tests: use permission profiles in unix escalation checks

2026-05-14 18:21:11 +03:00 · 2026-04-30 02:36:30 -07:00
1 changed files with 8 additions and 23 deletions
--- a/codex-rs/core/src/tools/runtimes/shell/unix_escalation_tests.rs
+++ b/codex-rs/core/src/tools/runtimes/shell/unix_escalation_tests.rs
@@ -28,7 +28,6 @@ use codex_protocol::permissions::NetworkSandboxPolicy;
 use codex_protocol::protocol::AskForApproval;
 use codex_protocol::protocol::GranularApprovalConfig;
 use codex_protocol::protocol::GuardianCommandSource;
-use codex_protocol::protocol::SandboxPolicy;
 use codex_sandboxing::SandboxType;
 use codex_shell_escalation::EscalationExecution;
 use codex_shell_escalation::EscalationPermissions;
@@ -67,10 +66,6 @@ fn read_only_file_system_sandbox_policy() -> FileSystemSandboxPolicy {
    }])
 }

-fn permission_profile_from_sandbox_policy(sandbox_policy: &SandboxPolicy) -> PermissionProfile {
-    PermissionProfile::from_legacy_sandbox_policy(sandbox_policy)
-}
-
 fn test_sandbox_cwd() -> AbsolutePathBuf {
    AbsolutePathBuf::try_from(host_absolute_path(&["workspace"])).unwrap()
 }
@@ -406,9 +401,7 @@ async fn execve_permission_request_hook_short_circuits_prompt() -> anyhow::Resul
        call_id: "execve-hook-call".to_string(),
        tool_name: GuardianCommandSource::Shell,
        approval_policy: AskForApproval::OnRequest,
-        permission_profile: permission_profile_from_sandbox_policy(
-            &SandboxPolicy::new_read_only_policy(),
-        ),
+        permission_profile: PermissionProfile::read_only(),
        file_system_sandbox_policy: read_only_file_system_sandbox_policy(),
        sandbox_policy_cwd: workdir.clone(),
        sandbox_permissions: SandboxPermissions::RequireEscalated,
@@ -475,9 +468,7 @@ fn evaluate_intercepted_exec_policy_uses_wrapper_command_when_shell_wrapper_pars
        ],
        InterceptedExecPolicyContext {
            approval_policy: AskForApproval::OnRequest,
-            permission_profile: permission_profile_from_sandbox_policy(
-                &SandboxPolicy::new_read_only_policy(),
-            ),
+            permission_profile: PermissionProfile::read_only(),
            file_system_sandbox_policy: &read_only_file_system_sandbox_policy(),
            sandbox_cwd: sandbox_cwd.as_path(),
            sandbox_permissions: SandboxPermissions::UseDefault,
@@ -530,9 +521,7 @@ fn evaluate_intercepted_exec_policy_matches_inner_shell_commands_when_enabled()
        ],
        InterceptedExecPolicyContext {
            approval_policy: AskForApproval::OnRequest,
-            permission_profile: permission_profile_from_sandbox_policy(
-                &SandboxPolicy::new_read_only_policy(),
-            ),
+            permission_profile: PermissionProfile::read_only(),
            file_system_sandbox_policy: &read_only_file_system_sandbox_policy(),
            sandbox_cwd: sandbox_cwd.as_path(),
            sandbox_permissions: SandboxPermissions::UseDefault,
@@ -576,9 +565,7 @@ host_executable(name = "git", paths = ["{git_path_literal}"])
        &["git".to_string(), "status".to_string()],
        InterceptedExecPolicyContext {
            approval_policy: AskForApproval::OnRequest,
-            permission_profile: permission_profile_from_sandbox_policy(
-                &SandboxPolicy::new_read_only_policy(),
-            ),
+            permission_profile: PermissionProfile::read_only(),
            file_system_sandbox_policy: &read_only_file_system_sandbox_policy(),
            sandbox_cwd: sandbox_cwd.as_path(),
            sandbox_permissions: SandboxPermissions::UseDefault,
@@ -610,7 +597,7 @@ fn intercepted_exec_policy_treats_preapproved_additional_permissions_as_default(
    let program = AbsolutePathBuf::try_from(host_absolute_path(&["usr", "bin", "printf"])).unwrap();
    let argv = ["printf".to_string(), "hello".to_string()];
    let approval_policy = AskForApproval::OnRequest;
-    let sandbox_policy = SandboxPolicy::new_workspace_write_policy();
+    let permission_profile = PermissionProfile::workspace_write();
    let file_system_sandbox_policy = read_only_file_system_sandbox_policy();
    let sandbox_cwd = test_sandbox_cwd();

@@ -620,7 +607,7 @@ fn intercepted_exec_policy_treats_preapproved_additional_permissions_as_default(
        &argv,
        InterceptedExecPolicyContext {
            approval_policy,
-            permission_profile: permission_profile_from_sandbox_policy(&sandbox_policy),
+            permission_profile: permission_profile.clone(),
            file_system_sandbox_policy: &file_system_sandbox_policy,
            sandbox_cwd: sandbox_cwd.as_path(),
            sandbox_permissions: super::approval_sandbox_permissions(
@@ -636,7 +623,7 @@ fn intercepted_exec_policy_treats_preapproved_additional_permissions_as_default(
        &argv,
        InterceptedExecPolicyContext {
            approval_policy,
-            permission_profile: permission_profile_from_sandbox_policy(&sandbox_policy),
+            permission_profile,
            file_system_sandbox_policy: &file_system_sandbox_policy,
            sandbox_cwd: sandbox_cwd.as_path(),
            sandbox_permissions: SandboxPermissions::WithAdditionalPermissions,
@@ -671,9 +658,7 @@ host_executable(name = "git", paths = ["{allowed_git_literal}"])
        &["git".to_string(), "status".to_string()],
        InterceptedExecPolicyContext {
            approval_policy: AskForApproval::OnRequest,
-            permission_profile: permission_profile_from_sandbox_policy(
-                &SandboxPolicy::new_read_only_policy(),
-            ),
+            permission_profile: PermissionProfile::read_only(),
            file_system_sandbox_policy: &read_only_file_system_sandbox_policy(),
            sandbox_cwd: sandbox_cwd.as_path(),
            sandbox_permissions: SandboxPermissions::UseDefault,