refactor: fix BelongsToTenant trait to exempt candidates globally - removes all withoutGlobalScopes() workarounds

app/Traits/BelongsToTenant.php

@@ -13,8 +13,14 @@ trait BelongsToTenant
             if (Auth::check()) {
                 $user = Auth::user();
 
+                // Super admins see everything
                 if ($user->role === 'super_admin') {
-                    // Super admins see everything
+                    return;
+                }
+
+                // Candidates don't have a tenant_id but must access
+                // quizzes/job positions linked to their position
+                if ($user->role === 'candidate') {
                     return;
                 }