feat: Complete Z.CRM system with all 6 modules

✨ Features:
- Complete authentication system with JWT
- Dashboard with all 6 modules visible
- Contact Management module (Salesforce-style)
- CRM & Sales Pipeline module (Pipedrive-style)
- Inventory & Assets module (SAP-style)
- Tasks & Projects module (Jira/Asana-style)
- HR Management module (BambooHR-style)
- Marketing Management module (HubSpot-style)
- Admin Panel with user management and role matrix
- World-class UI/UX with RTL Arabic support
- Cairo font (headings) + Readex Pro font (body)
- Sample data for all modules
- Protected routes and authentication flow
- Backend API with Prisma + PostgreSQL
- Comprehensive documentation

🎨 Design:
- Color-coded modules
- Professional data tables
- Stats cards with metrics
- Progress bars and status badges
- Search and filters
- Responsive layout

📊 Tech Stack:
- Frontend: Next.js 14, TypeScript, Tailwind CSS
- Backend: Node.js, Express, Prisma
- Database: PostgreSQL
- Auth: JWT with bcrypt

🚀 Production-ready frontend with all features accessible

backend/src/modules/contacts/contacts.routes.ts

@@ -0,0 +1,112 @@
+import { Router } from 'express';
+import { body, param } from 'express-validator';
+import { contactsController } from './contacts.controller';
+import { authenticate, authorize } from '../../shared/middleware/auth';
+import { validate } from '../../shared/middleware/validation';
+
+const router = Router();
+
+// All routes require authentication
+router.use(authenticate);
+
+// Get all contacts
+router.get(
+  '/',
+  authorize('contacts', 'contacts', 'read'),
+  contactsController.findAll
+);
+
+// Get contact by ID
+router.get(
+  '/:id',
+  authorize('contacts', 'contacts', 'read'),
+  param('id').isUUID(),
+  validate,
+  contactsController.findById
+);
+
+// Get contact history
+router.get(
+  '/:id/history',
+  authorize('contacts', 'contacts', 'read'),
+  param('id').isUUID(),
+  validate,
+  contactsController.getHistory
+);
+
+// Create contact
+router.post(
+  '/',
+  authorize('contacts', 'contacts', 'create'),
+  [
+    body('type').isIn(['INDIVIDUAL', 'COMPANY', 'HOLDING', 'GOVERNMENT']),
+    body('name').notEmpty().trim(),
+    body('email').optional().isEmail(),
+    body('source').notEmpty(),
+    validate,
+  ],
+  contactsController.create
+);
+
+// Update contact
+router.put(
+  '/:id',
+  authorize('contacts', 'contacts', 'update'),
+  [
+    param('id').isUUID(),
+    body('email').optional().isEmail(),
+    validate,
+  ],
+  contactsController.update
+);
+
+// Archive contact
+router.post(
+  '/:id/archive',
+  authorize('contacts', 'contacts', 'archive'),
+  param('id').isUUID(),
+  validate,
+  contactsController.archive
+);
+
+// Hard delete contact (GM only)
+router.delete(
+  '/:id',
+  authorize('contacts', 'contacts', 'delete'),
+  [
+    param('id').isUUID(),
+    body('reason').notEmpty().withMessage('السبب مطلوب - Reason required'),
+    validate,
+  ],
+  contactsController.delete
+);
+
+// Merge contacts
+router.post(
+  '/merge',
+  authorize('contacts', 'contacts', 'merge'),
+  [
+    body('sourceId').isUUID(),
+    body('targetId').isUUID(),
+    body('reason').notEmpty().withMessage('السبب مطلوب - Reason required'),
+    validate,
+  ],
+  contactsController.merge
+);
+
+// Add relationship
+router.post(
+  '/:id/relationships',
+  authorize('contacts', 'contacts', 'create'),
+  [
+    param('id').isUUID(),
+    body('toContactId').isUUID(),
+    body('type').notEmpty(),
+    body('startDate').isISO8601(),
+    validate,
+  ],
+  contactsController.addRelationship
+);
+
+export default router;
+