codex-rs/common/src/approval_presets.rs

use codex_core::protocol::AskForApproval;
use codex_core::protocol::SandboxPolicy;

/// A simple preset pairing an approval policy with a sandbox policy.
#[derive(Debug, Clone)]
pub struct ApprovalPreset {
    /// Stable identifier for the preset.
    pub id: &'static str,
    /// Display label shown in UIs.
    pub label: &'static str,
    /// Short human description shown next to the label in UIs.
    pub description: &'static str,
    /// Approval policy to apply.
    pub approval: AskForApproval,
    /// Sandbox policy to apply.
    pub sandbox: SandboxPolicy,
}

/// Built-in list of approval presets that pair approval and sandbox policy.
///
/// Keep this UI-agnostic so it can be reused by both TUI and MCP server.
pub fn builtin_approval_presets() -> Vec<ApprovalPreset> {
    vec![
        ApprovalPreset {
            id: "read-only",
            label: "Read Only",
            description: "Codex can read files and answer questions. Codex requires approval to make edits, run commands, or access network",
            approval: AskForApproval::OnRequest,
            sandbox: SandboxPolicy::ReadOnly,
        },
        ApprovalPreset {
            id: "auto",
            label: "Auto",
            description: "Codex can read files, make edits, and run commands in the workspace. Codex requires approval to work outside the workspace or access network",
            approval: AskForApproval::OnRequest,
            sandbox: SandboxPolicy::new_workspace_write_policy(),
        },
        ApprovalPreset {
            id: "full-access",
            label: "Full Access",
            description: "Codex can read files, make edits, and run commands with network access, without approval. Exercise caution",
            approval: AskForApproval::Never,
            sandbox: SandboxPolicy::DangerFullAccess,
        },
    ]
}
Add a slash command to control permissions (#2474) A slash command to control permissions https://github.com/user-attachments/assets/c0edafcd-2085-4e09-8009-ba69c4f1c153 --------- Co-authored-by: ae <ae@openai.com> 2025-08-19 22:34:37 -07:00			`use codex_core::protocol::AskForApproval;`
			`use codex_core::protocol::SandboxPolicy;`

			`/// A simple preset pairing an approval policy with a sandbox policy.`
			`#[derive(Debug, Clone)]`
			`pub struct ApprovalPreset {`
			`/// Stable identifier for the preset.`
			`pub id: &'static str,`
			`/// Display label shown in UIs.`
			`pub label: &'static str,`
			`/// Short human description shown next to the label in UIs.`
			`pub description: &'static str,`
			`/// Approval policy to apply.`
			`pub approval: AskForApproval,`
			`/// Sandbox policy to apply.`
			`pub sandbox: SandboxPolicy,`
			`}`

			`/// Built-in list of approval presets that pair approval and sandbox policy.`
			`///`
			`/// Keep this UI-agnostic so it can be reused by both TUI and MCP server.`
			`pub fn builtin_approval_presets() -> Vec<ApprovalPreset> {`
			`vec![`
			`ApprovalPreset {`
			`id: "read-only",`
			`label: "Read Only",`
feat: copy tweaks (#2502) - For selectable options, use sentences starting in lowercase and not ending with periods. To be honest I don't love this style, but better to be consistent for now. - Tweak some other strings. - Put in more compelling suggestions on launch. Excited to put `/mcp` in there next. 2025-08-20 00:26:14 -07:00			`description: "Codex can read files and answer questions. Codex requires approval to make edits, run commands, or access network",`
Add a slash command to control permissions (#2474) A slash command to control permissions https://github.com/user-attachments/assets/c0edafcd-2085-4e09-8009-ba69c4f1c153 --------- Co-authored-by: ae <ae@openai.com> 2025-08-19 22:34:37 -07:00			`approval: AskForApproval::OnRequest,`
			`sandbox: SandboxPolicy::ReadOnly,`
			`},`
			`ApprovalPreset {`
			`id: "auto",`
			`label: "Auto",`
feat: copy tweaks (#2502) - For selectable options, use sentences starting in lowercase and not ending with periods. To be honest I don't love this style, but better to be consistent for now. - Tweak some other strings. - Put in more compelling suggestions on launch. Excited to put `/mcp` in there next. 2025-08-20 00:26:14 -07:00			`description: "Codex can read files, make edits, and run commands in the workspace. Codex requires approval to work outside the workspace or access network",`
Add a slash command to control permissions (#2474) A slash command to control permissions https://github.com/user-attachments/assets/c0edafcd-2085-4e09-8009-ba69c4f1c153 --------- Co-authored-by: ae <ae@openai.com> 2025-08-19 22:34:37 -07:00			`approval: AskForApproval::OnRequest,`
			`sandbox: SandboxPolicy::new_workspace_write_policy(),`
			`},`
			`ApprovalPreset {`
			`id: "full-access",`
			`label: "Full Access",`
feat: copy tweaks (#2502) - For selectable options, use sentences starting in lowercase and not ending with periods. To be honest I don't love this style, but better to be consistent for now. - Tweak some other strings. - Put in more compelling suggestions on launch. Excited to put `/mcp` in there next. 2025-08-20 00:26:14 -07:00			`description: "Codex can read files, make edits, and run commands with network access, without approval. Exercise caution",`
Add a slash command to control permissions (#2474) A slash command to control permissions https://github.com/user-attachments/assets/c0edafcd-2085-4e09-8009-ba69c4f1c153 --------- Co-authored-by: ae <ae@openai.com> 2025-08-19 22:34:37 -07:00			`approval: AskForApproval::Never,`
			`sandbox: SandboxPolicy::DangerFullAccess,`
			`},`
			`]`
			`}`