fix(admin): index redirect uses auth cookies and Spatie roles

- Gate redirect on userData + accessToken; map org roles to events route
- Keep legacy admin/client role redirects for compatibility
- Rename organizer app HTML title to Event Crew - App
- Add Cursor database rules (ULID, JSON, indexes, soft deletes)

Made-with: Cursor

apps/admin/src/plugins/1.router/additional-routes.ts

@@ -10,16 +10,32 @@ export const redirects: RouteRecordRaw[] = [
     path: '/',
     name: 'index',
     redirect: to => {
-      // TODO: Get type from backend
       const userData = useCookie<Record<string, unknown> | null | undefined>('userData')
-      const userRole = userData.value?.role
+      const accessToken = useCookie<string | null | undefined>('accessToken')
+      const isLoggedIn = !!(userData.value && accessToken.value)
 
-      if (userRole === 'admin')
+      if (!isLoggedIn)
+        return { name: 'login', query: to.query }
+
+      // Laravel API + Spatie: `roles` is string[] (e.g. super_admin, org_admin)
+      const roles = Array.isArray(userData.value?.roles)
+        ? (userData.value!.roles as string[])
+        : []
+      const legacyRole = userData.value?.role as string | undefined
+
+      if (legacyRole === 'admin')
         return { name: 'dashboards-crm' }
-      if (userRole === 'client')
+      if (legacyRole === 'client')
         return { name: 'access-control' }
 
-      return { name: 'login', query: to.query }
+      const isOrgUser = roles.some(r =>
+        ['super_admin', 'org_admin', 'org_member', 'org_readonly'].includes(r),
+      )
+      if (isOrgUser)
+        return { name: 'events' }
+
+      // Authenticated but unexpected role payload — avoid redirect loop back to login
+      return { name: 'events' }
     },
   },
   {