Skip to content

Commit afb15fb

Browse files
committed
core tests: submit turns with permission profiles
1 parent 3016c74 commit afb15fb

11 files changed

Lines changed: 322 additions & 117 deletions

File tree

codex-rs/core/tests/common/test_codex.rs

Lines changed: 67 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ use codex_model_provider_info::built_in_model_providers;
2828
use codex_models_manager::bundled_models_response;
2929
use codex_models_manager::collaboration_mode_presets::CollaborationModesConfig;
3030
use codex_protocol::config_types::ServiceTier;
31+
use codex_protocol::models::PermissionProfile;
3132
use codex_protocol::openai_models::ModelsResponse;
3233
use codex_protocol::protocol::AskForApproval;
3334
use codex_protocol::protocol::EventMsg;
@@ -591,10 +592,19 @@ impl TestCodex {
591592
}
592593

593594
pub async fn submit_turn(&self, prompt: &str) -> Result<()> {
594-
self.submit_turn_with_policies(
595+
self.submit_turn_with_permission_profile(prompt, PermissionProfile::Disabled)
596+
.await
597+
}
598+
599+
pub async fn submit_turn_with_permission_profile(
600+
&self,
601+
prompt: &str,
602+
permission_profile: PermissionProfile,
603+
) -> Result<()> {
604+
self.submit_turn_with_approval_and_permission_profile(
595605
prompt,
596606
AskForApproval::Never,
597-
SandboxPolicy::DangerFullAccess,
607+
permission_profile,
598608
)
599609
.await
600610
}
@@ -613,10 +623,10 @@ impl TestCodex {
613623
prompt: &str,
614624
service_tier: Option<ServiceTier>,
615625
) -> Result<()> {
616-
self.submit_turn_with_context(
626+
self.submit_turn_with_permission_profile_context(
617627
prompt,
618628
AskForApproval::Never,
619-
SandboxPolicy::DangerFullAccess,
629+
PermissionProfile::Disabled,
620630
Some(service_tier),
621631
/*environments*/ None,
622632
)
@@ -633,6 +643,23 @@ impl TestCodex {
633643
prompt,
634644
approval_policy,
635645
sandbox_policy,
646+
/*permission_profile*/ None,
647+
/*service_tier*/ None,
648+
/*environments*/ None,
649+
)
650+
.await
651+
}
652+
653+
pub async fn submit_turn_with_approval_and_permission_profile(
654+
&self,
655+
prompt: &str,
656+
approval_policy: AskForApproval,
657+
permission_profile: PermissionProfile,
658+
) -> Result<()> {
659+
self.submit_turn_with_permission_profile_context(
660+
prompt,
661+
approval_policy,
662+
permission_profile,
636663
/*service_tier*/ None,
637664
/*environments*/ None,
638665
)
@@ -644,21 +671,44 @@ impl TestCodex {
644671
prompt: &str,
645672
environments: Option<Vec<TurnEnvironmentSelection>>,
646673
) -> Result<()> {
647-
self.submit_turn_with_context(
674+
self.submit_turn_with_permission_profile_context(
648675
prompt,
649676
AskForApproval::Never,
650-
SandboxPolicy::DangerFullAccess,
677+
PermissionProfile::Disabled,
651678
/*service_tier*/ None,
652679
environments,
653680
)
654681
.await
655682
}
656683

684+
async fn submit_turn_with_permission_profile_context(
685+
&self,
686+
prompt: &str,
687+
approval_policy: AskForApproval,
688+
permission_profile: PermissionProfile,
689+
service_tier: Option<Option<ServiceTier>>,
690+
environments: Option<Vec<TurnEnvironmentSelection>>,
691+
) -> Result<()> {
692+
let sandbox_policy = permission_profile
693+
.to_legacy_sandbox_policy(self.config.cwd.as_path())
694+
.unwrap_or_else(|_| SandboxPolicy::new_read_only_policy());
695+
self.submit_turn_with_context(
696+
prompt,
697+
approval_policy,
698+
sandbox_policy,
699+
Some(permission_profile),
700+
service_tier,
701+
environments,
702+
)
703+
.await
704+
}
705+
657706
async fn submit_turn_with_context(
658707
&self,
659708
prompt: &str,
660709
approval_policy: AskForApproval,
661710
sandbox_policy: SandboxPolicy,
711+
permission_profile: Option<PermissionProfile>,
662712
service_tier: Option<Option<ServiceTier>>,
663713
environments: Option<Vec<TurnEnvironmentSelection>>,
664714
) -> Result<()> {
@@ -675,7 +725,7 @@ impl TestCodex {
675725
approval_policy,
676726
approvals_reviewer: None,
677727
sandbox_policy,
678-
permission_profile: None,
728+
permission_profile,
679729
model: session_model,
680730
effort: None,
681731
summary: None,
@@ -835,6 +885,16 @@ impl TestCodexHarness {
835885
.await
836886
}
837887

888+
pub async fn submit_with_permission_profile(
889+
&self,
890+
prompt: &str,
891+
permission_profile: PermissionProfile,
892+
) -> Result<()> {
893+
self.test
894+
.submit_turn_with_permission_profile(prompt, permission_profile)
895+
.await
896+
}
897+
838898
pub async fn request_bodies(&self) -> Vec<Value> {
839899
let path_matcher = path_regex(".*/responses$");
840900
self.server

codex-rs/core/tests/suite/openai_file_mcp.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ use anyhow::Result;
88
use codex_core::config::Config;
99
use codex_features::Feature;
1010
use codex_login::CodexAuth;
11+
use codex_protocol::models::PermissionProfile;
1112
use codex_protocol::protocol::AskForApproval;
12-
use codex_protocol::protocol::SandboxPolicy;
1313
use core_test_support::apps_test_server::AppsTestServer;
1414
use core_test_support::apps_test_server::DOCUMENT_EXTRACT_TEXT_RESOURCE_URI;
1515
use core_test_support::responses::ev_assistant_message;
@@ -169,10 +169,10 @@ async fn codex_apps_file_params_upload_local_paths_before_mcp_tool_call() -> Res
169169
let test = builder.build(&server).await?;
170170
tokio::fs::write(test.cwd.path().join("report.txt"), b"hello world").await?;
171171

172-
test.submit_turn_with_policies(
172+
test.submit_turn_with_approval_and_permission_profile(
173173
"Extract the report text with the app tool.",
174174
AskForApproval::Never,
175-
SandboxPolicy::DangerFullAccess,
175+
PermissionProfile::Disabled,
176176
)
177177
.await?;
178178

codex-rs/core/tests/suite/search_tool.rs

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,11 @@ use codex_protocol::dynamic_tools::DynamicToolCallOutputContentItem;
1212
use codex_protocol::dynamic_tools::DynamicToolResponse;
1313
use codex_protocol::dynamic_tools::DynamicToolSpec;
1414
use codex_protocol::models::FunctionCallOutputPayload;
15+
use codex_protocol::models::PermissionProfile;
1516
use codex_protocol::protocol::AskForApproval;
1617
use codex_protocol::protocol::EventMsg;
1718
use codex_protocol::protocol::McpInvocation;
1819
use codex_protocol::protocol::Op;
19-
use codex_protocol::protocol::SandboxPolicy;
2020
use codex_protocol::user_input::UserInput;
2121
use core_test_support::apps_test_server::AppsTestServer;
2222
use core_test_support::apps_test_server::CALENDAR_CREATE_EVENT_MCP_APP_RESOURCE_URI;
@@ -157,10 +157,10 @@ async fn search_tool_enabled_by_default_adds_tool_search() -> Result<()> {
157157
let mut builder = configured_builder(apps_server.chatgpt_base_url.clone());
158158
let test = builder.build(&server).await?;
159159

160-
test.submit_turn_with_policies(
160+
test.submit_turn_with_approval_and_permission_profile(
161161
"list tools",
162162
AskForApproval::Never,
163-
SandboxPolicy::DangerFullAccess,
163+
PermissionProfile::Disabled,
164164
)
165165
.await?;
166166

