📋 الوصف الكامل

## Impact Two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system: - `Settings/Team/Index` had no `mount()` authorization. Any authenticated user could load the page and use its public actions to create new roles and delete other users, including administrators. - `Settings/Team/RolePermission` gated its write actions on the read-