feat(timetable): seed program_manager + production_assistant roles

Add the two RFC-TIMETABLE §9 roles. Authorization stays role-based per
Phase A Option B; RFC §9 permission strings map to roles in policy
class docblocks, not seeded as Spatie permissions. The eventual
cross-cutting migration to fine-grained permissions is tracked under
AUTH-PERMISSIONS-MIGRATION.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

api/database/seeders/RoleSeeder.php

@@ -22,5 +22,15 @@ class RoleSeeder extends Seeder
         Role::findOrCreate('event_manager', 'web');
         Role::findOrCreate('staff_coordinator', 'web');
         Role::findOrCreate('volunteer_coordinator', 'web');
+
+        // RFC-TIMETABLE v0.2 §9 — program/production roles. Per Phase A
+        // decision (2026-05-08), Crewli authorises by role only; the four
+        // RFC §9 permission strings (events.view_program, events.manage_program,
+        // organisations.manage_artists, organisations.manage_settings) are
+        // mapped to roles in policy class docblocks rather than seeded as
+        // Spatie permissions. See BACKLOG entry AUTH-PERMISSIONS-MIGRATION
+        // for the eventual cross-cutting migration.
+        Role::findOrCreate('program_manager', 'web');
+        Role::findOrCreate('production_assistant', 'web');
     }
 }