require source_id in the WHERE clause — this is the regression pin.
+	// Previously the query used workspace_id, which could miss rows where
+	// workspace_id != caller (e.g. delegation rows created via the a2a proxy).
+	mock.ExpectQuery(`SELECT .+ FROM activity_logs WHERE source_id = \$1 AND method IN \('delegate', 'delegate_result'\)`).
+		WithArgs("ws-caller").
+		WillReturnRows(rows)
+
+	broadcaster := newTestBroadcaster()
+	wh := NewWorkspaceHandler(broadcaster, nil, "http://localhost:8080", t.TempDir())
+	dh := NewDelegationHandler(wh, broadcaster)
+
+	got := dh.listDelegationsFromActivityLogs(context.Background(), "ws-caller")
+	if len(got) != 1 {
+		t.Fatalf("expected 1 entry, got %d", len(got))
+	}
+	if got[0]["source_id"] != "ws-caller" {
+		t.Errorf("source_id: got %v, want ws-caller", got[0]["source_id"])
+	}
+	if got[0]["target_id"] != "ws-callee" {
+		t.Errorf("target_id: got %v, want ws-callee", got[0]["target_id"])
+	}
+	if err := mock.ExpectationsWereMet(); err != nil {
+		t.Errorf("sqlmock expectations: %v", err)
+	}
+}