Skip to content

[codex] fix status line full access label#30597

Draft
ssetty-oai wants to merge 1 commit into
mainfrom
codex/fix-status-line-full-access-label
Draft

[codex] fix status line full access label#30597
ssetty-oai wants to merge 1 commit into
mainfrom
codex/fix-status-line-full-access-label

Conversation

@ssetty-oai

Copy link
Copy Markdown
Contributor

Summary

  • Show No Sandbox in the TUI status line when sandboxing is disabled but command approvals are still enabled.
  • Reserve Full Access for disabled sandboxing with AskForApproval::Never.
  • Add focused behavior and snapshot regression coverage.

Why

The compact status line derived its permissions label only from PermissionProfile::Disabled, so sandbox_mode = "danger-full-access" with an approval policy such as OnRequest was misleadingly shown as Full Access even though commands still required approval.

User impact

Users can now distinguish an unsandboxed session that still asks for approval from a truly unrestricted full-access session.

Closes #30379

Testing

  • just fmt
  • CARGO_TARGET_DIR=/tmp/codex-target just test -p codex-tui status_line_permissions_distinguish_no_sandbox_from_full_access
  • CARGO_TARGET_DIR=/tmp/codex-target just test -p codex-tui status_surface_preview_no_sandbox_with_approval_snapshot
  • CARGO_TARGET_DIR=/tmp/codex-target just test -p codex-tui (2950 passed; two unrelated existing Guardian feature-flag tests fail independently: app::tests::update_feature_flags_disabling_guardian_clears_manual_review_policy_without_history and app::tests::update_feature_flags_disabling_guardian_clears_review_policy_and_restores_default, both with Err(Empty).)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Codex CLI shows wrong Full Access permission on status line when sandbox_mode = "danger-full-access"

1 participant