From dfbd9b60239f301c193a017e03b0adc20e2ff967 Mon Sep 17 00:00:00 2001
From: Shakker <shakkerdroid@gmail.com>
Date: Mon, 11 May 2026 08:23:30 +0100
Subject: [PATCH] test: tighten zalo group policy assertions

---
 .../zalo/src/monitor.group-policy.test.ts     | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/extensions/zalo/src/monitor.group-policy.test.ts b/extensions/zalo/src/monitor.group-policy.test.ts
index 85be885cdb9..071608c0b44 100644
--- a/extensions/zalo/src/monitor.group-policy.test.ts
+++ b/extensions/zalo/src/monitor.group-policy.test.ts
@@ -109,12 +109,24 @@ async function resolveAccess(
   return { result, readAllowFromStore };
 }
 
+function stableSenderAccess(access: { allowed: boolean; decision: string; reasonCode: string }) {
+  return {
+    allowed: access.allowed,
+    decision: access.decision,
+    reasonCode: access.reasonCode,
+  };
+}
+
 describe("zalo shared ingress access policy", () => {
   it.each(groupPolicyCases)(
     "maps %s through shared ingress",
     async (_name, accountConfig, senderId, allowed, reasonCode) => {
       const { result } = await resolveAccess({ accountConfig, senderId });
-      expect(result.senderAccess).toMatchObject({ allowed, reasonCode });
+      expect(stableSenderAccess(result.senderAccess)).toEqual({
+        allowed,
+        decision: allowed ? "allow" : "block",
+        reasonCode,
+      });
     },
   );
 
@@ -147,7 +159,8 @@ describe("zalo shared ingress access policy", () => {
     });
 
     expect(readAllowFromStore).toHaveBeenCalledTimes(1);
-    expect(result.senderAccess).toMatchObject({
+    expect(stableSenderAccess(result.senderAccess)).toEqual({
+      allowed: true,
       decision: "allow",
       reasonCode: "dm_policy_allowlisted",
     });
@@ -165,7 +178,8 @@ describe("zalo shared ingress access policy", () => {
     });
 
     expect(readAllowFromStore).not.toHaveBeenCalled();
-    expect(result.senderAccess).toMatchObject({
+    expect(stableSenderAccess(result.senderAccess)).toEqual({
+      allowed: false,
       decision: "block",
       reasonCode: "dm_policy_not_allowlisted",
     });
@@ -190,8 +204,9 @@ describe("zalo shared ingress access policy", () => {
       senderId: "12345",
     });
 
-    expect(result.senderAccess).toMatchObject({
+    expect(stableSenderAccess(result.senderAccess)).toEqual({
       allowed: true,
+      decision: "allow",
       reasonCode: "group_policy_allowed",
     });
   });