Add server-level approval defaults for custom MCP servers (#17843)

## Summary
- Add `default_tools_approval_mode` support for custom MCP server
configs, matching the existing `codex_apps` behavior
- Apply approval precedence as per-tool override, then server default,
then `auto`
- Update config serialization, CLI display, schema generation, docs, and
tests

## Testing
- `cargo check -p codex-config`
- `cargo check -p codex-core`
- `just write-config-schema`
- `just fmt`
- `cargo test -p codex-config`
- Targeted `codex-core` tests for config parsing, config writes, and MCP
approval precedence
- `just fix -p codex-config -p codex-core`

docs/config.md

@@ -28,12 +28,18 @@ resources, review those read/write race conditions before enabling this setting.
 
 ## MCP tool approvals
 
-Codex stores per-tool approval overrides for custom MCP servers under
-`mcp_servers` in `~/.codex/config.toml`:
+Codex stores approval defaults and per-tool overrides for custom MCP servers
+under `mcp_servers` in `~/.codex/config.toml`. Set
+`default_tools_approval_mode` on the server to apply a default to every tool,
+and use per-tool `approval_mode` entries for exceptions:
 
 ```toml
+[mcp_servers.docs]
+command = "docs-server"
+default_tools_approval_mode = "approve"
+
 [mcp_servers.docs.tools.search]
-approval_mode = "approve"
+approval_mode = "prompt"
 ```
 
 ## Apps (Connectors)