Enforce Stricter Validation on Access Type Edits

[nik-dange]

Info

Closes #389

Description

Moving forward, we'll only allow admin edits to be done manually in the DB. This PR adds a few checks to ensure accidental self-demotions cannot occur, as well as the ability to demote admins/promote others to admin.

Changes

• A few conditional checks for access type edits

Type of Change

• Patch (non-breaking change/bugfix)
• Minor (non-breaking change which adds functionality)
• Major (fix or feature that would cause existing functionality to not work as
  expected)
• Documentation (A change to a README/description)
• Continuous Integration/DevOps Change (Related to deployment steps, continuous integration
  workflows, linting, etc.)
• Other: (Fill In)

If you've selected Patch, Minor, or Major as your change type, make sure to bump the version before merging in package.json!

Testing

I have tested that my changes fully resolve the linked issue ...

• locally.
• on the testing API/testing database.
• with appropriate Postman routes. Screenshots are included below.

Checklist

• I have performed a self-review of my own code.
• I have followed the style guidelines of this project.
• I have appropriately edited the API version in the package.json file.
• My changes produce no new warnings.

Screenshots

Please include a screenshot of your Postman testing passing successfully.

[github-actions]

Thanks for contributing!
If you've made changes to the API's functionality, please make sure to bump the package
version—see this guide to semantic versioning for details—and
document those changes as appropriate.

[nik-dange]

Don't merge I didn't test yet 🥱

[nik-dange]

[nik-dange]

I think this should be a ForbiddenError but I'll get around to changing it in a bit

[dowhep]

LGTM 🚀 🚀 I love that you added more details to the "attempting to demote oneself" test