Change execution order to ensure the account is locked in case of a notification sending failure

[ThaminduR]

Proposed changes in this pull request

This PR resolves an issue in the self-registration flow where user accounts would remain unlocked if the account confirmation notification failed to send. When account confirmation is enabled, the user's account should be locked until they verify it. However, if a server error occurs during notification delivery (e.g., missing account confirmation email template), the account remains unlocked, leading to unintended behavior.

Changes Made

• Adjusted the order of execution to ensure that the user account lock and account state claims are persisted before triggering the notification for account confirmation. Guaranteed that the user account is locked immediately upon successful registration, irrespective of the success or failure of notification delivery.

Note: This behavior isn't reproduced in case of a email server failure. ATM this can be reproduced by removing the account confirmation email template.

Issue

wso2/product-is#21290

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 17 lines in your changes missing coverage. Please review.

Project coverage is 50.38%. Comparing base (1b9b22a) to head (d8ec2df).
Report is 50 commits behind head on master.

Files with missing lines	Patch %	Lines
.../recovery/handler/UserSelfRegistrationHandler.java	0.00%	17 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##             master     #895      +/-   ##
============================================
- Coverage     50.45%   50.38%   -0.08%     
- Complexity     2380     2432      +52     
============================================
  Files           297      298       +1     
  Lines         17767    18197     +430     
  Branches       2516     2615      +99     
============================================
+ Hits           8965     9168     +203     
- Misses         7662     7880     +218     
- Partials       1140     1149       +9     

Flag	Coverage Δ
unit	38.41% <0.00%> (+0.48%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/12351339821

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/12351339821
Status: success

[jenkins-is-staging]

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/12351339821

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/12647435299

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/12647435299
Status: success

[jenkins-is-staging]

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/12647435299

[sadilchamishka]

There is a return from here https://github.com/wso2-extensions/identity-governance/pull/895/files#diff-8a0d606a915a355053e3ac3ab16564269874a60d46fa5bf2cee7591fceca8658R162. We may have to consider that logic before locking the account. Only the notification sending part is required to be moved down.