Order tests fix (#4)

* Unsplit joined unauthorized_sign condition

* Add propper approval test

---------

Co-authored-by: Trinketer22 <trinketer22@localhost>

TESTING.md

@@ -112,6 +112,8 @@ In case approval is granted, bit is set in `approvals` mask in accordance with s
 
 For approval to be granted:  
 
+- Sender address should be present in `signers` list.
+- Signer index specified in message, should match sender address position at `signers` list.
 - Order should not be expired (`expiration_date < now()`).
 - Order can only be executed once `executed` field should be `false`.
 - Signer at specified index in `approvals` mask has not granted approval yet.(`error::already_approved`)

contracts/order.func

@@ -125,7 +125,8 @@
         } else {
             int signer_index = in_msg_body~load_index();
             (slice signer, int found?) = signers.udict_get?(INDEX_SIZE, signer_index);
-            throw_unless(error::unauthorized_sign, found? & equal_slice_bits(sender, signer));
+            throw_unless(error::unauthorized_sign, found?);
+            throw_unless(error::unauthorized_sign, equal_slice_bits(sender, signer));
 
             (approvals, approvals_num) ~add_approval(signer_index);
             check_threshold? = true;

tests/Order.spec.ts

@@ -188,7 +188,6 @@ describe('Order', () => {
         }
     });
 
-
     it('should approve order with comment', async () => {
         let   signerIdx  = 0;
         let signer     = signers[signerIdx];
@@ -284,7 +283,44 @@ describe('Order', () => {
         expect(dataAfter._approvals).toEqual(dataBefore._approvals);
 
     });
+    it('should accept approval only from signers', async () => {
+        let signerIdx  = getRandomInt(0, signers.length - 1);
+
+        const rndSigner = signers[signerIdx];
+        const notSigner = differentAddress(signers[signerIdx].address);
+
+        let dataBefore = await getContractData(orderContract.address);
+
+        // Testing not valid signer address, but valid signer index
+        let res = await orderContract.sendApprove(blockchain.sender(notSigner), signerIdx);
+        expect(res.transactions).toHaveTransaction({
+            from: notSigner,
+            to: orderContract.address,
+            op: Op.order.approve,
+            aborted: true,
+            success: false,
+            exitCode: Errors.order.unauthorized_sign
+        });
+
+        expect(await getContractData(orderContract.address)).toEqualCell(dataBefore);
 
+        // Now let's pick valid signer address but index from another valid signer
+
+        signerIdx = (signerIdx + 1) % signers.length;
+
+        res = await orderContract.sendApprove(rndSigner.getSender(), signerIdx);
+
+        expect(res.transactions).toHaveTransaction({
+            from: rndSigner.address,
+            to: orderContract.address,
+            op: Op.order.approve,
+            aborted: true,
+            success: false,
+            exitCode: Errors.order.unauthorized_sign
+        });
+
+        expect(await getContractData(orderContract.address)).toEqualCell(dataBefore);
+    });
     it('should reject approval if already approved', async () => {
         const signersNum = signers.length;
         // Pick random starting point