feat: 累积功能变更 — 聊天集成、租户管理、小程序更新、ETL 增强、迁移脚本

包含多个会话的累积代码变更：
- backend: AI 聊天服务、触发器调度、认证增强、WebSocket、调度器最小间隔
- admin-web: ETL 状态页、任务管理、调度配置、登录优化
- miniprogram: 看板页面、聊天集成、UI 组件、导航更新
- etl: DWS 新任务（finance_area_daily/board_cache）、连接器增强
- tenant-admin: 项目初始化
- db: 19 个迁移脚本（etl_feiqiu 11 + zqyy_app 8）
- packages/shared: 枚举和工具函数更新
- tools: 数据库工具、报表生成、健康检查
- docs: PRD/架构/部署/合约文档更新

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

db/zqyy_app/migrations/2026-03-27__fix_role_permissions.sql

@@ -0,0 +1,78 @@
+-- AI_CHANGELOG
+-- | 日期 | Prompt | 变更 |
+-- |------|--------|------|
+-- | 2026-03-27 | 权限改造 W3 | 修正角色-权限码映射：coach 仅 view_tasks，staff 仅 view_board+customer+coach，head_coach/manager 全权限 |
+
+-- 迁移：修正角色-权限码映射
+-- 原因：前后端权限不一致导致"页面能进但数据全空（403）"
+-- 目标映射：
+--   coach:      view_tasks
+--   staff:      view_board, view_board_customer, view_board_coach
+--   head_coach: view_tasks, view_board, view_board_finance, view_board_customer, view_board_coach
+--   manager:    view_tasks, view_board, view_board_finance, view_board_customer, view_board_coach
+-- 回滚：见文件末尾
+
+BEGIN;
+
+-- 1. 清空所有现有角色-权限关联（重建更安全，避免残留脏数据）
+DELETE FROM auth.role_permissions
+ WHERE role_id IN (SELECT id FROM auth.roles WHERE code IN ('coach', 'staff', 'head_coach', 'manager'));
+
+-- 2. coach → view_tasks
+INSERT INTO auth.role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+  FROM auth.roles r, auth.permissions p
+ WHERE r.code = 'coach' AND p.code IN ('view_tasks')
+ON CONFLICT DO NOTHING;
+
+-- 3. staff → view_board, view_board_customer, view_board_coach
+INSERT INTO auth.role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+  FROM auth.roles r, auth.permissions p
+ WHERE r.code = 'staff' AND p.code IN ('view_board', 'view_board_customer', 'view_board_coach')
+ON CONFLICT DO NOTHING;
+
+-- 4. head_coach → 全部 5 个权限
+INSERT INTO auth.role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+  FROM auth.roles r, auth.permissions p
+ WHERE r.code = 'head_coach'
+ON CONFLICT DO NOTHING;
+
+-- 5. manager → 全部 5 个权限
+INSERT INTO auth.role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+  FROM auth.roles r, auth.permissions p
+ WHERE r.code = 'manager'
+ON CONFLICT DO NOTHING;
+
+COMMIT;
+
+-- ═══════════════════════════════════════════════════════════
+-- 回滚（恢复到改造前状态）
+-- ═══════════════════════════════════════════════════════════
+-- BEGIN;
+-- DELETE FROM auth.role_permissions WHERE role_id IN (SELECT id FROM auth.roles WHERE code IN ('coach', 'staff', 'head_coach', 'manager'));
+-- -- coach: view_tasks, view_board_coach
+-- INSERT INTO auth.role_permissions (role_id, permission_id) SELECT r.id, p.id FROM auth.roles r, auth.permissions p WHERE r.code = 'coach' AND p.code IN ('view_tasks', 'view_board_coach') ON CONFLICT DO NOTHING;
+-- -- staff: view_board, view_tasks
+-- INSERT INTO auth.role_permissions (role_id, permission_id) SELECT r.id, p.id FROM auth.roles r, auth.permissions p WHERE r.code = 'staff' AND p.code IN ('view_board', 'view_tasks') ON CONFLICT DO NOTHING;
+-- -- head_coach: view_board, view_tasks
+-- INSERT INTO auth.role_permissions (role_id, permission_id) SELECT r.id, p.id FROM auth.roles r, auth.permissions p WHERE r.code = 'head_coach' AND p.code IN ('view_board', 'view_tasks') ON CONFLICT DO NOTHING;
+-- -- manager: 全部 5 个
+-- INSERT INTO auth.role_permissions (role_id, permission_id) SELECT r.id, p.id FROM auth.roles r, auth.permissions p WHERE r.code = 'manager' ON CONFLICT DO NOTHING;
+-- COMMIT;
+
+-- ═══════════════════════════════════════════════════════════
+-- 验证
+-- ═══════════════════════════════════════════════════════════
+-- SELECT r.code, array_agg(p.code ORDER BY p.code)
+--   FROM auth.role_permissions rp
+--   JOIN auth.roles r ON r.id = rp.role_id
+--   JOIN auth.permissions p ON p.id = rp.permission_id
+--  GROUP BY r.code ORDER BY r.code;
+-- 期望：
+--   coach      = {view_tasks}
+--   head_coach = {view_board,view_board_coach,view_board_customer,view_board_finance,view_tasks}
+--   manager    = {view_board,view_board_coach,view_board_customer,view_board_finance,view_tasks}
+--   staff      = {view_board,view_board_coach,view_board_customer}