permissions: remove legacy read-only access modes

[bolinfest]

Why

ReadOnlyAccess was a transitional legacy shape on SandboxPolicy: FullAccess meant the historical read-only/workspace-write modes could read the full filesystem, while Restricted tried to carry partial readable roots. The partial-read model now belongs in FileSystemSandboxPolicy and PermissionProfile, so keeping it on SandboxPolicy makes every legacy projection reintroduce lossy read-root bookkeeping and creates unnecessary noise in the rest of the permissions migration.

This PR makes the legacy policy model narrower and explicit: SandboxPolicy::ReadOnly and SandboxPolicy::WorkspaceWrite represent the old full-read sandbox modes only. Split readable roots, deny-read globs, and platform-default/minimal read behavior stay in the runtime permissions model.

What changed

• Removes ReadOnlyAccess from codex_protocol::protocol::SandboxPolicy, including the generated access and readOnlyAccess API fields.
• Updates legacy policy/profile conversions so restricted filesystem reads are represented only by FileSystemSandboxPolicy / PermissionProfile entries.
• Keeps app-server v2 compatible with legacy fullAccess read-access payloads by accepting and ignoring that no-op shape, while rejecting legacy restricted read-access payloads instead of silently widening them to full-read legacy policies.
• Carries Windows sandbox platform-default read behavior with an explicit override flag instead of depending on ReadOnlyAccess::Restricted.
• Refreshes generated app-server schema/types and updates tests/docs for the simplified legacy policy shape.

Verification

• cargo check -p codex-app-server-protocol --tests
• cargo check -p codex-windows-sandbox --tests
• cargo test -p codex-app-server-protocol sandbox_policy_

---

Stack created with Sapling. Best reviewed with ReviewStack.

• permissions: finish profile-backed app surfaces #19395
• permissions: remove core legacy policy round trips #19394
• permissions: migrate approval and sandbox consumers to profiles #19393
• permissions: derive compatibility policies from profiles #19392
• permissions: make runtime config profile-backed #19391
• -> permissions: remove legacy read-only access modes #19449

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bbc6c1beb8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".