Skip to content

rollout: persist turn permission profiles #18281

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bolinfest wants to merge 1 commit into
base: pr18280
Choose a base branch
from
Open

rollout: persist turn permission profiles #18281

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions codex-rs/core/src/context_manager/history_tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,7 @@ fn reference_context_item() -> TurnContextItem {
timezone: Some("America/Los_Angeles".to_string()),
approval_policy: AskForApproval::OnRequest,
sandbox_policy: SandboxPolicy::new_read_only_policy(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: "gpt-test".to_string(),
Expand Down
2 changes: 1 addition & 1 deletion codex-rs/core/src/context_manager/updates.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ fn build_permissions_update_item(
}

let prev = previous?;
if prev.sandbox_policy == *next.sandbox_policy.get()
if prev.permission_profile() == next.permission_profile()
&& prev.approval_policy == next.approval_policy.value()
{
return None;
Expand Down
8 changes: 8 additions & 0 deletions codex-rs/core/src/session/rollout_reconstruction_tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ async fn record_initial_history_resumed_bare_turn_context_does_not_hydrate_previ
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -108,6 +109,7 @@ async fn record_initial_history_resumed_hydrates_previous_turn_settings_from_lif
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -903,6 +905,7 @@ async fn record_initial_history_resumed_turn_context_after_compaction_reestablis
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -979,6 +982,7 @@ async fn record_initial_history_resumed_turn_context_after_compaction_reestablis
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -1009,6 +1013,7 @@ async fn record_initial_history_resumed_aborted_turn_without_id_clears_active_tu
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -1122,6 +1127,7 @@ async fn record_initial_history_resumed_unmatched_abort_preserves_active_turn_fo
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: current_model.to_string(),
Expand Down Expand Up @@ -1233,6 +1239,7 @@ async fn record_initial_history_resumed_trailing_incomplete_turn_compaction_clea
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -1383,6 +1390,7 @@ async fn record_initial_history_resumed_replaced_incomplete_compacted_turn_clear
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down
9 changes: 9 additions & 0 deletions codex-rs/core/src/session/tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1738,6 +1738,7 @@ async fn record_initial_history_forked_hydrates_previous_turn_settings() {
timezone: turn_context.timezone.clone(),
approval_policy: turn_context.approval_policy.value(),
sandbox_policy: turn_context.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down Expand Up @@ -5361,6 +5362,10 @@ async fn turn_context_item_omits_legacy_equivalent_file_system_sandbox_policy()
let item = turn_context.to_turn_context_item();

assert_eq!(item.file_system_sandbox_policy, None);
assert_eq!(
item.permission_profile,
Some(turn_context.permission_profile())
);
}

#[tokio::test]
Expand All @@ -5375,6 +5380,10 @@ async fn turn_context_item_stores_split_file_system_sandbox_policy_when_differen
item.file_system_sandbox_policy,
Some(file_system_sandbox_policy)
);
assert_eq!(
item.permission_profile,
Some(turn_context.permission_profile())
);
}

#[tokio::test]
Expand Down
1 change: 1 addition & 0 deletions codex-rs/core/src/session/turn_context.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,7 @@ impl TurnContext {
timezone: self.timezone.clone(),
approval_policy: self.approval_policy.value(),
sandbox_policy: self.sandbox_policy.get().clone(),
permission_profile: Some(self.permission_profile()),
network: self.turn_context_network_item(),
file_system_sandbox_policy: self.non_legacy_file_system_sandbox_policy(),
model: self.model_info.slug.clone(),
Expand Down
1 change: 1 addition & 0 deletions codex-rs/core/tests/suite/resume_warning.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ fn resume_history(
timezone: None,
approval_policy: config.permissions.approval_policy.value(),
sandbox_policy: config.permissions.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: previous_model.to_string(),
Expand Down
21 changes: 21 additions & 0 deletions codex-rs/protocol/src/protocol.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2924,6 +2924,8 @@ pub struct TurnContextItem {
pub timezone: Option<String>,
pub approval_policy: AskForApproval,
pub sandbox_policy: SandboxPolicy,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub permission_profile: Option<PermissionProfile>,
#[serde(skip_serializing_if = "Option::is_none")]
pub network: Option<TurnContextNetworkItem>,
#[serde(default, skip_serializing_if = "Option::is_none")]
Expand All @@ -2948,6 +2950,24 @@ pub struct TurnContextItem {
pub truncation_policy: Option<TruncationPolicy>,
}

impl TurnContextItem {
pub fn permission_profile(&self) -> PermissionProfile {
self.permission_profile.clone().unwrap_or_else(|| {
let file_system_sandbox_policy =
self.file_system_sandbox_policy.clone().unwrap_or_else(|| {
FileSystemSandboxPolicy::from_legacy_sandbox_policy(
&self.sandbox_policy,
&self.cwd,
)
});
PermissionProfile::from_runtime_permissions(
&file_system_sandbox_policy,
NetworkSandboxPolicy::from(&self.sandbox_policy),
)
})
}
}

#[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq, JsonSchema, TS)]
#[serde(tag = "mode", content = "limit", rename_all = "snake_case")]
pub enum TruncationPolicy {
Expand Down Expand Up @@ -5080,6 +5100,7 @@ mod tests {
timezone: None,
approval_policy: AskForApproval::Never,
sandbox_policy: SandboxPolicy::DangerFullAccess,
permission_profile: None,
network: Some(TurnContextNetworkItem {
allowed_domains: vec!["api.example.com".to_string()],
denied_domains: vec!["blocked.example.com".to_string()],
Expand Down
1 change: 1 addition & 0 deletions codex-rs/rollout/src/recorder_tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -547,6 +547,7 @@ async fn resume_candidate_matches_cwd_reads_latest_turn_context() -> std::io::Re
timezone: None,
approval_policy: AskForApproval::Never,
sandbox_policy: SandboxPolicy::new_read_only_policy(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: "test-model".to_string(),
Expand Down
3 changes: 3 additions & 0 deletions codex-rs/state/src/extract.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,7 @@ mod tests {
timezone: None,
approval_policy: AskForApproval::Never,
sandbox_policy: SandboxPolicy::DangerFullAccess,
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: "gpt-5".to_string(),
Expand Down Expand Up @@ -342,6 +343,7 @@ mod tests {
timezone: None,
approval_policy: AskForApproval::OnRequest,
sandbox_policy: SandboxPolicy::new_read_only_policy(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: "gpt-5".to_string(),
Expand Down Expand Up @@ -375,6 +377,7 @@ mod tests {
timezone: None,
approval_policy: AskForApproval::OnRequest,
sandbox_policy: SandboxPolicy::new_read_only_policy(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: "gpt-5".to_string(),
Expand Down
1 change: 1 addition & 0 deletions codex-rs/tui/src/app/tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2689,6 +2689,7 @@ async fn inactive_thread_started_notification_initializes_replay_session() -> Re
timezone: None,
approval_policy: primary_session.approval_policy,
sandbox_policy: primary_session.sandbox_policy.clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model: "gpt-agent".to_string(),
Expand Down
1 change: 1 addition & 0 deletions codex-rs/tui/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2175,6 +2175,7 @@ mod tests {
timezone: None,
approval_policy: config.permissions.approval_policy.value(),
sandbox_policy: config.permissions.sandbox_policy.get().clone(),
permission_profile: None,
network: None,
file_system_sandbox_policy: None,
model,
Expand Down
Loading