misc: reordered ua checks for crossplane

backend/src/services/identity-ua/identity-ua-service.ts

@@ -251,14 +251,17 @@ export const identityUaServiceFactory = ({
     const identityMembershipOrg = await identityOrgMembershipDAL.findOne({ identityId });
     if (!identityMembershipOrg) throw new NotFoundError({ message: `Failed to find identity with ID ${identityId}` });
 
+    const uaIdentityAuth = await identityUaDAL.findOne({ identityId });
+    if (!uaIdentityAuth) {
+      throw new NotFoundError({ message: `Failed to find universal auth for identity with ID ${identityId}` });
+    }
+
     if (!identityMembershipOrg.identity.authMethods.includes(IdentityAuthMethod.UNIVERSAL_AUTH)) {
       throw new BadRequestError({
         message: "The identity does not have universal auth"
       });
     }
 
-    const uaIdentityAuth = await identityUaDAL.findOne({ identityId });
-
     if (
       (accessTokenMaxTTL || uaIdentityAuth.accessTokenMaxTTL) > 0 &&
       (accessTokenTTL || uaIdentityAuth.accessTokenMaxTTL) > (accessTokenMaxTTL || uaIdentityAuth.accessTokenMaxTTL)
@@ -327,14 +330,17 @@ export const identityUaServiceFactory = ({
     const identityMembershipOrg = await identityOrgMembershipDAL.findOne({ identityId });
     if (!identityMembershipOrg) throw new NotFoundError({ message: `Failed to find identity with ID ${identityId}` });
 
+    const uaIdentityAuth = await identityUaDAL.findOne({ identityId });
+    if (!uaIdentityAuth) {
+      throw new NotFoundError({ message: `Failed to find universal auth for identity with ID ${identityId}` });
+    }
+
     if (!identityMembershipOrg.identity.authMethods.includes(IdentityAuthMethod.UNIVERSAL_AUTH)) {
       throw new BadRequestError({
         message: "The identity does not have universal auth"
       });
     }
 
-    const uaIdentityAuth = await identityUaDAL.findOne({ identityId });
-
     const { permission } = await permissionService.getOrgPermission(
       actor,
       actorId,