Refactor: Allow creator or source_label When ReleaseRights = others

♻️ Refactoring Request

Describe the current situation

When the ReleaseRights field is set to others, the API currently requires only the creator field to be provided.
This is too restrictive and causes validation failures in cases where the appropriate identifier is instead source_label in case of peer-editing .

Expected Behavior

When ReleaseRights = others:

• The request should be considered valid if either:
  • creator is provided, or
  • source_label is provided.
• Both fields should remain optional individually, but at least one must be present.

Describe the suggested refactoring:

• Update validation logic to enforce a rule such that:
  • creator OR source_label must be sent.
  • Reject requests only when both are missing.
• Adjust schema, Pydantic model, or backend validation accordingly.
• Update error messaging to reflect the new validation rule.

Benefits of the refactoring

for peer-editing where source_label is provided when release rights is others.

Potential impact or risks

Are there any potential risks or breaking changes associated with this refactoring?

Additional context

Add any other context, code snippets, or diagrams here.

📌 Follow semantic issue titling convention: <type>(<scope>): <description> (e.g., refactor(auth): simplify token validation logic or perf(database): optimize query performance).