refactor: update user role handling to use string identifiers instead of enum values

app/auth/controllers/router.py

@@ -141,20 +141,20 @@ async def login(
                 headers={"WWW-Authenticate": "Bearer"}
             )
         
-        logger.info(f"User authenticated: {user.username}, role: {user.role.value}")
+        logger.info(f"User authenticated: {user.username}, role: {user.role}")
         
         # Fetch permissions from SCM access roles collection based on user role
-        scm_permissions = await user_service.get_scm_permissions_by_role(user.role.value)
+        scm_permissions = await user_service.get_scm_permissions_by_role(user.role)
         
         if scm_permissions:
             logger.info(f"SCM permissions loaded: {list(scm_permissions.keys())}")
         else:
-            logger.warning(f"No SCM permissions found for role: {user.role.value}")
+            logger.warning(f"No SCM permissions found for role: {user.role}")
         
         # Create tokens
         access_token_expires = timedelta(minutes=30)
         access_token = user_service.create_access_token(
-            data={"sub": user.user_id, "username": user.username, "role": user.role.value},
+            data={"sub": user.user_id, "username": user.username, "role": user.role},
             expires_delta=access_token_expires
         )
         
@@ -173,7 +173,7 @@ async def login(
             "email": user.email,
             "first_name": user.first_name,
             "last_name": user.last_name,
-            "role": user.role.value,
+            "role": user.role,
             "status": user.status.value,
             "last_login_at": user.last_login_at,
             "metadata": user.metadata
@@ -243,8 +243,8 @@ async def refresh_token(
         
         # Create new access token
         access_token_expires = timedelta(minutes=30)
-        access_token = user_service.create_access_token(
-            data={"sub": user_id, "username": username, "role": user.role.value},
+        new_access_token = user_service.create_access_token(
+            data={"sub": user_id, "username": username, "role": user.role},
             expires_delta=access_token_expires
         )
         
@@ -277,7 +277,7 @@ async def get_current_user_info(
         "email": current_user.email,
         "first_name": current_user.first_name,
         "last_name": current_user.last_name,
-        "role": current_user.role.value,
+        "role": current_user.role,
         "permissions": current_user.permissions,
         "status": current_user.status.value,
         "last_login_at": current_user.last_login_at,

app/core/db_init.py

@@ -100,8 +100,8 @@ async def create_initial_users(db):
         {
             "user_id": "usr_superadmin_001",
             "username": "superadmin",
-            "email": "superadmin@cuatrobeauty.com",
-            "password_hash": pwd_context.hash("SuperAdmin@123"),
+            "email": "superadmin@cuatrolabs.com",
+            "password_hash": pwd_context.hash("SuperAdmin@123!"),
             "first_name": "Super",
             "last_name": "Admin",
             "phone": "+919999999999",
@@ -127,8 +127,8 @@ async def create_initial_users(db):
         {
             "user_id": "usr_admin_001",
             "username": "admin",
-            "email": "admin@cuatrobeauty.com",
-            "password_hash": pwd_context.hash("CompanyAdmin@123"),
+            "email": "admin@cuatrolabs.com",
+            "password_hash": pwd_context.hash("CompanyAdmin@123!"),
             "first_name": "Company",
             "last_name": "Admin",
             "phone": "+919999999998",
@@ -161,5 +161,5 @@ async def create_initial_users(db):
             logger.info(f"  ⊳ User exists: {user['email']}")
     
     logger.info("\n📝 Default Credentials:")
-    logger.info("   superadmin@cuatrobeauty.com / SuperAdmin@123")
-    logger.info("   admin@cuatrobeauty.com / CompanyAdmin@123")
+    logger.info("   superadmin@cuatrolabs.com / SuperAdmin@123")
+    logger.info("   admin@cuatrolabs.com / CompanyAdmin@123")

app/dependencies/auth.py

@@ -75,7 +75,7 @@ async def require_admin_role(
     current_user: SystemUserModel = Depends(get_current_user)
 ) -> SystemUserModel:
     """Require admin or super_admin role."""
-    if current_user.role not in [UserRole.ADMIN, UserRole.SUPER_ADMIN]:
+    if current_user.role not in ["admin", "super_admin"]:
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
             detail="Admin privileges required"
@@ -87,7 +87,7 @@ async def require_super_admin_role(
     current_user: SystemUserModel = Depends(get_current_user)
 ) -> SystemUserModel:
     """Require super_admin role."""
-    if current_user.role != UserRole.SUPER_ADMIN:
+    if current_user.role != "super_admin":
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
             detail="Super admin privileges required"
@@ -101,7 +101,7 @@ def require_permission(permission: str):
         current_user: SystemUserModel = Depends(get_current_user)
     ) -> SystemUserModel:
         if (permission not in current_user.permissions and 
-            current_user.role not in [UserRole.ADMIN, UserRole.SUPER_ADMIN]):
+            current_user.role not in ["admin", "super_admin"]):
             raise HTTPException(
                 status_code=status.HTTP_403_FORBIDDEN,
                 detail=f"Permission '{permission}' required"

app/system_users/controllers/router.py

@@ -69,7 +69,7 @@ async def login(
             access_token_expires = timedelta(hours=24)  # Longer expiry for remember me
         
         access_token = user_service.create_access_token(
-            data={"sub": user.user_id, "username": user.username, "role_id": user.role.value},
+            data={"sub": user.user_id, "username": user.username, "role_id": user.role},
             expires_delta=access_token_expires
         )
         

app/system_users/models/model.py

@@ -64,7 +64,7 @@ class SystemUserModel(BaseModel):
     phone: Optional[str] = Field(None, description="User phone number (E.164 format)")
     
     # Authorization
-    role_id: UserRole = Field(default=UserRole.USER, description="Primary user role")
+    role: str = Field(..., description="User role identifier")
     permissions: Dict[str, List[str]] = Field(default_factory=dict, description="Grouped permissions by module")
     
     # Status and security

app/system_users/schemas/schema.py

@@ -29,7 +29,7 @@ class UserInfoResponse(BaseModel):
     email: str = Field(..., description="Email address")
     first_name: str = Field(..., description="First name")
     last_name: Optional[str] = Field(None, description="Last name")
-    role: UserRole = Field(..., description="User role")
+    role: str = Field(..., description="User role")
     permissions: Dict[str, List[str]] = Field(default_factory=dict, description="User permissions")
     status: UserStatus = Field(..., description="Account status")
     last_login_at: Optional[datetime] = Field(None, description="Last login timestamp")
@@ -44,7 +44,7 @@ class CreateUserRequest(BaseModel):
     first_name: str = Field(..., description="First name", min_length=1, max_length=50)
     last_name: Optional[str] = Field(None, description="Last name", max_length=50)
     phone: Optional[str] = Field(None, description="Phone number")
-    role: UserRole = Field(default=UserRole.USER, description="User role")
+    role: str = Field(default="user", description="User role")
     permissions: Dict[str, List[str]] = Field(default_factory=dict, description="Additional permissions")
     
     @validator('username')
@@ -71,7 +71,7 @@ class UpdateUserRequest(BaseModel):
     first_name: Optional[str] = Field(None, description="First name", min_length=1, max_length=50)
     last_name: Optional[str] = Field(None, description="Last name", max_length=50)
     phone: Optional[str] = Field(None, description="Phone number")
-    role: Optional[UserRole] = Field(None, description="User role")
+    role: Optional[str] = Field(None, description="User role")
     permissions: Optional[Dict[str, List[str]]] = Field(None, description="User permissions")
     status: Optional[UserStatus] = Field(None, description="Account status")
     timezone: Optional[str] = Field(None, description="User timezone")