feat: implement multi-tenancy and super admin impersonation with security banner

app/Http/Controllers/SuperAdminController.php

@@ -0,0 +1,112 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Inertia\Inertia;
+use App\Models\Structure;
+
+class SuperAdminController extends Controller
+{
+    public function index(Request $request)
+    {
+        // On s'assure que seul un SuperAdmin peut accéder ici
+        if (!auth()->user()->hasRole('SuperAdmin')) {
+            abort(403, 'Accès refusé. Vous devez être SuperAdmin.');
+        }
+
+        $structures = Structure::withCount(['users' => function ($query) {
+            $query->withoutGlobalScope('structure');
+        }])->get();
+
+        return Inertia::render('SuperAdmin/Index', [
+            'structures' => $structures,
+            'current_structure_id' => session('target_structure_id')
+        ]);
+    }
+
+    public function create()
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) { abort(403); }
+
+        return Inertia::render('SuperAdmin/Create');
+    }
+
+    public function store(Request $request)
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) { abort(403); }
+
+        $validated = $request->validate([
+            'name' => 'required|string|max:255',
+            'slug' => 'required|string|max:255|unique:structures',
+            'domain' => 'nullable|string|max:255|unique:structures',
+            'is_active' => 'boolean'
+        ]);
+
+        Structure::create($validated);
+
+        return redirect()->route('superadmin.index')->with('success', 'Structure créée avec succès.');
+    }
+
+    public function edit(Structure $structure)
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) { abort(403); }
+
+        return Inertia::render('SuperAdmin/Edit', [
+            'structure' => $structure
+        ]);
+    }
+
+    public function update(Request $request, Structure $structure)
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) { abort(403); }
+
+        $validated = $request->validate([
+            'name' => 'required|string|max:255',
+            'slug' => 'required|string|max:255|unique:structures,slug,' . $structure->id,
+            'domain' => 'nullable|string|max:255|unique:structures,domain,' . $structure->id,
+            'is_active' => 'boolean'
+        ]);
+
+        $structure->update($validated);
+
+        return redirect()->route('superadmin.index')->with('success', 'Structure mise à jour.');
+    }
+
+    public function destroy(Structure $structure)
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) { abort(403); }
+
+        if (Structure::count() <= 1) {
+            return redirect()->back()->with('error', 'Impossible de supprimer la dernière structure.');
+        }
+
+        $structure->delete();
+
+        return redirect()->route('superadmin.index')->with('success', 'Structure supprimée avec succès.');
+    }
+
+    public function switchStructure(Request $request, Structure $structure)
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) {
+            abort(403);
+        }
+
+        // On enregistre dans la session qu'on veut "impersonner" cette structure
+        $request->session()->put('target_structure_id', $structure->id);
+
+        return redirect()->route('dashboard')->with('success', "Vous naviguez maintenant sur la structure : {$structure->name}.");
+    }
+
+    public function resetStructure(Request $request)
+    {
+        if (!auth()->user()->hasRole('SuperAdmin')) {
+            abort(403);
+        }
+
+        // On retire l'impersonnation, on redevient un SuperAdmin "Global"
+        $request->session()->forget('target_structure_id');
+
+        return redirect()->route('superadmin.index')->with('success', "Périmètre global restauré.");
+    }
+}