[BE-53] Add admin user management endpoints (role, verify, suspend)

## Overview
Admins need the ability to change user roles and manually verify or suspend users — for example when onboarding government land officers who need ADMIN access.

## Endpoints to Implement
| Method | Path | Description |
|--------|------|-------------|
| `PATCH` | `/api/users/:id/role` | Change a user's role (ADMIN only) |
| `PATCH` | `/api/users/:id/verify` | Manually mark a user as verified (ADMIN only) |
| `PATCH` | `/api/users/:id/suspend` | Suspend a user account (ADMIN only) |

## Acceptance Criteria
- [ ] All endpoints protected by `JwtAuthGuard` + ADMIN `RolesGuard`
- [ ] Role change is logged via `AuditService`
- [ ] Suspended users receive `403 Account suspended` on all subsequent requests
- [ ] An admin cannot suspend or demote themselves

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BE-53] Add admin user management endpoints (role, verify, suspend) #313

Overview

Endpoints to Implement

Acceptance Criteria

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Method	Path	Description
`PATCH`	`/api/users/:id/role`	Change a user's role (ADMIN only)
`PATCH`	`/api/users/:id/verify`	Manually mark a user as verified (ADMIN only)
`PATCH`	`/api/users/:id/suspend`	Suspend a user account (ADMIN only)

[BE-53] Add admin user management endpoints (role, verify, suspend) #313

Description

Overview

Endpoints to Implement

Acceptance Criteria

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions