Deferred from write-api (PR #29). The plan listed account-level changes under People mutations but didn't ship a dedicated endpoint — the spec at specs/api/people.md calls for POST /api/people/:slug/account-level (administrator-only).
Required pieces:
- New route + write service
- Auth:
requireAuth('administrator') (NOT 'staff | administrator' — only admin can elevate/demote)
- Audit trail in the commit message:
Action: account-level.change, with Previous-Account-Level + New-Account-Level trailers
- Validation: cannot demote yourself if you're the only administrator (would lock everyone out)
- Tests: happy path; non-admin caller → 403; self-demotion last-admin → 422
Deferred from write-api (PR #29). The plan listed account-level changes under People mutations but didn't ship a dedicated endpoint — the spec at
specs/api/people.mdcalls forPOST /api/people/:slug/account-level(administrator-only).Required pieces:
requireAuth('administrator')(NOT'staff | administrator'— only admin can elevate/demote)Action: account-level.change, withPrevious-Account-Level+New-Account-Leveltrailers