Handle "Don't Trust" directory selection in onboarding (#4941)

Fixes #4940 Fixes #4892 When selecting "No, ask me to approve edits and commands" during onboarding, the code wasn't applying the correct approval policy, causing Codex to block all write operations instead of requesting approval. This PR fixes the issue by persisting the "DontTrust" decision in config.toml as `trust_level = "untrusted"` and handling it in the sandbox and approval policy logic, so Codex correctly asks for approval before making changes. ## Before (bug) <img width="709" height="500" alt="bef" src="https://github.com/user-attachments/assets/5aced26d-d810-4754-879a-89d9e4e0073b" /> ## After (fixed) <img width="713" height="359" alt="aft" src="https://github.com/user-attachments/assets/9887bbcb-a9a5-4e54-8e76-9125a782226b" /> --------- Co-authored-by: Eric Traut <etraut@openai.com>
2026-05-01 09:56:37 +00:00 · 2025-11-14 20:23:35 -03:00
parent 018a2d2e50
commit 89ecc00b79
5 changed files with 173 additions and 35 deletions
--- a/codex-rs/core/src/config/edit.rs
+++ b/codex-rs/core/src/config/edit.rs
@@ -3,6 +3,7 @@ use crate::config::types::McpServerConfig;
 use crate::config::types::Notice;
 use anyhow::Context;
 use codex_protocol::config_types::ReasoningEffort;
+use codex_protocol::config_types::TrustLevel;
 use codex_utils_tokenizer::warm_model_cache;
 use std::collections::BTreeMap;
 use std::path::Path;
@@ -34,9 +35,9 @@ pub enum ConfigEdit {
    SetNoticeHideModelMigrationPrompt(String, bool),
    /// Replace the entire `[mcp_servers]` table.
    ReplaceMcpServers(BTreeMap<String, McpServerConfig>),
-    /// Set trust_level = "trusted" under `[projects."<path>"]`,
+    /// Set trust_level under `[projects."<path>"]`,
    /// migrating inline tables to explicit tables.
-    SetProjectTrusted(PathBuf),
+    SetProjectTrustLevel { path: PathBuf, level: TrustLevel },
    /// Set the value stored at the exact dotted path.
    SetPath {
        segments: Vec<String>,
@@ -274,10 +275,14 @@ impl ConfigDocument {
            ConfigEdit::ReplaceMcpServers(servers) => Ok(self.replace_mcp_servers(servers)),
            ConfigEdit::SetPath { segments, value } => Ok(self.insert(segments, value.clone())),
            ConfigEdit::ClearPath { segments } => Ok(self.clear_owned(segments)),
-            ConfigEdit::SetProjectTrusted(project_path) => {
+            ConfigEdit::SetProjectTrustLevel { path, level } => {
                // Delegate to the existing, tested logic in config.rs to
                // ensure tables are explicit and migration is preserved.
-                crate::config::set_project_trusted_inner(&mut self.doc, project_path.as_path())?;
+                crate::config::set_project_trust_level_inner(
+                    &mut self.doc,
+                    path.as_path(),
+                    *level,
+                )?;
                Ok(true)
            }
        }
@@ -533,9 +538,15 @@ impl ConfigEditsBuilder {
        self
    }

-    pub fn set_project_trusted<P: Into<PathBuf>>(mut self, project_path: P) -> Self {
-        self.edits
-            .push(ConfigEdit::SetProjectTrusted(project_path.into()));
+    pub fn set_project_trust_level<P: Into<PathBuf>>(
+        mut self,
+        project_path: P,
+        trust_level: TrustLevel,
+    ) -> Self {
+        self.edits.push(ConfigEdit::SetProjectTrustLevel {
+            path: project_path.into(),
+            level: trust_level,
+        });
        self
    }