feat: simplify RBAC roles and remove dev role switcher

- Simplified RBAC system to two roles: super_admin and user.
- Removed tenant_admin and rp_admin roles across backend and frontend.
- Removed Dev Role Switcher feature from adminfront.
- Updated all handlers, middlewares, and navigation to reflect the new role model.
- Fixed backend build errors and updated tests.

backend/internal/handler/audit_handler.go

@@ -77,27 +77,6 @@ func (h *AuditHandler) ListLogs(c *fiber.Ctx) error {
 		if profile.Role == domain.RoleSuperAdmin {
 			// Super Admin can see everything or filter by a specific tenant if requested
 			filterTenantID = requestedTenantID
-		} else if profile.Role == domain.RoleTenantAdmin {
-			// Tenant Admin can only see their own tenant logs (or manageable ones)
-			// For now, lock to their primary tenant or requested one IF it's in their manageable list
-			if profile.TenantID != nil {
-				filterTenantID = *profile.TenantID
-			}
-
-			// If they requested a specific tenant, verify they can manage it
-			if requestedTenantID != "" && requestedTenantID != filterTenantID {
-				canManage := false
-				for _, t := range profile.ManageableTenants {
-					if t.ID == requestedTenantID {
-						canManage = true
-						break
-					}
-				}
-				if !canManage {
-					return errorJSON(c, fiber.StatusForbidden, "forbidden: cannot view logs for this tenant")
-				}
-				filterTenantID = requestedTenantID
-			}
 		} else {
 			return errorJSON(c, fiber.StatusForbidden, "forbidden")
 		}