Replace hand-written PermissionRequestResult with PermissionDecision (.NET, Go)

Python (#1376) drove out its own hand-written ``PermissionRequestResult``
wrapper in favour of the generated discriminated ``PermissionDecision``
union plus a small ``PermissionNoResult`` sentinel. This commit lands the
same refactor for the .NET and Go SDKs.

**.NET**

The old ``PermissionRequestResult`` struct (just ``Kind`` + optional
``Feedback``) collapsed every decision variant into a flat string-tagged
DTO, losing the rich per-variant payloads — ``Feedback`` on rejection,
per-kind ``Approval`` lists on ``ApproveForSession`` /
``ApproveForLocation``, ``Domain`` on ``ApprovePermanently``, etc.

The generated ``PermissionDecision`` (``Rpc.cs:4760``) is already a
proper polymorphic hierarchy with ``[JsonDerivedType]`` wired up for
every variant. Switch ``OnPermissionRequest`` to return
``Task<PermissionDecision>`` and route the variant straight onto the
wire — StreamJsonRpc handles the discriminator via the existing
attributes.

Additions:

- ``PermissionDecisionNoResult`` — hand-written subclass of
  ``PermissionDecision`` used when the handler declines to respond so
  another connected client can answer. The SDK suppresses the wire
  response when it sees this variant.
- Static factories on ``PermissionDecision`` for discoverability:
  ``ApproveOnce()``, ``Reject(feedback)``, ``UserNotAvailable()``,
  ``NoResult()``. For richer decisions that need an ``Approval``
  payload, instantiate the variant class directly.

Deletions:

- ``PermissionRequestResult`` class (``Types.cs``)
- ``PermissionRequestResultKind`` struct + obsolete enum-like wrappers
- ``PermissionRequestResultKindTests.cs``
- ``PermissionRequestResult`` JSON serialization metadata

**Go**

Same shape: drop ``PermissionRequestResult`` + ``PermissionRequestResultKind``
in favour of ``rpc.PermissionDecision`` (already a sealed interface
implemented by every variant). Added ``rpc.PermissionDecisionNoResult``
as a hand-written variant that satisfies the unexported
``permissionDecision()`` method — kept inside the ``rpc`` package since
the sealing method is unexported.

Handler signature changes from ``(PermissionRequestResult, error)`` to
``(rpc.PermissionDecision, error)``. ``PermissionHandler.ApproveAll``
now returns ``&rpc.PermissionDecisionApproveOnce{}``.

Removed the ``rpcPermissionDecisionFromKind`` helper used to convert
the flat kind back to a variant — no longer needed when the handler
already returns the variant directly.

**Tests / scenarios**

All E2E tests and scenarios across .NET and Go updated to construct
``rpc.PermissionDecision*`` variants directly. The Go interface return
type means explicit ``Task.FromResult<PermissionDecision>(...)`` casts
are needed in C# where lambdas previously inferred the wrapper type.

**Doc style**

Per repo convention, public docs do not reference protocol v1/v2 or
internal transport details. The README copy for each SDK describes the
behavioural semantics ("decline to respond so another client can
answer") rather than the wire mechanism.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: SteveSandersonMS

dotnet/README.md

@@ -749,51 +749,37 @@ var session = await client.CreateSessionAsync(new SessionConfig
 
 ### Custom Permission Handler
 
-Provide your own permission handler (`Func<PermissionRequest, PermissionInvocation, Task<PermissionRequestResult>>`) to inspect each request and apply custom logic:
+Provide your own permission handler (`Func<PermissionRequest, PermissionInvocation, Task<PermissionDecision>>`) to inspect each request and apply custom logic:
 
 ```csharp
 var session = await client.CreateSessionAsync(new SessionConfig
 {
     Model = "gpt-5",
     OnPermissionRequest = async (request, invocation) =>
     {
-        // request.Kind — string discriminator for the type of operation being requested:
-        //   "shell"       — executing a shell command
-        //   "write"       — writing or editing a file
-        //   "read"        — reading a file
-        //   "mcp"         — calling an MCP tool
-        //   "custom_tool" — calling one of your registered tools
-        //   "url"         — fetching a URL
-        //   "memory"      — accessing or modifying assistant memory
-        //   "hook"        — invoking a registered hook
-        // request.ToolCallId      — the tool call that triggered this request
-        // request.ToolName        — name of the tool (for custom-tool / mcp)
-        // request.FileName        — file being written (for write)
-        // request.FullCommandText — full shell command text (for shell)
-
-        if (request.Kind == "shell")
+        // Pattern-match on the discriminated PermissionRequest union to access
+        // per-kind fields (FullCommandText, Path, ToolName, …).
+        return request switch
         {
-            // Deny shell commands
-            return new PermissionRequestResult { Kind = PermissionRequestResultKind.Rejected };
-        }
-
-        return new PermissionRequestResult { Kind = PermissionRequestResultKind.Approved };
+            PermissionRequestShell s => PermissionDecision.Reject($"Refusing shell: {s.FullCommandText}"),
+            _ => PermissionDecision.ApproveOnce(),
+        };
     }
 });
 ```
 
