diff options
author | Whymarrh Whitby <whymarrh.whitby@gmail.com> | 2018-10-11 03:11:17 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-11 03:11:17 +0800 |
commit | 89ef54992622c1cda90477e41ddac9affc8bec73 (patch) | |
tree | 4183d10001a1c452d05dfd647e1fa07f66799f1b | |
parent | 3d0ba46f21045a08fb0196e6a6b9cdb713031e0d (diff) | |
parent | af43b7d6c97e10018e564ce8ee37bc9ad380234c (diff) | |
download | tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.tar tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.tar.gz tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.tar.bz2 tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.tar.lz tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.tar.xz tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.tar.zst tangerine-wallet-browser-89ef54992622c1cda90477e41ddac9affc8bec73.zip |
Merge pull request #5491 from whymarrh/assert-new-tx-using-selected-address
Ensure that new transactions added are using the selected address
-rw-r--r-- | app/scripts/controllers/transactions/index.js | 4 | ||||
-rw-r--r-- | test/unit/app/controllers/transactions/tx-controller-test.js | 30 |
2 files changed, 30 insertions, 4 deletions
diff --git a/app/scripts/controllers/transactions/index.js b/app/scripts/controllers/transactions/index.js index ebd49f882..a57c85f50 100644 --- a/app/scripts/controllers/transactions/index.js +++ b/app/scripts/controllers/transactions/index.js @@ -166,6 +166,10 @@ class TransactionController extends EventEmitter { async addUnapprovedTransaction (txParams) { // validate const normalizedTxParams = txUtils.normalizeTxParams(txParams) + // Assert the from address is the selected address + if (normalizedTxParams.from !== this.getSelectedAddress()) { + throw new Error(`Transaction from address isn't valid for this account`) + } txUtils.validateTxParams(normalizedTxParams) // construct txMeta let txMeta = this.txStateManager.generateTxMeta({ diff --git a/test/unit/app/controllers/transactions/tx-controller-test.js b/test/unit/app/controllers/transactions/tx-controller-test.js index 5ac813b49..ea58aa560 100644 --- a/test/unit/app/controllers/transactions/tx-controller-test.js +++ b/test/unit/app/controllers/transactions/tx-controller-test.js @@ -158,9 +158,19 @@ describe('Transaction Controller', function () { }) describe('#addUnapprovedTransaction', function () { + const selectedAddress = '0x1678a085c290ebd122dc42cba69373b5953b831d' + + let getSelectedAddress + beforeEach(function () { + getSelectedAddress = sinon.stub(txController, 'getSelectedAddress').returns(selectedAddress) + }) + + afterEach(function () { + getSelectedAddress.restore() + }) it('should add an unapproved transaction and return a valid txMeta', function (done) { - txController.addUnapprovedTransaction({ from: '0x1678a085c290ebd122dc42cba69373b5953b831d' }) + txController.addUnapprovedTransaction({ from: selectedAddress }) .then((txMeta) => { assert(('id' in txMeta), 'should have a id') assert(('time' in txMeta), 'should have a time stamp') @@ -180,25 +190,37 @@ describe('Transaction Controller', function () { assert(txMetaFromEmit, 'txMeta is falsey') done() }) - txController.addUnapprovedTransaction({ from: '0x1678a085c290ebd122dc42cba69373b5953b831d' }) + txController.addUnapprovedTransaction({ from: selectedAddress }) .catch(done) }) it('should fail if recipient is public', function (done) { txController.networkStore = new ObservableStore(1) - txController.addUnapprovedTransaction({ from: '0x1678a085c290ebd122dc42cba69373b5953b831d', to: '0x0d1d4e623D10F9FBA5Db95830F7d3839406C6AF2' }) + txController.addUnapprovedTransaction({ from: selectedAddress, to: '0x0d1d4e623D10F9FBA5Db95830F7d3839406C6AF2' }) .catch((err) => { if (err.message === 'Recipient is a public account') done() else done(err) }) }) + it('should fail if the from address isn\'t the selected address', function (done) { + txController.addUnapprovedTransaction({from: '0x0d1d4e623D10F9FBA5Db95830F7d3839406C6AF2'}) + .then(function () { + assert.fail('transaction should not have been added') + done() + }) + .catch(function () { + assert.ok('pass') + done() + }) + }) + it('should not fail if recipient is public but not on mainnet', function (done) { txController.once('newUnapprovedTx', (txMetaFromEmit) => { assert(txMetaFromEmit, 'txMeta is falsey') done() }) - txController.addUnapprovedTransaction({ from: '0x1678a085c290ebd122dc42cba69373b5953b831d', to: '0x0d1d4e623D10F9FBA5Db95830F7d3839406C6AF2' }) + txController.addUnapprovedTransaction({ from: selectedAddress, to: '0x0d1d4e623D10F9FBA5Db95830F7d3839406C6AF2' }) .catch(done) }) }) |