feat: complete Epic 1 — team management & permission system

- Story 1.1: Permission enum, config, AuthorizesPermissions & HasWorkspaceScope traits, member→worker migration
- Story 1.2: Team page with member list, invitation system with queued email
- Story 1.3: Role assignment (Manager/Worker) and member removal with activity logging
- Story 1.4: Owner-only permission toggle matrix for Managers (manage team, view logs, configure portal)
- Story 1.5: Role-based access enforcement — Workers see only assigned declarations/clients, sidebar scoping
- Story 1.6: Workspace switcher dropdown for multi-workspace users with session-based switching
- 83 new/modified files, 182 tests passing with zero regressions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

database/seeders/DatabaseSeeder.php

@@ -68,8 +68,8 @@ class DatabaseSeeder extends Seeder
         // Attach users to workspaces
         $wsCasa->users()->attach($admin->id, ['role' => WorkspaceUserRole::Owner]);
         $wsCasa->users()->attach($fatima->id, ['role' => WorkspaceUserRole::Manager]);
-        $wsCasa->users()->attach($youssef->id, ['role' => WorkspaceUserRole::Member]);
-        $wsCasa->users()->attach($khadija->id, ['role' => WorkspaceUserRole::Member]);
+        $wsCasa->users()->attach($youssef->id, ['role' => WorkspaceUserRole::Worker]);
+        $wsCasa->users()->attach($khadija->id, ['role' => WorkspaceUserRole::Worker]);
 
         $wsRabat->users()->attach($admin->id, ['role' => WorkspaceUserRole::Owner]);
         $wsRabat->users()->attach($omar->id, ['role' => WorkspaceUserRole::Manager]);