fix: address audit findings for websearch, email verification, and pricing

- Fix websearch provider failover: proxy error from provider-specific proxy
  now continues to next provider instead of aborting the entire loop
- Fix SMTP failure locking users out: send email first, then write cache
  and increment rate counter
- Fix notify email cache key case sensitivity: normalize to lowercase
- Add OriginalPrice validation to validatePlanPatch and validatePlanRequired
- Add empty scope validation for channel pricing rules (group_ids/account_ids)
- Add platform color to account search dropdown in channel pricing rules

backend/internal/service/payment_config_plans_validation_test.go

@@ -9,81 +9,122 @@ import (
 )
 
 func TestValidatePlanRequired_AllValid(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, 9.99, 30, "days")
+	err := validatePlanRequired("Pro", 1, 9.99, 30, "days", nil)
 	require.NoError(t, err)
 }
 
 func TestValidatePlanRequired_EmptyName(t *testing.T) {
-	err := validatePlanRequired("", 1, 9.99, 30, "days")
+	err := validatePlanRequired("", 1, 9.99, 30, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "plan name")
 }
 
 func TestValidatePlanRequired_WhitespaceName(t *testing.T) {
-	err := validatePlanRequired("   ", 1, 9.99, 30, "days")
+	err := validatePlanRequired("   ", 1, 9.99, 30, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "plan name")
 }
 
 func TestValidatePlanRequired_ZeroGroupID(t *testing.T) {
-	err := validatePlanRequired("Pro", 0, 9.99, 30, "days")
+	err := validatePlanRequired("Pro", 0, 9.99, 30, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "group")
 }
 
 func TestValidatePlanRequired_NegativeGroupID(t *testing.T) {
-	err := validatePlanRequired("Pro", -1, 9.99, 30, "days")
+	err := validatePlanRequired("Pro", -1, 9.99, 30, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "group")
 }
 
 func TestValidatePlanRequired_ZeroPrice(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, 0, 30, "days")
+	err := validatePlanRequired("Pro", 1, 0, 30, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "price")
 }
 
 func TestValidatePlanRequired_NegativePrice(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, -5, 30, "days")
+	err := validatePlanRequired("Pro", 1, -5, 30, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "price")
 }
 
 func TestValidatePlanRequired_ZeroValidityDays(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, 9.99, 0, "days")
+	err := validatePlanRequired("Pro", 1, 9.99, 0, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "validity days")
 }
 
 func TestValidatePlanRequired_NegativeValidityDays(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, 9.99, -7, "days")
+	err := validatePlanRequired("Pro", 1, 9.99, -7, "days", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "validity days")
 }
 
 func TestValidatePlanRequired_EmptyValidityUnit(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, 9.99, 30, "")
+	err := validatePlanRequired("Pro", 1, 9.99, 30, "", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "validity unit")
 }
 
 func TestValidatePlanRequired_WhitespaceValidityUnit(t *testing.T) {
-	err := validatePlanRequired("Pro", 1, 9.99, 30, "   ")
+	err := validatePlanRequired("Pro", 1, 9.99, 30, "   ", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "validity unit")
 }
 
 func TestValidatePlanRequired_NameValidatedFirst(t *testing.T) {
-	// When multiple fields are invalid, name should be reported first
-	// (follows the order of checks in the function).
-	err := validatePlanRequired("", 0, 0, 0, "")
+	err := validatePlanRequired("", 0, 0, 0, "", nil)
 	require.Error(t, err)
 	require.Contains(t, err.Error(), "plan name")
 }
 
 func TestValidatePlanRequired_TrimmedValidName(t *testing.T) {
-	// Whitespace-surrounded but non-empty name is accepted (trimmed check only
-	// rejects pure whitespace).
-	err := validatePlanRequired("  Pro  ", 1, 9.99, 30, "days")
+	err := validatePlanRequired("  Pro  ", 1, 9.99, 30, "days", nil)
+	require.NoError(t, err)
+}
+
+func TestValidatePlanRequired_NegativeOriginalPrice(t *testing.T) {
+	neg := -10.0
+	err := validatePlanRequired("Pro", 1, 9.99, 30, "days", &neg)
+	require.Error(t, err)
+	require.Contains(t, err.Error(), "original price")
+}
+
+func TestValidatePlanRequired_ZeroOriginalPrice(t *testing.T) {
+	zero := 0.0
+	err := validatePlanRequired("Pro", 1, 9.99, 30, "days", &zero)
+	require.NoError(t, err)
+}
+
+func TestValidatePlanRequired_ValidOriginalPrice(t *testing.T) {
+	op := 19.99
+	err := validatePlanRequired("Pro", 1, 9.99, 30, "days", &op)
+	require.NoError(t, err)
+}
+
+// --- validatePlanPatch tests ---
+
+func TestValidatePlanPatch_NegativeOriginalPrice(t *testing.T) {
+	neg := -5.0
+	err := validatePlanPatch(UpdatePlanRequest{OriginalPrice: &neg})
+	require.Error(t, err)
+	require.Contains(t, err.Error(), "original price")
+}
+
+func TestValidatePlanPatch_ZeroOriginalPrice(t *testing.T) {
+	zero := 0.0
+	err := validatePlanPatch(UpdatePlanRequest{OriginalPrice: &zero})
+	require.NoError(t, err)
+}
+
+func TestValidatePlanPatch_ValidOriginalPrice(t *testing.T) {
+	op := 29.99
+	err := validatePlanPatch(UpdatePlanRequest{OriginalPrice: &op})
+	require.NoError(t, err)
+}
+
+func TestValidatePlanPatch_NilOriginalPrice(t *testing.T) {
+	err := validatePlanPatch(UpdatePlanRequest{OriginalPrice: nil})
 	require.NoError(t, err)
 }