allow elevated sandbox to be enabled without base experimental flag (#10028)

elevated flag = elevated sandbox experimental flag = non-elevated sandbox both = elevated
2026-05-02 20:32:04 +03:00 · 2026-01-28 11:38:29 -08:00
parent b7edeee8ca
commit 66de985e4e
5 changed files with 90 additions and 29 deletions
--- a/codex-rs/core/src/windows_sandbox.rs
+++ b/codex-rs/core/src/windows_sandbox.rs
@@ -23,13 +23,13 @@ impl WindowsSandboxLevelExt for WindowsSandboxLevel {
    }

    fn from_features(features: &Features) -> WindowsSandboxLevel {
-        if !features.enabled(Feature::WindowsSandbox) {
-            return WindowsSandboxLevel::Disabled;
-        }
        if features.enabled(Feature::WindowsSandboxElevated) {
-            WindowsSandboxLevel::Elevated
-        } else {
+            return WindowsSandboxLevel::Elevated;
+        }
+        if features.enabled(Feature::WindowsSandbox) {
            WindowsSandboxLevel::RestrictedToken
+        } else {
+            WindowsSandboxLevel::Disabled
        }
    }
 }
@@ -94,3 +94,54 @@ pub fn run_elevated_setup(
 ) -> anyhow::Result<()> {
    anyhow::bail!("elevated Windows sandbox setup is only supported on Windows")
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::features::Features;
+    use pretty_assertions::assert_eq;
+
+    #[test]
+    fn elevated_flag_works_by_itself() {
+        let mut features = Features::with_defaults();
+        features.enable(Feature::WindowsSandboxElevated);
+
+        assert_eq!(
+            WindowsSandboxLevel::from_features(&features),
+            WindowsSandboxLevel::Elevated
+        );
+    }
+
+    #[test]
+    fn restricted_token_flag_works_by_itself() {
+        let mut features = Features::with_defaults();
+        features.enable(Feature::WindowsSandbox);
+
+        assert_eq!(
+            WindowsSandboxLevel::from_features(&features),
+            WindowsSandboxLevel::RestrictedToken
+        );
+    }
+
+    #[test]
+    fn no_flags_means_no_sandbox() {
+        let features = Features::with_defaults();
+
+        assert_eq!(
+            WindowsSandboxLevel::from_features(&features),
+            WindowsSandboxLevel::Disabled
+        );
+    }
+
+    #[test]
+    fn elevated_wins_when_both_flags_are_enabled() {
+        let mut features = Features::with_defaults();
+        features.enable(Feature::WindowsSandbox);
+        features.enable(Feature::WindowsSandboxElevated);
+
+        assert_eq!(
+            WindowsSandboxLevel::from_features(&features),
+            WindowsSandboxLevel::Elevated
+        );
+    }
+}