refactor: deprecate legacy confirmation settings and enforce Policy Engine (#15626)

2026-04-22 11:04:42 -07:00 · 2025-12-29 14:22:42 -05:00
parent a3d214f8d7
commit dcd2449b1a
17 changed files with 31 additions and 113 deletions
@@ -16,6 +16,7 @@ import {
  WEB_FETCH_TOOL_NAME,
  type ExtensionLoader,
  debugLogger,
+  ApprovalMode,
 } from '@google/gemini-cli-core';
 import { loadCliConfig, parseArguments, type CliArgs } from './config.js';
 import type { Settings } from './settings.js';
@@ -629,14 +630,7 @@ describe('loadCliConfig', () => {
    expect(config.getFileFilteringRespectGeminiIgnore()).toBe(
      DEFAULT_FILE_FILTERING_OPTIONS.respectGeminiIgnore,
    );
-  });
-
-  it('should default enableMessageBusIntegration to true when unconfigured', async () => {
-    process.argv = ['node', 'script.js'];
-    const argv = await parseArguments({} as Settings);
-    const settings: Settings = {};
-    const config = await loadCliConfig(settings, 'test-session', argv);
-    expect(config['enableMessageBusIntegration']).toBe(true);
+    expect(config.getApprovalMode()).toBe(ApprovalMode.DEFAULT);
  });
 });

@@ -542,9 +542,6 @@ export async function loadCliConfig(
    approvalMode,
  );

-  const enableMessageBusIntegration =
-    settings.tools?.enableMessageBusIntegration ?? true;
-
  const allowedTools = argv.allowedTools || settings.tools?.allowed || [];
  const allowedToolsSet = new Set(allowedTools);

@@ -695,7 +692,6 @@ export async function loadCliConfig(
    output: {
      format: (argv.outputFormat ?? settings.output?.format) as OutputFormat,
    },
-    enableMessageBusIntegration,
    codebaseInvestigatorSettings:
      settings.experimental?.codebaseInvestigatorSettings,
    introspectionAgentSettings:
@@ -85,7 +85,6 @@ const MIGRATION_MAP: Record<string, string> = {
  disableAutoUpdate: 'general.disableAutoUpdate',
  disableUpdateNag: 'general.disableUpdateNag',
  dnsResolutionOrder: 'advanced.dnsResolutionOrder',
-  enableMessageBusIntegration: 'tools.enableMessageBusIntegration',
  enableHooks: 'tools.enableHooks',
  enablePromptCompletion: 'general.enablePromptCompletion',
  enforcedAuthType: 'security.auth.enforcedType',
@@ -1073,18 +1073,6 @@ const SETTINGS_SCHEMA = {
        description: 'The number of lines to keep when truncating tool output.',
        showInDialog: true,
      },
-      enableMessageBusIntegration: {
-        type: 'boolean',
-        label: 'Enable Message Bus Integration',
-        category: 'Tools',
-        requiresRestart: true,
-        default: true,
-        description: oneLine`
-          Enable policy-based tool confirmation via message bus integration.
-          When enabled, tools automatically respect policy engine decisions (ALLOW/DENY/ASK_USER) without requiring individual tool implementations.
-        `,
-        showInDialog: true,
-      },
      enableHooks: {
        type: 'boolean',
        label: 'Enable Hooks System',
@@ -150,7 +150,7 @@ describe('Settings Repro', () => {
          showColor: true,
          enableInteractiveShell: true,
        },
-        enableMessageBusIntegration: true,
+        truncateToolOutputLines: 100,
      },
      experimental: {
        useModelRouter: false,
@@ -96,7 +96,6 @@ describe('BuiltinCommandLoader', () => {
    vi.clearAllMocks();
    mockConfig = {
      getFolderTrust: vi.fn().mockReturnValue(true),
-      getEnableMessageBusIntegration: () => false,
      getEnableExtensionReloading: () => false,
      getEnableHooks: () => false,
    } as unknown as Config;
@@ -172,7 +171,6 @@ describe('BuiltinCommandLoader', () => {
  it('should include policies command when message bus integration is enabled', async () => {
    const mockConfigWithMessageBus = {
      ...mockConfig,
-      getEnableMessageBusIntegration: () => true,
      getEnableHooks: () => false,
    } as unknown as Config;
    const loader = new BuiltinCommandLoader(mockConfigWithMessageBus);
@@ -180,18 +178,6 @@ describe('BuiltinCommandLoader', () => {
    const policiesCmd = commands.find((c) => c.name === 'policies');
    expect(policiesCmd).toBeDefined();
  });
-
-  it('should exclude policies command when message bus integration is disabled', async () => {
-    const mockConfigWithoutMessageBus = {
-      ...mockConfig,
-      getEnableMessageBusIntegration: () => false,
-      getEnableHooks: () => false,
-    } as unknown as Config;
-    const loader = new BuiltinCommandLoader(mockConfigWithoutMessageBus);
-    const commands = await loader.loadCommands(new AbortController().signal);
-    const policiesCmd = commands.find((c) => c.name === 'policies');
-    expect(policiesCmd).toBeUndefined();
-  });
 });

 describe('BuiltinCommandLoader profile', () => {
@@ -202,7 +188,6 @@ describe('BuiltinCommandLoader profile', () => {
    mockConfig = {
      getFolderTrust: vi.fn().mockReturnValue(false),
      getCheckpointingEnabled: () => false,
-      getEnableMessageBusIntegration: () => false,
      getEnableExtensionReloading: () => false,
      getEnableHooks: () => false,
    } as unknown as Config;
@@ -81,9 +81,7 @@ export class BuiltinCommandLoader implements ICommandLoader {
      modelCommand,
      ...(this.config?.getFolderTrust() ? [permissionsCommand] : []),
      privacyCommand,
-      ...(this.config?.getEnableMessageBusIntegration()
-        ? [policiesCommand]
-        : []),
+      policiesCommand,
      ...(isDevelopment ? [profileCommand] : []),
      quitCommand,
      restoreCommand(this.config),
@@ -80,7 +80,6 @@ const mockConfig = {
  getUseSmartEdit: () => false,
  getGeminiClient: () => null, // No client needed for these tests
  getShellExecutionConfig: () => ({ terminalWidth: 80, terminalHeight: 24 }),
-  getEnableMessageBusIntegration: () => false,
  getMessageBus: () => null,
  getPolicyEngine: () => null,
  isInteractive: () => false,