-### Permission Result Kinds
+### Permission Decisions
 
-The `Kind` property must be one of the canonical `PermissionRequestResultKind` values. Approval decisions are present-tense — they describe the decision to apply, not the past-tense outcome reported back on `permission.completed` session events.
+The handler returns a `PermissionDecision`. Use the static factories for common cases (returned types are the strongly-typed variant classes — full IntelliSense via `PermissionDecision.<dot>`):
 
-| Value                                       | Wire value             | Meaning                                                                                                                                                |
-| ------------------------------------------- | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| `PermissionRequestResultKind.Approved`      | `"approve-once"`       | Allow this single request                                                                                                                              |
-| `PermissionRequestResultKind.Rejected`      | `"reject"`             | Deny the request                                                                                                                                       |
-| `PermissionRequestResultKind.UserNotAvailable` | `"user-not-available"` | Deny the request because no user is available to confirm it                                                                                            |
-| `PermissionRequestResultKind.NoResult`      | `"no-result"`          | Leave the permission request unanswered (the SDK returns without calling the RPC). Not allowed for protocol v2 permission requests (will be rejected). |
+| Factory                                | Meaning                                                                                      |
+| -------------------------------------- | -------------------------------------------------------------------------------------------- |
+| `PermissionDecision.ApproveOnce()`     | Allow this single request                                                                    |
+| `PermissionDecision.Reject(feedback)`  | Deny the request, optionally forwarding feedback to the LLM                                  |
+| `PermissionDecision.UserNotAvailable()`| Deny the request because no user is available to confirm it                                  |
+| `PermissionDecision.NoResult()`        | Decline to respond, allowing another connected client to answer instead                      |
 
-> The past-tense names `PermissionRequestResultKind.DeniedInteractivelyByUser`, `PermissionRequestResultKind.DeniedCouldNotRequestFromUser`, and `PermissionRequestResultKind.DeniedByRules` remain as `[Obsolete]` aliases for backward compatibility — prefer the canonical members above in new code.
+For richer decisions that need an `Approval` payload — `PermissionDecisionApproveForSession`, `PermissionDecisionApproveForLocation`, `PermissionDecisionApprovePermanently` — instantiate the variant class directly.
 
 ### Resuming Sessions
 

dotnet/src/Client.cs

@@ -53,8 +53,8 @@ namespace GitHub.Copilot;
 /// </example>
 public sealed partial class CopilotClient : IDisposable, IAsyncDisposable
 {
-    internal const string NoResultPermissionV2ErrorMessage =
-        "Permission handlers cannot return 'no-result' when connected to a protocol v2 server.";
+    internal const string NoResultPermissionDirectRpcErrorMessage =
+        "Permission handlers cannot return PermissionDecision.NoResult() for this permission request.";
 
     /// <summary>
     /// Minimum protocol version this SDK can communicate with.
@@ -1885,23 +1885,20 @@ public async ValueTask<PermissionRequestResponseV2> OnPermissionRequestV2(string
 
             try
             {
-                var result = await session.HandlePermissionRequestAsync(permissionRequest);
-                if (result.Kind == new PermissionRequestResultKind("no-result"))
+                var decision = await session.HandlePermissionRequestAsync(permissionRequest);
+                if (decision is PermissionDecisionNoResult)
                 {
-                    throw new InvalidOperationException(NoResultPermissionV2ErrorMessage);
+                    throw new InvalidOperationException(NoResultPermissionDirectRpcErrorMessage);
                 }
-                return new PermissionRequestResponseV2(result);
+                return new PermissionRequestResponseV2(decision);
             }
-            catch (InvalidOperationException ex) when (ex.Message == NoResultPermissionV2ErrorMessage)
+            catch (InvalidOperationException ex) when (ex.Message == NoResultPermissionDirectRpcErrorMessage)
             {
                 throw;
             }
             catch (Exception)
             {
-                return new PermissionRequestResponseV2(new PermissionRequestResult
-                {
-                    Kind = PermissionRequestResultKind.UserNotAvailable
-                });
+                return new PermissionRequestResponseV2(PermissionDecision.UserNotAvailable());
             }
         }
     }
@@ -2079,7 +2076,7 @@ internal record ToolCallResponseV2(
         ToolResultObject Result);
 
     internal record PermissionRequestResponseV2(
-        PermissionRequestResult Result);
+        PermissionDecision Result);
 
