From 7357d7aea16a2ef3688ed969d9bf853acac4c332 Mon Sep 17 00:00:00 2001
From: Ihor Panasiuk <igorskynet13@gmail.com>
Date: Thu, 2 Apr 2026 15:49:58 +0200
Subject: [PATCH] Enhance approval tests for steps and triggers

- Added validation to ensure that every step returned by the server is listed in the fixture with a matching handler hash, catching new or changed handlers not yet approved.
- Implemented checks to confirm that every fixture row still exists on the server with the same hash, addressing stale entries after steps or triggers are removed or lists are not updated.
- Updated comments for clarity on the purpose of the new validations in both step and trigger approval tests.
---
 .../tests/step_definitions_approval.spec.ts    | 18 ++++++++++++++++++
 .../tests/trigger_definitions_approval.spec.ts | 18 ++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/step_definitions_approval.spec.ts b/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/step_definitions_approval.spec.ts
index aaa4dc5989523..2354677b1cd0d 100644
--- a/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/step_definitions_approval.spec.ts
+++ b/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/step_definitions_approval.spec.ts
@@ -46,6 +46,8 @@ apiTest.describe(
         expect(response.body.steps).toBeDefined();
         expect(Array.isArray(response.body.steps)).toBe(true);
 
+        // Registered ⊆ approved: every step returned by the server must be listed in the fixture
+        // with a matching handler hash (catches new or changed handlers not yet approved).
         for (const step of response.body.steps) {
           const approvedStep = APPROVED_STEP_DEFINITIONS.find(({ id }) => id === step.id);
 
@@ -57,6 +59,22 @@ apiTest.describe(
             message: `Step "${step.id}" has an invalid handler hash`,
           }).toBe(approvedStep?.handlerHash);
         }
+
+        // Approved ⊆ registered: every fixture row must still exist on the server with the same hash
+        // (catches stale rows left after a step was removed or the list was not updated).
+        for (const approved of APPROVED_STEP_DEFINITIONS) {
+          const registeredStep = response.body.steps.find(
+            (step: { id: string; handlerHash: string }) => step.id === approved.id
+          );
+
+          expect(registeredStep, {
+            message: `Approved list contains stale entry "${approved.id}" that is not registered`,
+          }).toBeDefined();
+
+          expect(registeredStep?.handlerHash, {
+            message: `Approved entry "${approved.id}" has an invalid handler hash (does not match registered step)`,
+          }).toBe(approved.handlerHash);
+        }
       }
     );
   }
diff --git a/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/trigger_definitions_approval.spec.ts b/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/trigger_definitions_approval.spec.ts
index d94e45fbe425b..02c328b2b3a01 100644
--- a/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/trigger_definitions_approval.spec.ts
+++ b/src/platform/plugins/shared/workflows_extensions/test/scout/api/tests/trigger_definitions_approval.spec.ts
@@ -48,6 +48,8 @@ apiTest.describe(
         ).toBe(true);
         expect(Array.isArray(response.body.triggers)).toBe(true);
 
+        // Registered ⊆ approved: every trigger returned by the server must be listed in the fixture
+        // with a matching schema hash (catches new or changed schemas not yet approved).
         for (const trigger of response.body.triggers) {
           const approvedTrigger = APPROVED_TRIGGER_DEFINITIONS.find(({ id }) => id === trigger.id);
 
@@ -59,6 +61,22 @@ apiTest.describe(
             message: `Trigger "${trigger.id}" has an invalid schema hash`,
           }).toBe(trigger.schemaHash);
         }
+
+        // Approved ⊆ registered: every fixture row must still exist on the server with the same hash
+        // (catches stale rows left after a trigger was removed or the list was not updated).
+        for (const approved of APPROVED_TRIGGER_DEFINITIONS) {
+          const registeredTrigger = response.body.triggers.find(
+            (trigger: { id: string; schemaHash: string }) => trigger.id === approved.id
+          );
+
+          expect(registeredTrigger, {
+            message: `Approved list contains stale entry "${approved.id}" that is not registered`,
+          }).toBeDefined();
+
+          expect(registeredTrigger?.schemaHash, {
+            message: `Approved entry "${approved.id}" has an invalid schema hash (does not match registered trigger)`,
+          }).toBe(approved.schemaHash);
+        }
       }
     );
   }