Create Authorization Policies and Role-Based Access Control

## Description
Implement comprehensive authorization policies and role-based access control throughout the application.

## Acceptance Criteria
- [ ] Create UserPolicy (admin only operations)
- [ ] Create CustomerPolicy (all authenticated users)
- [ ] Create TicketPolicy (technicians see assigned only)
- [ ] Create InvoicePolicy (managers and admins only)
- [ ] Create role-based middleware
- [ ] Add authorization gates for admin/manager functions
- [ ] Add ticket assignment authorization

## Technical Details
**Policy Structure:**
- UserPolicy: viewAny, view, create, update, delete
- CustomerPolicy: viewAny, view, create, update, delete
- TicketPolicy: viewAny, view, create, update, delete, assign
- InvoicePolicy: viewAny, view, create, update, delete

**Role-Based Rules:**
- Admins: Full access to everything
- Managers: Access to all except user management
- Technicians: Only assigned tickets and related data
- Customer Service: Customers, devices, tickets (create/view)

**Middleware:**
- role:admin
- role:manager
- role:technician
- can:assign-tickets

## Testing Requirements
- [ ] Policy authorization tests
- [ ] Role-based access tests
- [ ] Middleware tests
- [ ] Gate authorization tests

## Definition of Done
- All policies created and working
- Role-based access enforced
- Middleware protecting routes
- All authorization tests pass

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create Authorization Policies and Role-Based Access Control #24

Description

Acceptance Criteria

Technical Details

Testing Requirements

Definition of Done

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Create Authorization Policies and Role-Based Access Control #24

Description

Description

Acceptance Criteria

Technical Details

Testing Requirements

Definition of Done

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions