Codex Handbook
sandboxing/src/policy_transforms_tests.rs 914 lines
use super::effective_file_system_sandbox_policy;use super::intersect_permission_profiles;use super::merge_file_system_policy_with_additional_permissions;use super::normalize_additional_permissions;use super::should_require_platform_sandbox;use codex_protocol::models::AdditionalPermissionProfile as PermissionProfile;use codex_protocol::models::FileSystemPermissions;use codex_protocol::models::NetworkPermissions;use codex_protocol::permissions::FileSystemAccessMode;use codex_protocol::permissions::FileSystemPath;use codex_protocol::permissions::FileSystemSandboxEntry;use codex_protocol::permissions::FileSystemSandboxPolicy;use codex_protocol::permissions::FileSystemSpecialPath;use codex_protocol::permissions::NetworkSandboxPolicy;use codex_utils_absolute_path::AbsolutePathBuf;use dunce::canonicalize;use pretty_assertions::assert_eq;#[cfg(unix)]use std::path::Path;use tempfile::TempDir;#[cfg(unix)]fn symlink_dir(original: &Path, link: &Path) -> std::io::Result<()> {    std::os::unix::fs::symlink(original, link)}#[test]fn full_access_restricted_policy_skips_platform_sandbox_when_network_is_enabled() {    let policy = FileSystemSandboxPolicy::restricted(vec![FileSystemSandboxEntry {        path: FileSystemPath::Special {            value: FileSystemSpecialPath::Root,        },        access: FileSystemAccessMode::Write,    }]);    assert_eq!(        should_require_platform_sandbox(            &policy,            NetworkSandboxPolicy::Enabled,            /*has_managed_network_requirements*/ false        ),        false    );}#[test]fn root_write_policy_with_carveouts_still_uses_platform_sandbox() {    let blocked = AbsolutePathBuf::resolve_path_against_base(        "blocked",        std::env::current_dir().expect("current dir"),    );    let policy = FileSystemSandboxPolicy::restricted(vec![        FileSystemSandboxEntry {            path: FileSystemPath::Special {                value: FileSystemSpecialPath::Root,            },            access: FileSystemAccessMode::Write,        },        FileSystemSandboxEntry {            path: FileSystemPath::Path { path: blocked },            access: FileSystemAccessMode::Deny,        },    ]);    assert_eq!(        should_require_platform_sandbox(            &policy,            NetworkSandboxPolicy::Enabled,            /*has_managed_network_requirements*/ false        ),        true    );}#[test]fn full_access_restricted_policy_still_uses_platform_sandbox_for_restricted_network() {    let policy = FileSystemSandboxPolicy::restricted(vec![FileSystemSandboxEntry {        path: FileSystemPath::Special {            value: FileSystemSpecialPath::Root,        },        access: FileSystemAccessMode::Write,    }]);    assert_eq!(        should_require_platform_sandbox(            &policy,            NetworkSandboxPolicy::Restricted,            /*has_managed_network_requirements*/ false        ),        true    );}#[test]fn normalize_additional_permissions_preserves_network() {    let temp_dir = TempDir::new().expect("create temp dir");    let path = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let permissions = normalize_additional_permissions(PermissionProfile {        network: Some(NetworkPermissions {            enabled: Some(true),        }),        file_system: Some(FileSystemPermissions::from_read_write_roots(            Some(vec![path.clone()]),            Some(vec![path.clone()]),        )),    })    .expect("permissions");    assert_eq!(        permissions.network,        Some(NetworkPermissions {            enabled: Some(true),        })    );    assert_eq!(        permissions.file_system,        Some(FileSystemPermissions::from_read_write_roots(            Some(vec![path.clone()]),            Some(vec![path]),        ))    );}#[cfg(unix)]#[test]fn normalize_additional_permissions_preserves_symlinked_write_paths() {    let temp_dir = TempDir::new().expect("create temp dir");    let real_root = temp_dir.path().join("real");    let link_root = temp_dir.path().join("link");    let write_dir = real_root.join("write");    std::fs::create_dir_all(&write_dir).expect("create write dir");    symlink_dir(&real_root, &link_root).expect("create symlinked root");    let link_write_dir =        AbsolutePathBuf::from_absolute_path(link_root.join("write")).expect("link write dir");    let permissions = normalize_additional_permissions(PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            Some(vec![]),            Some(vec![link_write_dir]),        )),        ..Default::default()    })    .expect("permissions");    assert_eq!(        permissions.file_system,        Some(FileSystemPermissions::from_read_write_roots(            Some(vec![]),            Some(vec![                AbsolutePathBuf::from_absolute_path(link_root.join("write"))                    .expect("link write dir"),            ]),        ))    );}#[test]fn normalize_additional_permissions_rejects_glob_read_grants() {    let err = normalize_additional_permissions(PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![FileSystemSandboxEntry {                path: FileSystemPath::GlobPattern {                    pattern: "**/*.env".to_string(),                },                access: FileSystemAccessMode::Read,            }],            glob_scan_max_depth: None,        }),        ..Default::default()    })    .expect_err("read glob permissions are unsupported");    assert_eq!(        err,        "glob file system permissions only support deny-read entries"    );}#[test]fn normalize_additional_permissions_preserves_deny_globs() {    let permissions = normalize_additional_permissions(PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![FileSystemSandboxEntry {                path: FileSystemPath::GlobPattern {                    pattern: "**/*.env".to_string(),                },                access: FileSystemAccessMode::Deny,            }],            glob_scan_max_depth: std::num::NonZeroUsize::new(2),        }),        ..Default::default()    })    .expect("deny glob permissions are supported");    assert_eq!(        permissions,        PermissionProfile {            file_system: Some(FileSystemPermissions {                entries: vec![FileSystemSandboxEntry {                    path: FileSystemPath::GlobPattern {                        pattern: "**/*.env".to_string(),                    },                    access: FileSystemAccessMode::Deny,                }],                glob_scan_max_depth: std::num::NonZeroUsize::new(2),            }),            ..Default::default()        }    );}#[test]fn normalize_additional_permissions_drops_empty_nested_profiles() {    let permissions = normalize_additional_permissions(PermissionProfile {        network: Some(NetworkPermissions { enabled: None }),        file_system: Some(FileSystemPermissions::default()),    })    .expect("permissions");    assert_eq!(permissions, PermissionProfile::default());}#[test]fn intersect_permission_profiles_preserves_explicit_empty_requested_reads() {    let temp_dir = TempDir::new().expect("create temp dir");    let path = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            Some(vec![]),            Some(vec![path]),        )),        ..Default::default()    };    let granted = requested.clone();    assert_eq!(        intersect_permission_profiles(requested.clone(), granted, temp_dir.path()),        requested    );}#[test]fn intersect_permission_profiles_drops_ungranted_nonempty_path_requests() {    let temp_dir = TempDir::new().expect("create temp dir");    let path = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            Some(vec![path]),            /*write*/ None,        )),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, PermissionProfile::default(), temp_dir.path()),        PermissionProfile::default()    );}#[test]fn intersect_permission_profiles_drops_explicit_empty_reads_without_grant() {    let temp_dir = TempDir::new().expect("create temp dir");    let path = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            Some(vec![]),            Some(vec![path]),        )),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, PermissionProfile::default(), temp_dir.path()),        PermissionProfile::default()    );}#[test]fn intersect_permission_profiles_accepts_child_path_granted_for_requested_cwd() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let child = cwd.join("child");    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![FileSystemSandboxEntry {                path: FileSystemPath::Special {                    value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                },                access: FileSystemAccessMode::Write,            }],            glob_scan_max_depth: None,        }),        ..Default::default()    };    let granted = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            /*read*/ None,            Some(vec![child]),        )),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, granted.clone(), cwd.as_path()),        granted    );}#[test]fn intersect_permission_profiles_materializes_cwd_grant_for_reuse() {    let temp_dir = TempDir::new().expect("create temp dir");    let request_cwd = AbsolutePathBuf::from_absolute_path(temp_dir.path().join("request-cwd"))        .expect("absolute request cwd");    let later_cwd = AbsolutePathBuf::from_absolute_path(temp_dir.path().join("later-cwd"))        .expect("absolute later cwd");    let cwd_write_permissions = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![FileSystemSandboxEntry {                path: FileSystemPath::Special {                    value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                },                access: FileSystemAccessMode::Write,            }],            glob_scan_max_depth: None,        }),        ..Default::default()    };    let intersected = intersect_permission_profiles(        cwd_write_permissions.clone(),        cwd_write_permissions,        request_cwd.as_path(),    );    assert_eq!(        intersected,        PermissionProfile {            file_system: Some(FileSystemPermissions::from_read_write_roots(                /*read*/ None,                Some(vec![request_cwd]),            )),            ..Default::default()        }    );    assert_eq!(        intersect_permission_profiles(            PermissionProfile {                file_system: Some(FileSystemPermissions::from_read_write_roots(                    /*read*/ None,                    Some(vec![later_cwd.join("child")]),                )),                ..Default::default()            },            intersected,            later_cwd.as_path(),        ),        PermissionProfile::default()    );}#[test]fn intersect_permission_profiles_deduplicates_materialized_grants() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd =        AbsolutePathBuf::from_absolute_path(temp_dir.path().join("cwd")).expect("absolute cwd");    let permissions = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![                FileSystemSandboxEntry {                    path: FileSystemPath::Special {                        value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                    },                    access: FileSystemAccessMode::Write,                },                FileSystemSandboxEntry {                    path: FileSystemPath::Path { path: cwd.clone() },                    access: FileSystemAccessMode::Write,                },            ],            glob_scan_max_depth: None,        }),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(permissions.clone(), permissions, cwd.as_path()),        PermissionProfile {            file_system: Some(FileSystemPermissions::from_read_write_roots(                /*read*/ None,                Some(vec![cwd]),            )),            ..Default::default()        }    );}#[test]fn intersect_permission_profiles_materializes_cwd_deny_entries() {    let temp_dir = TempDir::new().expect("create temp dir");    let request_cwd = AbsolutePathBuf::from_absolute_path(temp_dir.path().join("request-cwd"))        .expect("absolute request cwd");    let permissions = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![                FileSystemSandboxEntry {                    path: FileSystemPath::Special {                        value: FileSystemSpecialPath::Root,                    },                    access: FileSystemAccessMode::Write,                },                FileSystemSandboxEntry {                    path: FileSystemPath::Special {                        value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                    },                    access: FileSystemAccessMode::Deny,                },            ],            glob_scan_max_depth: None,        }),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(permissions.clone(), permissions, request_cwd.as_path()),        PermissionProfile {            file_system: Some(FileSystemPermissions {                entries: vec![                    FileSystemSandboxEntry {                        path: FileSystemPath::Special {                            value: FileSystemSpecialPath::Root,                        },                        access: FileSystemAccessMode::Write,                    },                    FileSystemSandboxEntry {                        path: FileSystemPath::Path { path: request_cwd },                        access: FileSystemAccessMode::Deny,                    },                ],                glob_scan_max_depth: None,            }),            ..Default::default()        }    );}#[test]fn intersect_permission_profiles_drops_deny_entries_without_filesystem_grants() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let secret = cwd.join("secret");    let requested = PermissionProfile {        network: Some(NetworkPermissions {            enabled: Some(true),        }),        file_system: Some(FileSystemPermissions {            entries: vec![                FileSystemSandboxEntry {                    path: FileSystemPath::Special {                        value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                    },                    access: FileSystemAccessMode::Write,                },                FileSystemSandboxEntry {                    path: FileSystemPath::Path { path: secret },                    access: FileSystemAccessMode::Deny,                },            ],            glob_scan_max_depth: None,        }),    };    let granted = PermissionProfile {        network: Some(NetworkPermissions {            enabled: Some(true),        }),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, granted.clone(), cwd.as_path()),        granted    );}#[test]fn intersect_permission_profiles_rejects_concrete_grants_matched_by_requested_deny_globs() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let env_file = cwd.join(".env");    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![                FileSystemSandboxEntry {                    path: FileSystemPath::Special {                        value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                    },                    access: FileSystemAccessMode::Write,                },                FileSystemSandboxEntry {                    path: FileSystemPath::GlobPattern {                        pattern: "**/*.env".to_string(),                    },                    access: FileSystemAccessMode::Deny,                },            ],            glob_scan_max_depth: std::num::NonZeroUsize::new(2),        }),        ..Default::default()    };    let granted = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            /*read*/ None,            Some(vec![env_file]),        )),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, granted, cwd.as_path()),        PermissionProfile::default()    );}#[test]fn intersect_permission_profiles_materializes_relative_deny_globs_for_reuse() {    let temp_dir = TempDir::new().expect("create temp dir");    let request_cwd = AbsolutePathBuf::from_absolute_path(temp_dir.path().join("request-cwd"))        .expect("absolute request cwd");    let later_cwd = AbsolutePathBuf::from_absolute_path(temp_dir.path().join("later-cwd"))        .expect("absolute later cwd");    let cwd_write = FileSystemSandboxEntry {        path: FileSystemPath::Special {            value: FileSystemSpecialPath::project_roots(/*subpath*/ None),        },        access: FileSystemAccessMode::Write,    };    let deny_env_files = FileSystemSandboxEntry {        path: FileSystemPath::GlobPattern {            pattern: "**/*.env".to_string(),        },        access: FileSystemAccessMode::Deny,    };    let permissions = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![cwd_write, deny_env_files],            glob_scan_max_depth: std::num::NonZeroUsize::new(2),        }),        ..Default::default()    };    let intersected =        intersect_permission_profiles(permissions.clone(), permissions, request_cwd.as_path());    assert_eq!(        intersected,        PermissionProfile {            file_system: Some(FileSystemPermissions {                entries: vec![                    FileSystemSandboxEntry {                        path: FileSystemPath::Path {                            path: request_cwd.clone(),                        },                        access: FileSystemAccessMode::Write,                    },                    FileSystemSandboxEntry {                        path: FileSystemPath::GlobPattern {                            pattern: request_cwd.join("**/*.env").to_string_lossy().into_owned(),                        },                        access: FileSystemAccessMode::Deny,                    },                ],                glob_scan_max_depth: std::num::NonZeroUsize::new(2),            }),            ..Default::default()        }    );    assert_eq!(        intersect_permission_profiles(            PermissionProfile {                file_system: Some(FileSystemPermissions::from_read_write_roots(                    /*read*/ None,                    Some(vec![later_cwd.join("token.env")]),                )),                ..Default::default()            },            intersected,            later_cwd.as_path(),        ),        PermissionProfile::default()    );}#[test]fn intersect_permission_profiles_drops_broader_cwd_grant_for_requested_child_path() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let child = cwd.join("child");    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            /*read*/ None,            Some(vec![child]),        )),        ..Default::default()    };    let granted = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![FileSystemSandboxEntry {                path: FileSystemPath::Special {                    value: FileSystemSpecialPath::project_roots(/*subpath*/ None),                },                access: FileSystemAccessMode::Write,            }],            glob_scan_max_depth: None,        }),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, granted, cwd.as_path()),        PermissionProfile::default()    );}#[test]fn intersect_permission_profiles_uses_granted_bounded_glob_scan_depth() {    let cwd = std::env::current_dir().expect("current dir");    let root_write = FileSystemSandboxEntry {        path: FileSystemPath::Special {            value: FileSystemSpecialPath::Root,        },        access: FileSystemAccessMode::Write,    };    let deny_env_files = FileSystemSandboxEntry {        path: FileSystemPath::GlobPattern {            pattern: "**/*.env".to_string(),        },        access: FileSystemAccessMode::Deny,    };    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![root_write.clone(), deny_env_files.clone()],            glob_scan_max_depth: std::num::NonZeroUsize::new(2),        }),        ..Default::default()    };    let granted = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![root_write.clone(), deny_env_files],            glob_scan_max_depth: std::num::NonZeroUsize::new(4),        }),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, granted, cwd.as_path()),        PermissionProfile {            file_system: Some(FileSystemPermissions {                entries: vec![                    root_write,                    FileSystemSandboxEntry {                        path: FileSystemPath::GlobPattern {                            pattern: AbsolutePathBuf::resolve_path_against_base(                                "**/*.env",                                cwd.as_path()                            )                            .to_string_lossy()                            .into_owned(),                        },                        access: FileSystemAccessMode::Deny,                    },                ],                glob_scan_max_depth: std::num::NonZeroUsize::new(4),            }),            ..Default::default()        }    );}#[test]fn intersect_permission_profiles_uses_granted_unbounded_glob_scan_depth() {    let cwd = std::env::current_dir().expect("current dir");    let root_write = FileSystemSandboxEntry {        path: FileSystemPath::Special {            value: FileSystemSpecialPath::Root,        },        access: FileSystemAccessMode::Write,    };    let deny_env_files = FileSystemSandboxEntry {        path: FileSystemPath::GlobPattern {            pattern: "**/*.env".to_string(),        },        access: FileSystemAccessMode::Deny,    };    let requested = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![root_write.clone(), deny_env_files.clone()],            glob_scan_max_depth: std::num::NonZeroUsize::new(2),        }),        ..Default::default()    };    let granted = PermissionProfile {        file_system: Some(FileSystemPermissions {            entries: vec![root_write.clone(), deny_env_files],            glob_scan_max_depth: None,        }),        ..Default::default()    };    assert_eq!(        intersect_permission_profiles(requested, granted, cwd.as_path()),        PermissionProfile {            file_system: Some(FileSystemPermissions {                entries: vec![                    root_write,                    FileSystemSandboxEntry {                        path: FileSystemPath::GlobPattern {                            pattern: AbsolutePathBuf::resolve_path_against_base(                                "**/*.env",                                cwd.as_path()                            )                            .to_string_lossy()                            .into_owned(),                        },                        access: FileSystemAccessMode::Deny,                    },                ],                glob_scan_max_depth: None,            }),            ..Default::default()        }    );}#[test]fn merge_file_system_policy_with_additional_permissions_preserves_unreadable_roots() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let allowed_path = cwd.join("allowed");    let denied_path = cwd.join("denied");    let merged_policy = merge_file_system_policy_with_additional_permissions(        &FileSystemSandboxPolicy::restricted(vec![            FileSystemSandboxEntry {                path: FileSystemPath::Special {                    value: FileSystemSpecialPath::Root,                },                access: FileSystemAccessMode::Read,            },            FileSystemSandboxEntry {                path: FileSystemPath::Path {                    path: denied_path.clone(),                },                access: FileSystemAccessMode::Deny,            },        ]),        &FileSystemPermissions::from_read_write_roots(            Some(vec![allowed_path.clone()]),            Some(Vec::new()),        ),    );    assert_eq!(        merged_policy.entries.contains(&FileSystemSandboxEntry {            path: FileSystemPath::Path { path: denied_path },            access: FileSystemAccessMode::Deny,        }),        true    );    assert_eq!(        merged_policy.entries.contains(&FileSystemSandboxEntry {            path: FileSystemPath::Path { path: allowed_path },            access: FileSystemAccessMode::Read,        }),        true    );}#[test]fn merge_file_system_policy_with_additional_permissions_carries_bounded_glob_scan_depth() {    let deny_env_files = FileSystemSandboxEntry {        path: FileSystemPath::GlobPattern {            pattern: "**/*.env".to_string(),        },        access: FileSystemAccessMode::Deny,    };    let merged_policy = merge_file_system_policy_with_additional_permissions(        &FileSystemSandboxPolicy::restricted(vec![FileSystemSandboxEntry {            path: FileSystemPath::Special {                value: FileSystemSpecialPath::Root,            },            access: FileSystemAccessMode::Write,        }]),        &FileSystemPermissions {            entries: vec![deny_env_files.clone()],            glob_scan_max_depth: std::num::NonZeroUsize::new(2),        },    );    assert_eq!(merged_policy, {        let mut policy = FileSystemSandboxPolicy::restricted(vec![            FileSystemSandboxEntry {                path: FileSystemPath::Special {                    value: FileSystemSpecialPath::Root,                },                access: FileSystemAccessMode::Write,            },            deny_env_files,        ]);        policy.glob_scan_max_depth = Some(2);        policy    });}#[test]fn effective_file_system_sandbox_policy_returns_base_policy_without_additional_permissions() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let denied_path = cwd.join("denied");    let base_policy = FileSystemSandboxPolicy::restricted(vec![        FileSystemSandboxEntry {            path: FileSystemPath::Special {                value: FileSystemSpecialPath::Root,            },            access: FileSystemAccessMode::Read,        },        FileSystemSandboxEntry {            path: FileSystemPath::Path { path: denied_path },            access: FileSystemAccessMode::Deny,        },    ]);    let effective_policy =        effective_file_system_sandbox_policy(&base_policy, /*additional_permissions*/ None);    assert_eq!(effective_policy, base_policy);}#[test]fn effective_file_system_sandbox_policy_merges_additional_write_roots() {    let temp_dir = TempDir::new().expect("create temp dir");    let cwd = AbsolutePathBuf::from_absolute_path(        canonicalize(temp_dir.path()).expect("canonicalize temp dir"),    )    .expect("absolute temp dir");    let allowed_path = cwd.join("allowed");    let denied_path = cwd.join("denied");    let base_policy = FileSystemSandboxPolicy::restricted(vec![        FileSystemSandboxEntry {            path: FileSystemPath::Special {                value: FileSystemSpecialPath::Root,            },            access: FileSystemAccessMode::Read,        },        FileSystemSandboxEntry {            path: FileSystemPath::Path {                path: denied_path.clone(),            },            access: FileSystemAccessMode::Deny,        },    ]);    let additional_permissions = PermissionProfile {        file_system: Some(FileSystemPermissions::from_read_write_roots(            Some(vec![]),            Some(vec![allowed_path.clone()]),        )),        ..Default::default()    };    let effective_policy =        effective_file_system_sandbox_policy(&base_policy, Some(&additional_permissions));    assert_eq!(        effective_policy.entries.contains(&FileSystemSandboxEntry {            path: FileSystemPath::Path { path: denied_path },            access: FileSystemAccessMode::Deny,        }),        true    );    assert_eq!(        effective_policy.entries.contains(&FileSystemSandboxEntry {            path: FileSystemPath::Path { path: allowed_path },            access: FileSystemAccessMode::Write,        }),        true    );}