fix(billing): Ensure encrypted org key is present during upgrade

2026-02-11 05:53:42 +00:00 · 2026-02-03 17:27:19 -05:00
parent cb6f192b1d
commit 770fedcec2
2 changed files with 16 additions and 0 deletions
--- a/apps/web/src/app/billing/individual/upgrade/premium-org-upgrade-payment/services/premium-org-upgrade.service.spec.ts
+++ b/apps/web/src/app/billing/individual/upgrade/premium-org-upgrade-payment/services/premium-org-upgrade.service.spec.ts
@@ -150,6 +150,18 @@ describe("PremiumOrgUpgradeService", () => {
      ).rejects.toThrow("Key generation failed");
    });

+    it("should throw an error if encrypted string is undefined", async () => {
+      keyService.makeOrgKey.mockResolvedValue([{ encryptedString: undefined }, "decrypted-key"]);
+      await expect(
+        service.upgradeToOrganization(
+          mockAccount,
+          "Test Organization",
+          mockPlanDetails,
+          mockBillingAddress,
+        ),
+      ).rejects.toThrow("Failed to generate encrypted organization key");
+    });
+
    it("should propagate error if upgrade API call fails", async () => {
      accountBillingClient.upgradePremiumToOrganization.mockRejectedValue(
        new Error("API call failed"),
--- a/apps/web/src/app/billing/individual/upgrade/premium-org-upgrade-payment/services/premium-org-upgrade.service.ts
+++ b/apps/web/src/app/billing/individual/upgrade/premium-org-upgrade-payment/services/premium-org-upgrade.service.ts
@@ -83,6 +83,10 @@ export class PremiumOrgUpgradeService {
    const tier: ProductTierType = this.ProductTierTypeFromSubscriptionTierId(planDetails.tier);
    const [encryptedKey] = await this.keyService.makeOrgKey<OrgKey>(account.id);

+    if (!encryptedKey.encryptedString) {
+      throw new Error("Failed to generate encrypted organization key");
+    }
+
    await this.accountBillingClient.upgradePremiumToOrganization(
      organizationName,
      encryptedKey.encryptedString,