Add demo tenant reseed, staff roles, and fix masquerade redirect

Demo Tenant: - Add block_emails field to Tenant model for demo accounts - Add is_email_blocked() and wrapper functions in email_service - Create reseed_demo management command with salon/spa theme - Add Celery beat task for daily reseed at midnight UTC - Create 100 appointments, 20 customers, 13 services, 12 resources Staff Roles: - Add StaffRole model with permission toggles - Create default roles: Full Access, Front Desk, Limited Staff - Add StaffRolesSettings page and hooks - Integrate role assignment in Staff management Bug Fixes: - Fix masquerade redirect using wrong role names (tenant_owner vs owner) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-16 15:20:59 -05:00
parent cfb626b595
commit 79b76bf2dc
30 changed files with 2973 additions and 100 deletions
--- a/frontend/src/i18n/locales/en.json
+++ b/frontend/src/i18n/locales/en.json
@@ -496,6 +496,10 @@
    "reactivateAccount": "Reactivate Account",
    "deactivateHint": "Prevent this user from logging in while keeping their data",
    "reactivateHint": "Allow this user to log in again",
+    "staffRole": "Staff Role",
+    "noRoleAssigned": "No role assigned",
+    "selectRole": "Select a role...",
+    "staffRoleSelectHint": "Assign a role to control which features this staff member can access",
    "canSendMessages": "Can send broadcast messages",
    "canSendMessagesHint": "Send messages to groups of staff and customers",
    "deactivate": "Deactivate",
@@ -1316,6 +1320,97 @@
      "copiedToClipboard": "Copied to clipboard",
      "failedToSaveReturnUrl": "Failed to save return URL",
      "onlyOwnerCanAccess": "Only the business owner can access these settings."
+    },
+    "backToApp": "Back to App",
+    "sections": {
+      "business": "Business",
+      "branding": "Branding",
+      "integrations": "Integrations",
+      "access": "Access",
+      "communication": "Communication",
+      "billing": "Billing"
+    },
+    "general": {
+      "title": "General",
+      "description": "Name, timezone, contact"
+    },
+    "resourceTypes": {
+      "title": "Resource Types",
+      "description": "Staff, rooms, equipment"
+    },
+    "businessHours": {
+      "title": "Business Hours",
+      "description": "Operating hours"
+    },
+    "appearance": {
+      "title": "Appearance",
+      "description": "Logo, colors, theme"
+    },
+    "emailTemplates": {
+      "title": "Email Templates",
+      "description": "Customize automated emails"
+    },
+    "customDomains": {
+      "title": "Custom Domains",
+      "description": "Use your own domain"
+    },
+    "api": {
+      "title": "API & Webhooks",
+      "description": "API tokens, webhooks"
+    },
+    "staffRoles": {
+      "title": "Staff Roles",
+      "description": "Role permissions",
+      "pageTitle": "Staff Roles",
+      "pageDescription": "Create and manage roles with specific permissions for your staff members.",
+      "createRole": "Create Role",
+      "editRole": "Edit Role",
+      "deleteRole": "Delete Role",
+      "roleName": "Role Name",
+      "roleDescription": "Description",
+      "roleNamePlaceholder": "e.g., Front Desk",
+      "roleDescriptionPlaceholder": "Brief description of this role's responsibilities",
+      "permissions": "Permissions",
+      "menuAccess": "Menu Access",
+      "dangerousOperations": "Dangerous Operations",
+      "staffAssigned": "{{count}} staff assigned",
+      "noStaffAssigned": "No staff assigned",
+      "defaultRole": "Default",
+      "cannotDeleteDefault": "Cannot delete default roles",
+      "cannotDeleteWithStaff": "Cannot delete roles with assigned staff",
+      "confirmDelete": "Are you sure you want to delete this role?",
+      "deleteWarning": "This action cannot be undone.",
+      "noRolesFound": "No staff roles found",
+      "createFirstRole": "Create your first custom staff role to control what your staff can access.",
+      "saving": "Saving...",
+      "save": "Save Role",
+      "cancel": "Cancel",
+      "loadingRoles": "Loading roles...",
+      "loadingPermissions": "Loading permissions...",
+      "errorLoadingRoles": "Failed to load staff roles",
+      "errorLoadingPermissions": "Failed to load available permissions",
+      "roleCreated": "Role created successfully",
+      "roleUpdated": "Role updated successfully",
+      "roleDeleted": "Role deleted successfully",
+      "errorCreating": "Failed to create role",
+      "errorUpdating": "Failed to update role",
+      "errorDeleting": "Failed to delete role"
+    },
+    "authentication": {
+      "title": "Authentication",
+      "description": "OAuth, social login"
+    },
+    "email": {
+      "title": "Email Setup",
+      "description": "Email addresses for tickets"
+    },
+    "smsCalling": {
+      "title": "SMS & Calling",
+      "description": "Credits, phone numbers"
+    },
+    "billing": {
+      "title": "Plan & Billing",
+      "description": "Subscription, invoices"
    }
  },
  "profile": {