@@ -221,10 +221,10 @@ async fn always_defer_feature_hides_small_app_tool_sets() -> Result<()> {
221221
});
222222
let test = builder.build(&server).await?;
223223

224-
test.submit_turn_with_policies(
224+
test.submit_turn_with_approval_and_permission_profile(
225225
"list tools",
226226
AskForApproval::Never,
227-
SandboxPolicy::DangerFullAccess,
227+
PermissionProfile::Disabled,
228228
)
229229
.await?;
230230

@@ -265,10 +265,10 @@ async fn tool_search_disabled_exposes_apps_tools_directly() -> Result<()> {
265265
});
266266
let test = builder.build(&server).await?;
267267

268-
test.submit_turn_with_policies(
268+
test.submit_turn_with_approval_and_permission_profile(
269269
"list tools",
270270
AskForApproval::Never,
271-
SandboxPolicy::DangerFullAccess,
271+
PermissionProfile::Disabled,
272272
)
273273
.await?;
274274

@@ -311,10 +311,10 @@ async fn search_tool_is_hidden_for_api_key_auth() -> Result<()> {
311311
.with_config(move |config| configure_apps(config, apps_server.chatgpt_base_url.as_str()));
312312
let test = builder.build(&server).await?;
313313

314-
test.submit_turn_with_policies(
314+
test.submit_turn_with_approval_and_permission_profile(
315315
"list tools",
316316
AskForApproval::Never,
317-
SandboxPolicy::DangerFullAccess,
317+
PermissionProfile::Disabled,
318318
)
319319
.await?;
320320

@@ -347,10 +347,10 @@ async fn search_tool_adds_discovery_instructions_to_tool_description() -> Result
347347
let mut builder = configured_builder(apps_server.chatgpt_base_url.clone());
348348
let test = builder.build(&server).await?;
349349

350-
test.submit_turn_with_policies(
350+
test.submit_turn_with_approval_and_permission_profile(
351351
"list tools",
352352
AskForApproval::Never,
353-
SandboxPolicy::DangerFullAccess,
353+
PermissionProfile::Disabled,
354354
)
355355
.await?;
356356

@@ -389,10 +389,10 @@ async fn search_tool_hides_apps_tools_without_search() -> Result<()> {
389389
let mut builder = configured_builder(apps_server.chatgpt_base_url.clone());
390390
let test = builder.build(&server).await?;
391391

392-
test.submit_turn_with_policies(
392+
test.submit_turn_with_approval_and_permission_profile(
393393
"hello tools",
394394
AskForApproval::Never,
395-
SandboxPolicy::DangerFullAccess,
395+
PermissionProfile::Disabled,
396396
)
397397
.await?;
398398

@@ -425,10 +425,10 @@ async fn explicit_app_mentions_expose_apps_tools_without_search() -> Result<()>
425425
let mut builder = configured_builder(apps_server.chatgpt_base_url.clone());
426426
let test = builder.build(&server).await?;
427427

428-
test.submit_turn_with_policies(
428+
test.submit_turn_with_approval_and_permission_profile(
429429
"Use [$calendar](app://calendar) and then call tools.",
430430
AskForApproval::Never,
431-
SandboxPolicy::DangerFullAccess,
431+
PermissionProfile::Disabled,
432432
)
433433
.await?;
434434

@@ -957,10 +957,10 @@ async fn tool_search_indexes_only_enabled_non_app_mcp_tools() -> Result<()> {
957957
});
958958
let test = builder.build(&server).await?;
959959

960-
test.submit_turn_with_policies(
960+
test.submit_turn_with_approval_and_permission_profile(
961961
"Find the rmcp echo and image tools.",
962962
AskForApproval::Never,
963-
SandboxPolicy::DangerFullAccess,
963+
PermissionProfile::Disabled,
964964
)
965965
.await?;
966966

0 commit comments

Comments
 (0)