     [JsonSourceGenerationOptions(
         JsonSerializerDefaults.Web,
@@ -2103,8 +2100,6 @@ internal record PermissionRequestResponseV2(
     [JsonSerializable(typeof(GetSessionMetadataRequest))]
     [JsonSerializable(typeof(GetSessionMetadataResponse))]
     [JsonSerializable(typeof(ModelCapabilitiesOverride))]
-    [JsonSerializable(typeof(PermissionRequestResult))]
-    [JsonSerializable(typeof(PermissionRequestResultKind))]
     [JsonSerializable(typeof(PermissionRequestResponseV2))]
     [JsonSerializable(typeof(ProviderConfig))]
     [JsonSerializable(typeof(ResumeSessionRequest))]

dotnet/src/PermissionDecision.cs

@@ -0,0 +1,46 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *--------------------------------------------------------------------------------------------*/
+
+using System.Text.Json.Serialization;
+
+namespace GitHub.Copilot.Rpc;
+
+/// <summary>
+/// SDK-only <see cref="PermissionDecision"/> value indicating the handler
+/// declines to respond to this permission request. The SDK then suppresses
+/// the response so another connected client can answer instead.
+/// </summary>
+public sealed class PermissionDecisionNoResult : PermissionDecision
+{
+    /// <inheritdoc />
+    [JsonIgnore]
+    public override string Kind => "no-result";
+}
+
+/// <summary>
+/// Static factories for the common <see cref="PermissionDecision"/> variants
+/// returned by <c>OnPermissionRequest</c> handlers. Use these for quick
+/// discoverability via <c>PermissionDecision.&lt;dot&gt;</c>. For richer
+/// decisions (per-session, per-location, permanent) that need an
+/// <c>Approval</c> payload, instantiate the variant class directly.
+/// </summary>
+[JsonDerivedType(typeof(PermissionDecisionNoResult), "no-result")]
+public partial class PermissionDecision
+{
+    /// <summary>Approve this single request.</summary>
+    public static PermissionDecisionApproveOnce ApproveOnce() => new();
+
+    /// <summary>Reject the request, optionally forwarding feedback to the LLM.</summary>
+    public static PermissionDecisionReject Reject(string? feedback = null) =>
+        new() { Feedback = feedback };
+
+    /// <summary>Deny the request because no user is available to confirm it.</summary>
+    public static PermissionDecisionUserNotAvailable UserNotAvailable() => new();
+
+    /// <summary>
+    /// Decline to respond to this permission request, allowing another
+    /// connected client to answer instead.
+    /// </summary>
+    public static PermissionDecisionNoResult NoResult() => new();
+}

dotnet/src/PermissionHandlers.cs

@@ -2,12 +2,14 @@
  *  Copyright (c) Microsoft Corporation. All rights reserved.
  *--------------------------------------------------------------------------------------------*/
 
+using GitHub.Copilot.Rpc;
+
 namespace GitHub.Copilot;
 
 /// <summary>Provides pre-built permission request handlers.</summary>
 public static class PermissionHandler
 {
     /// <summary>A permission handler that approves all permission requests.</summary>
-    public static Func<PermissionRequest, PermissionInvocation, Task<PermissionRequestResult>> ApproveAll { get; } =
-        (_, _) => Task.FromResult(new PermissionRequestResult { Kind = PermissionRequestResultKind.Approved });
+    public static Func<PermissionRequest, PermissionInvocation, Task<PermissionDecision>> ApproveAll { get; } =
+        (_, _) => Task.FromResult<PermissionDecision>(PermissionDecision.ApproveOnce());
 }

dotnet/src/Session.cs

@@ -60,7 +60,7 @@ public sealed partial class CopilotSession : IAsyncDisposable
     private readonly ILogger _logger;
     private readonly CopilotClient _parentClient;
 
