Fix superadmin access control and modal aria-hidden warning

- Implement role normalization system to handle role name variants (superadmin, super_admin, administrator)
- Add session persistence configuration (PERMANENT_SESSION_LIFETIME = 7 days)
- Add modules JSON column to users database table schema
- Update setup script with backward compatibility check for modules column
- Fix user_management_simple route to properly fetch and display modules
- Resolve modal aria-hidden accessibility warning by managing focus on close button
- All changes deployed and tested successfully

py_app/app/permissions_simple.py

@@ -4,6 +4,24 @@ Clear hierarchy: Superadmin → Admin → Manager → Worker
 Module-based permissions: Quality, Labels, Warehouse
 """
 
+# Role mapping for normalization
+ROLE_MAPPING = {
+    'superadmin': 'superadmin',
+    'super_admin': 'superadmin',
+    'super-admin': 'superadmin',
+    'administrator': 'admin',
+    'admin': 'admin',
+    'manager': 'manager',
+    'worker': 'worker',
+}
+
+def normalize_role(role):
+    """Normalize role name to match ROLES dictionary"""
+    if not role:
+        return None
+    role_lower = str(role).lower().strip()
+    return ROLE_MAPPING.get(role_lower, role_lower)
+
 # APPLICATION MODULES
 MODULES = {
     'quality': {
@@ -117,6 +135,9 @@ def check_access(user_role, user_modules, page):
     Returns:
         bool: True if access granted, False otherwise
     """
+    # Normalize role name
+    user_role = normalize_role(user_role)
+    
     if user_role not in ROLES:
         return False