feat(core/auth): add type-safe role-based authorization library
Created @isa/core/auth library with comprehensive role checking:
- RoleService for programmatic hasRole() checks
- IfRoleDirective for declarative *ifRole/*ifNotRole templates
- Type-safe Role enum (CallCenter, Store)
- TokenProvider abstraction with OAuth2 integration
- Signal-based reactive rendering with Angular effects
- Zero-configuration setup via InjectionToken factory
Fixed Bug #5451:
- Hide action buttons for HSC (CallCenter) users on reward order confirmation
- Applied *ifNotRole="Role.CallCenter" to actions container
- Actions now hidden while maintaining card visibility
Testing:
- 18/18 unit tests passing with Vitest
- JUnit and Cobertura reporting configured
- Complete test coverage for role checking logic
Documentation:
- Comprehensive README (817 lines) with API reference
- Usage examples and architecture diagrams
- Updated library-reference.md (62→63 libraries)
Technical:
- Handles both string and array JWT role formats
- Integrated with @isa/core/logging
- Standalone directive (no module imports)
- Full TypeScript type safety
Closes#5451
Related work items: #5451
- Restructure CLAUDE.md with clearer sections and updated metadata
- Add research guidelines emphasizing subagent usage and documentation-first approach
- Create library reference guide covering all 61 libraries across 12 domains
- Add automated library reference generation tool
- Complete test coverage for reward order confirmation feature (6 new spec files)
- Refine product info components and adapters with improved documentation
- Update workflows documentation for checkout service
- Fix ESLint issues: case declarations, unused imports, and unused variables
