Production deployment with Docker and full system fixes

- Added Docker support (Dockerfiles, docker-compose.yml)
- Fixed authentication and authorization (token storage, CORS, permissions)
- Fixed API response transformations for all modules
- Added production deployment scripts and guides
- Fixed frontend permission checks and module access
- Added database seeding script for production
- Complete documentation for deployment and configuration

Co-authored-by: Cursor <cursoragent@cursor.com>

backend/src/shared/middleware/auth.ts

@@ -84,18 +84,18 @@ export const authorize = (module: string, resource: string, action: string) => {
         throw new AppError(403, 'الوصول مرفوض - Access denied');
       }
 
-      // Find permission for this module and resource
+      // Find permission for this module and resource (check exact match or wildcard)
       const permission = req.user.employee.position.permissions.find(
-        (p: any) => p.module === module && p.resource === resource
+        (p: any) => p.module === module && (p.resource === resource || p.resource === '*' || p.resource === 'all')
       );
 
       if (!permission) {
         throw new AppError(403, 'الوصول مرفوض - Access denied');
       }
 
-      // Check if action is allowed
+      // Check if action is allowed (check exact match or wildcard)
       const actions = permission.actions as string[];
-      if (!actions.includes(action) && !actions.includes('*')) {
+      if (!actions.includes(action) && !actions.includes('*') && !actions.includes('all')) {
         throw new AppError(403, 'الوصول مرفوض - Access denied');
       }