Prevent AccountRequest and Audit status changes from happening when they shouldn't be changed

[stefannibrasil]

Resolves #5569

Description

A finalized audit, and rejected or closed account requests are final states that you shouldn't be able to change.

Adding these two validations make the app interaction consistent with other prevented status changes (a cancelled request cannot have its status changed, for example).

For that reason, adding a model validation prevents that from happening from the UI and from other interactions (API, console, etc.)

Type of change

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

• unit tests have been added
• performed tests on the console and verified the validation errors are raised when applicable

Artifacts

Both AccountRequests and Audits UI already prevent rejected/closed and finalized items from having their status changed.

Console testing:

=> #<Audit:0x0000000126b05f00
 id: 4,
 user_id: 2,
 organization_id: 1,
 adjustment_id: nil,
 storage_location_id: 1,
 status: "finalized",
 created_at: "2026-06-02 21:46:00.890268000 +0000",
 updated_at: "2026-06-02 21:46:27.211359000 +0000">
[4] pry(main)> Audit.last.update!(status: :confirmed)
TRANSACTION (0.6ms)  ROLLBACK
ActiveRecord::RecordInvalid: Validation failed: Status cannot be changed once finalized


=> #<AccountRequest:0x0000000127ca8e88
 id: 2,
 name: "BOb CAt",
 email: "bob@example.com",
 organization_name: "Cats 2",
 organization_website: "",
 confirmed_at: nil,
 request_details: "I am testing account requests, and I need some exa...",
 created_at: "2026-06-02 20:55:38.524854000 +0000",
 updated_at: "2026-06-02 21:48:14.770615000 +0000",
 rejection_reason: "rejecting account request",
 status: "rejected",
 ndbn_member_id: 20000>

AccountRequest.find(2).confirm!
  TRANSACTION (0.2ms)  ROLLBACK
ActiveRecord::RecordInvalid: Validation failed: Status cannot be changed once rejected