fix: apply consistent mapping order inside HorizonStaking.sol

packages/horizon/contracts/staking/HorizonStaking.sol

@@ -55,8 +55,8 @@ contract HorizonStaking is HorizonStakingBase, IHorizonStakingMain {
      */
     modifier onlyAuthorized(address serviceProvider, address verifier) {
         require(
-            _isAuthorized(msg.sender, serviceProvider, verifier),
-            HorizonStakingNotAuthorized(msg.sender, serviceProvider, verifier)
+            _isAuthorized(serviceProvider, msg.sender, verifier),
+            HorizonStakingNotAuthorized(serviceProvider, msg.sender, verifier)
         );
         _;
     }
@@ -513,11 +513,11 @@ contract HorizonStaking is HorizonStakingBase, IHorizonStakingMain {
      * @notice See {IHorizonStakingMain-isAuthorized}.
      */
     function isAuthorized(
-        address operator,
         address serviceProvider,
+        address operator,
         address verifier
     ) external view override returns (bool) {
-        return _isAuthorized(operator, serviceProvider, verifier);
+        return _isAuthorized(serviceProvider, operator, verifier);
     }
 
     /*
@@ -959,7 +959,7 @@ contract HorizonStaking is HorizonStakingBase, IHorizonStakingMain {
         if (_verifier == SUBGRAPH_DATA_SERVICE_ADDRESS) {
             _legacyOperatorAuth[msg.sender][_operator] = _allowed;
         } else {
-            _operatorAuth[msg.sender][_verifier][_operator] = _allowed;
+            _operatorAuth[msg.sender][_operator][_verifier] = _allowed;
         }
         emit OperatorSet(msg.sender, _operator, _verifier, _allowed);
     }
@@ -969,14 +969,14 @@ contract HorizonStaking is HorizonStakingBase, IHorizonStakingMain {
      * @dev Note that this function handles the special case where the verifier is the subgraph data service,
      * where the operator settings are stored in the legacy mapping.
      */
-    function _isAuthorized(address _operator, address _serviceProvider, address _verifier) private view returns (bool) {
+    function _isAuthorized(address _serviceProvider, address _operator, address _verifier) private view returns (bool) {
         if (_operator == _serviceProvider) {
             return true;
         }
         if (_verifier == SUBGRAPH_DATA_SERVICE_ADDRESS) {
             return _legacyOperatorAuth[_serviceProvider][_operator];
         } else {
-            return _operatorAuth[_serviceProvider][_verifier][_operator];
+            return _operatorAuth[_serviceProvider][_operator][_verifier];
         }
     }
 }