feat: complete Epic 1 — team management & permission system

- Story 1.1: Permission enum, config, AuthorizesPermissions & HasWorkspaceScope traits, member→worker migration
- Story 1.2: Team page with member list, invitation system with queued email
- Story 1.3: Role assignment (Manager/Worker) and member removal with activity logging
- Story 1.4: Owner-only permission toggle matrix for Managers (manage team, view logs, configure portal)
- Story 1.5: Role-based access enforcement — Workers see only assigned declarations/clients, sidebar scoping
- Story 1.6: Workspace switcher dropdown for multi-workspace users with session-based switching
- 83 new/modified files, 182 tests passing with zero regressions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

tests/Feature/Notification/DeclarationMentionTest.php

@@ -13,7 +13,7 @@ function setupMentionScenario(string $role = 'owner'): array
     $target = User::factory()->create();
     $workspace = Workspace::factory()->create();
     $workspace->users()->attach($sender, ['role' => $role]);
-    $workspace->users()->attach($target, ['role' => 'member']);
+    $workspace->users()->attach($target, ['role' => 'worker']);
 
     $client = Client::factory()->create(['workspace_id' => $workspace->id]);
     $declaration = Declaration::factory()->create([
@@ -52,9 +52,9 @@ test('manager can mention a workspace user', function () {
     Notification::assertSentTo($target, DeclarationMentionNotification::class);
 });
 
-test('member cannot mention a workspace user', function () {
+test('worker cannot mention a workspace user', function () {
     Notification::fake();
-    [$sender, $target, $workspace, $declaration] = setupMentionScenario('member');
+    [$sender, $target, $workspace, $declaration] = setupMentionScenario('worker');
     session(['current_workspace_id' => $workspace->id]);
 
     $response = $this->actingAs($sender)->post(route('declarations.mentions.store', $declaration), [