-    private volatile Func<PermissionRequest, PermissionInvocation, Task<PermissionRequestResult>>? _permissionHandler;
+    private volatile Func<PermissionRequest, PermissionInvocation, Task<PermissionDecision>>? _permissionHandler;
     private volatile Func<UserInputRequest, UserInputInvocation, Task<UserInputResponse>>? _userInputHandler;
     private volatile Func<ElicitationContext, Task<ElicitationResult>>? _elicitationHandler;
     private volatile Func<ExitPlanModeRequest, ExitPlanModeInvocation, Task<ExitPlanModeResult>>? _exitPlanModeHandler;
@@ -535,7 +535,7 @@ internal void RegisterTools(ICollection<AIFunctionDeclaration> tools)
     /// When the assistant needs permission to perform certain actions (e.g., file operations),
     /// this handler is called to approve or deny the request.
     /// </remarks>
-    internal void RegisterPermissionHandler(Func<PermissionRequest, PermissionInvocation, Task<PermissionRequestResult>>? handler)
+    internal void RegisterPermissionHandler(Func<PermissionRequest, PermissionInvocation, Task<PermissionDecision>>? handler)
     {
         _permissionHandler = handler;
     }
@@ -545,16 +545,13 @@ internal void RegisterPermissionHandler(Func<PermissionRequest, PermissionInvoca
     /// </summary>
     /// <param name="permissionRequestData">The permission request data from the CLI.</param>
     /// <returns>A task that resolves with the permission decision.</returns>
-    internal async Task<PermissionRequestResult> HandlePermissionRequestAsync(JsonElement permissionRequestData)
+    internal async Task<PermissionDecision> HandlePermissionRequestAsync(JsonElement permissionRequestData)
     {
         var handler = _permissionHandler;
 
         if (handler == null)
         {
-            return new PermissionRequestResult
-            {
-                Kind = PermissionRequestResultKind.UserNotAvailable
-            };
+            return PermissionDecision.UserNotAvailable();
         }
 
         var request = JsonSerializer.Deserialize(permissionRequestData.GetRawText(), SessionEventsJsonContext.Default.PermissionRequest)
@@ -765,7 +762,7 @@ private async Task ExecuteToolAndRespondAsync(string requestId, string toolName,
     /// <summary>
     /// Executes a permission handler and sends the result back via the HandlePendingPermissionRequest RPC.
     /// </summary>
-    private async Task ExecutePermissionAndRespondAsync(string requestId, PermissionRequest permissionRequest, Func<PermissionRequest, PermissionInvocation, Task<PermissionRequestResult>> handler)
+    private async Task ExecutePermissionAndRespondAsync(string requestId, PermissionRequest permissionRequest, Func<PermissionRequest, PermissionInvocation, Task<PermissionDecision>> handler)
     {
         try
         {
@@ -775,20 +772,17 @@ private async Task ExecutePermissionAndRespondAsync(string requestId, Permission
             };
 
             var permissionTimestamp = Stopwatch.GetTimestamp();
-            var result = await handler(permissionRequest, invocation);
+            var decision = await handler(permissionRequest, invocation);
             LoggingHelpers.LogTiming(_logger, LogLevel.Debug, null,
                 "CopilotSession.ExecutePermissionAndRespondAsync dispatch. Elapsed={Elapsed}, SessionId={SessionId}, RequestId={RequestId}",
                 permissionTimestamp,
                 SessionId,
                 requestId);
-            if (result.Kind == new PermissionRequestResultKind("no-result"))
+            if (decision is PermissionDecisionNoResult)
             {
                 return;
             }
             var responseRpcTimestamp = Stopwatch.GetTimestamp();
-            PermissionDecision decision = result.Kind == PermissionRequestResultKind.Rejected
-                ? new PermissionDecisionReject { Feedback = result.Feedback }
-                : new PermissionDecision { Kind = result.Kind.Value };
             await Rpc.Permissions.HandlePendingPermissionRequestAsync(requestId, decision);
             LoggingHelpers.LogTiming(_logger, LogLevel.Debug, null,
                 "CopilotSession.ExecutePermissionAndRespondAsync response sent successfully. Elapsed={Elapsed}, SessionId={SessionId}, RequestId={RequestId}",
@@ -800,10 +794,7 @@ private async Task ExecutePermissionAndRespondAsync(string requestId, Permission
         {
             try
             {
-                await Rpc.Permissions.HandlePendingPermissionRequestAsync(requestId, new PermissionDecision
-                {
-                    Kind = PermissionRequestResultKind.UserNotAvailable.Value
-                });
+                await Rpc.Permissions.HandlePendingPermissionRequestAsync(requestId, PermissionDecision.UserNotAvailable());
             }
             catch (IOException)
             {