feat: give codex permissions support

[k11kirky]

support permission selector

Problem

The Codex agent needs to support different code execution modes with varying permission levels to provide better user control over what actions the agent can perform automatically.

Changes

• Added support for code execution modes (default, acceptEdits, plan, bypassPermissions) in the Codex agent
• Implemented automatic permission approval based on the current execution mode:
  • default: Auto-approves read, search, fetch, and think operations
  • acceptEdits: Additionally auto-approves edit operations
  • plan: Same as default (read-only operations)
  • bypassPermissions: Auto-approves all operation types
• Added permissionMode tracking to session state to maintain the current execution mode
• Modified setSessionMode to handle the mapping between ACP execution modes and Codex native modes
• Enhanced the Codex client to check tool operation kinds against the current permission mode before requesting user approval

How did you test this?

Manual testing of each execution mode to verify that the appropriate operations are auto-approved and others still require user permission.

[k11kirky]

• feat: Harden CodexAcpAgent session state and permission handling #1487
• feat: give codex permissions support #1483 👈 (View in Graphite)
• feat: give codex system prompt via personality #1482
• feat: clean up session reloadin #1481
• feat: update codex adapter and migrate to base acp prxy for agent #1480
• feat: codex 5.4 default and pass to model #1479
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[charlesvien]

It tells me the full python command that it's going to run which may/may not be intentional, but when I accept the permission, it fails instantly, in both read-only and default permissions modes.

Also if I select "No, give feedback" then it interrupts. Did we want that to be the same as the claude adapter where we can type in that field and it will cancel, reprompt with the new instruction or is that out of scope?

The Prompt (I click yes, option 2 here):

The result:

[charlesvien]

If we're on the task input page, should we switch the shift+tab options if they select codex since they are different from claude? Supports ACP session modes: read-only, auto (default), and full-access.

[k11kirky]

Merge activity

• Apr 6, 9:47 PM UTC: A user started a stack merge that includes this pull request via Graphite.
• Apr 6, 10:16 PM UTC: Graphite rebased this pull request as part of a merge.
• Apr 6, 10:23 PM UTC: @k11kirky merged this pull request with Graphite.