feat: Implement warehouse module roles with auto-schema repair and remove module access section

- Add SchemaVerifier class for automatic database schema verification and repair
- Implement warehouse_manager (Level 75) and warehouse_worker (Level 35) roles
- Add zone-based access control for warehouse workers
- Implement worker-manager binding system with zone filtering
- Add comprehensive database auto-repair on Docker initialization
- Remove Module Access section from user form (role-based access only)
- Add autocomplete attributes to password fields for better UX
- Include detailed documentation for warehouse implementation
- Update initialize_db.py with schema verification as Step 0

app/db_migrations/add_warehouse_roles_and_bindings.sql

@@ -0,0 +1,80 @@
+-- Warehouse Module Roles & Worker-Manager Binding Migration
+-- This migration adds:
+-- 1. Two new warehouse roles (warehouse_manager, warehouse_worker)
+-- 2. Worker-manager binding table for hierarchical access control
+
+-- ============================================================
+-- 1. Insert new warehouse roles
+-- ============================================================
+
+-- Note: These roles should be inserted if they don't exist
+-- This is typically handled by the Python init script, but this 
+-- SQL is provided for reference or manual database setup
+
+INSERT IGNORE INTO roles (name, description, level) VALUES
+('warehouse_manager', 'Manager - Warehouse - Full warehouse module access', 75),
+('warehouse_worker', 'Worker - Warehouse - Input-only warehouse access', 35);
+
+-- Verify insertion
+SELECT id, name, level FROM roles WHERE name LIKE 'warehouse_%' ORDER BY level DESC;
+
+-- ============================================================
+-- 2. Create worker_manager_bindings table
+-- ============================================================
+
+CREATE TABLE IF NOT EXISTS worker_manager_bindings (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    manager_id INT NOT NULL,
+    worker_id INT NOT NULL,
+    warehouse_zone VARCHAR(100),
+    is_active TINYINT(1) DEFAULT 1,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+    UNIQUE KEY unique_binding (manager_id, worker_id),
+    FOREIGN KEY (manager_id) REFERENCES users(id) ON DELETE CASCADE,
+    FOREIGN KEY (worker_id) REFERENCES users(id) ON DELETE CASCADE,
+    CHECK (manager_id != worker_id)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
+
+-- ============================================================
+-- 3. Example queries for worker-manager binding management
+-- ============================================================
+
+-- Assign a worker to a manager
+-- INSERT INTO worker_manager_bindings (manager_id, worker_id, warehouse_zone)
+-- VALUES (5, 12, NULL);  -- Manager ID 5 oversees Worker ID 12
+
+-- Get all workers for a specific manager
+-- SELECT u.id, u.username, u.full_name, wmb.warehouse_zone
+-- FROM worker_manager_bindings wmb
+-- JOIN users u ON wmb.worker_id = u.id
+-- WHERE wmb.manager_id = 5 AND wmb.is_active = 1
+-- ORDER BY u.full_name;
+
+-- Get manager for a specific worker
+-- SELECT m.id, m.username, m.full_name
+-- FROM worker_manager_bindings wmb
+-- JOIN users m ON wmb.manager_id = m.id
+-- WHERE wmb.worker_id = 12 AND wmb.is_active = 1;
+
+-- Deactivate a binding (soft delete)
+-- UPDATE worker_manager_bindings SET is_active = 0 WHERE id = 1;
+
+-- ============================================================
+-- 4. Verification Queries
+-- ============================================================
+
+-- Verify warehouse roles exist
+-- SELECT COUNT(*) as warehouse_role_count FROM roles WHERE name LIKE 'warehouse_%';
+
+-- Verify worker_manager_bindings table exists
+-- SELECT TABLE_NAME FROM information_schema.TABLES 
+-- WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'worker_manager_bindings';
+
+-- List all role hierarchy (for reference)
+-- SELECT name, level, CASE 
+--     WHEN level >= 90 THEN 'Admin'
+--     WHEN level >= 70 THEN 'Manager'
+--     WHEN level >= 35 THEN 'Worker'
+--     ELSE 'Unknown'
+-- END as category FROM roles ORDER BY level DESC;