fix and update demote

Author: aniket132123

labconnect/main/auth_routes.py

@@ -200,7 +200,7 @@ def registerUser() -> Response:
 @jwt_required()
 def promoteUser(email: str) -> Response:
     json_data = request.json
-    if not json_data or not json_data.get("promote") or not json_data.get("demote"):
+    if not json_data or not json_data.get("change_status"):
         abort(400)
 
     # if user accessing doesn't have the right perms then they can't assign perms
@@ -222,8 +222,7 @@ def promoteUser(email: str) -> Response:
 
     if management_permissions.admin == True:
         management_permissions.admin = False
-        
-    if management_permissions.admin == False:
+    elif management_permissions.admin == False:
         management_permissions.admin = True
 
     if management_permissions is None:

tests/test_manager_promotion.py

@@ -120,7 +120,7 @@ def test_promote_user_success(test_client, setup_users, create_access_token_for_
     response = test_client.patch(
         f"/users/{users['regular_user'].email}/permissions",
         headers={"Authorization": f"Bearer {access_token}"},
-        json={"promote": True},
+        json={"change_status": True},
     )
 
     assert response.status_code == 200
@@ -141,7 +141,7 @@ def test_demote_user_success(test_client, setup_users, create_access_token_for_u
     response = test_client.patch(
         f"/users/{users['regular_user2'].email}/permissions",
         headers={"Authorization": f"Bearer {access_token}"},
-        json={"demote": True},
+        json={"change_status": True},
     )
 
     assert response.status_code == 200
@@ -153,7 +153,6 @@ def test_demote_user_success(test_client, setup_users, create_access_token_for_u
     ).first()
     assert demoted_perms.admin is False
 
-
 def test_promote_user_no_json_data(test_client, setup_users, 
                                    create_access_token_for_user):
     """Test promotion fails when no JSON data is provided"""
@@ -180,7 +179,7 @@ def test_promote_user_no_super_admin_perms(test_client, setup_users,
     response = test_client.patch(
         f"/users/{users['regular_user'].email}/permissions",
         headers={"Authorization": f"Bearer {access_token}"},
-        json={"promote": True}
+        json={"change_status": True}
     )
 
     assert response.status_code == 401
@@ -207,7 +206,7 @@ def test_promote_user_promoter_has_no_perms_record(test_client, setup_users,
     response = test_client.patch(
         f"/users/{users['regular_user'].email}/permissions",
         headers={"Authorization": f"Bearer {access_token}"},
-        json={"promote": True}
+        json={"change_status": True}
     )
 
     assert response.status_code == 401
@@ -223,7 +222,7 @@ def test_promote_user_target_not_found(test_client, setup_users,
     response = test_client.patch(
         "/users/[email protected]/permissions",
         headers={"Authorization": f"Bearer {access_token}"},
-        json={"promote": True}
+        json={"change_status": True}
     )
 
     assert response.status_code == 500
@@ -239,7 +238,7 @@ def test_promote_user_no_jwt_token(test_client, setup_users):
 
     response = test_client.patch(
         f"/users/{users['regular_user'].email}/permissions",
-        json={"promote": True}
+        json={"change_status": True}
     )
 
     assert response.status_code == 401