refactor: Remove dedicated role management page and update authentication, roles, and permission handling across backend and frontend.

apps/web/src/lib/components/ProtectedRoute.svelte

@@ -2,19 +2,16 @@
 	import { api } from '@sgse-app/backend/convex/_generated/api';
 	import { useQuery } from 'convex-svelte';
 	import type { Snippet } from 'svelte';
-	import { onMount } from 'svelte';
 
 	const {
 		children,
 		requireAuth = true,
 		allowedRoles = [],
-		maxLevel = 3,
 		redirectTo = '/'
 	}: {
 		children: Snippet;
 		requireAuth?: boolean;
 		allowedRoles?: string[];
-		maxLevel?: number;
 		redirectTo?: string;
 	} = $props();
 
@@ -72,13 +69,6 @@
 				}
 			}
 
-			// Verificar nível
-			if (currentUser.data.role?.nivel && currentUser.data.role.nivel > maxLevel) {
-				const currentPath = window.location.pathname;
-				window.location.href = `${redirectTo}?error=access_denied&route=${encodeURIComponent(currentPath)}`;
-				return;
-			}
-
 			// Se chegou aqui, permitir acesso
 			hasAccess = true;
 			isChecking = false;

apps/web/src/lib/stores/auth.svelte.ts

@@ -1,6 +1,6 @@
-import type { Id } from '@sgse-app/backend/convex/betterAuth/_generated/dataModel';
 import { browser } from '$app/environment';
 import { goto } from '$app/navigation';
+import type { Id } from '@sgse-app/backend/convex/_generated/dataModel';
 
 interface Usuario {
 	_id: string;
@@ -11,8 +11,7 @@ interface Usuario {
 	role: {
 		_id: string;
 		nome: string;
-		nivel: number;
-		setor?: string;
+		admin?: boolean;
 	};
 	primeiroAcesso: boolean;
 	avatar?: string;
@@ -56,7 +55,7 @@ class AuthStore {
 	}
 
 	get isAdmin() {
-		return this.state.usuario?.role.nivel === 0;
+		return this.state.usuario?.role.admin === true;
 	}
 
 	get isTI() {