tests: use permission profiles in unified exec suite

[bolinfest]

Why

This stack is migrating runtime/test code away from constructing SandboxPolicy directly. The unified exec suite still used legacy policies for turn setup, which meant the tests were exercising the compatibility field as the source of truth rather than the canonical PermissionProfile that the runtime now carries.

What Changed

• Updated the unified exec turn helper to accept a PermissionProfile and derive the legacy compatibility sandbox_policy with turn_permission_fields().
• Replaced direct disabled/read-only turn setup with PermissionProfile::Disabled and PermissionProfile::read_only().
• Replaced the network-denial setup that created a legacy workspace-write policy just to enable network with a direct PermissionProfile::workspace_write_with(..., NetworkSandboxPolicy::Enabled, ...).
• Kept the glob deny-read test profile-backed by reusing the configured SessionConfiguredEvent.permission_profile for the turn instead of rebuilding a legacy read-only policy.
• Leaves rg '\bSandboxPolicy\b' codex-rs/core/tests/suite/unified_exec.rs with zero matches.

Verification

cargo test -p codex-core unified_exec_emits_exec_command_begin_event -- --nocapture
cargo test -p codex-core unified_exec_network_denial -- --nocapture
cargo test -p codex-core unified_exec_enforces_glob_deny_read_policy -- --nocapture

---

Stack created with Sapling. Best reviewed with ReviewStack.

• windows-sandbox: isolate allow path computation from legacy policy #20469
• docs: avoid stale SandboxPolicy references #20468
• config tests: assert sandbox-mode fallbacks via profiles #20467
• config tests: assert permission profile runtime state #20466
• config tests: derive permission profiles directly #20465
• tui tests: assert permission profiles directly #20459
• config: gate legacy writable roots from profiles #20456
• windows-sandbox: accept permission profiles from callers #20455
• exec: localize legacy Windows sandbox projection #20452
• session: stop exposing legacy sandbox policy #20450
• protocol: remove legacy sandbox turn-context overrides #20449
• protocol: drop legacy sandbox from user turns #20446
• protocol: require permission profiles for user turns #20441
• protocol: canonicalize turn context permissions #20440
• session: localize legacy sandbox turn fallback #20438
• rollout-trace: record permission profiles #20436
• protocol: make user-turn sandbox policy optional #20433
• session: tag turns with permission profiles #20432
• core tests: submit turns with permission profiles #20431
• turn-context: stop writing legacy sandbox policy #20430
• app-server: normalize command sandbox overrides as profiles #20429
• app-server: validate turn sandbox overrides as profiles #20428
• session: convert legacy sandbox updates before settings apply #20426
• sandboxing: exercise seatbelt with runtime policies #20424
• app-server: compare resume sandbox from permission profile #20423
• mcp: send sandbox metadata as permission profile only #20422
• thread-store: stop exposing legacy sandbox policy #20421
• tui: centralize legacy sandbox projection #20420
• test support: derive turn sandbox from permission profiles #20414
• windows setup: derive sandbox from permission profile #20412
• exec tests: derive thread sandbox from profile #20411
• windows read grants: accept permission profiles #20410
• session tests: configure permissions with profiles #20409
• analytics tests: derive sandbox fixtures from profiles #20408
• approval tests: configure scenarios with permission profiles #20407
• tui: hydrate thread permissions from profiles #20406
• rollout tests: seed turn contexts from permission profiles #20404
• state: extract rollout permissions from profiles #20403
• state: derive metadata sandbox from permission profiles #20401
• otel: report conversation permissions from profiles #20400
• protocol: drop cwd-less legacy profile constructor #20398
• app-server-test-client: select permission profiles by name #20397
• session tests: configure runtime permissions directly #20396
• tests: mutate spawn-agent permission profile directly #20394
• app-server tests: select turn permission profiles by name #20393
• file-system: drop unused legacy sandbox constructor #20390
• tests: use disabled profile in exec capture check #20389
• tests: use profile constructors in config checks #20388
• tests: use permission profiles in multi-agent config checks #20387
• tests: remove sandbox policy fixture from rollout trace #20386
• tests: use permission profiles in session network checks #20384
• tests: use permission profiles in config loader checks #20382
• tests: submit websocket turns with permission profiles #20381
• tests: use permission profiles in exec policy checks #20380
• tests: use permission profiles in request permission suite #20378
• -> tests: use permission profiles in unified exec suite #20376
• core: use permission profiles in small read-only contexts #20375
• exec tests: launch sandbox cases from permission profiles #20372
• tests: use permission profiles in suite turn submits #20370
• guardian: configure review session permissions directly #20369
• tests: use permission profiles in small core fixtures #20368
• exec-server: use permission profiles in file system handler tests #20367
• memories: configure consolidation permissions directly #20365
• analytics: distinguish custom managed permission profiles #20363
• tests: use permission profiles in guardian config checks #20362
• tests: use permission profiles in unix escalation checks #20360
• tests: use permission profiles in patch safety checks #20359
• tests: use permission profiles in tool sandbox tests #20358
• tests: use permission profile fixtures in config checks #20357
• core: build permission instructions from profiles only #20356
• utils: summarize permission profiles directly #20355
• tests: copy plugin stdio server before launch #20373

[github-actions]

Closing this pull request because it has had no updates for more than 14 days. If you plan to continue working on it, feel free to reopen or open a new PR.