feat: sales activities, forecast products, catalog categories, member cache, procurement filters, and comprehensive tests

New features:
- ActivityController and manager for CW sales activities (CRUD)
- ForecastProductController for opportunity forecast/product lines
- CW member cache with dual-layer (in-memory + Redis) resolution
- Catalog category/subcategory/ecosystem taxonomy module
- Quote statuses type definitions with CW mapping
- User-defined fields (UDF) module with cache and event refresh
- Company sites CW module with serialization
- Procurement manager filters (category, ecosystem, manufacturer, price, stock)
- Opportunity notes CRUD and product line management via CW API
- Opportunity type definitions endpoint

Updates:
- OpportunityController: CW refresh, company hydration, activities, custom fields
- UserController: cwIdentifier field for CW member linking
- CatalogItemController: category/subcategory fields from CW
- PermissionNodes: sales note/product CRUD nodes, subCategories, collectPermissions
- API routes: procurement categories/filters, sales notes/products, opportunity types
- Global events: UDF and member refresh intervals on startup

Tests (414 passing):
- ActivityController, ForecastProductController, OpportunityController unit tests
- UserController cwIdentifier tests
- catalogCategories, companySites, memberCache, procurement module tests
- activityTypes, opportunityTypes, quoteStatuses type tests
- permissionNodes subCategories and getAllPermissionNodes tests
- Updated test setup with redis mock, API method mocks, and builder helpers

src/api/companies/[id]/fetch.ts

@@ -5,6 +5,7 @@ import { apiResponse } from "../../../modules/api-utils/apiResponse";
 import { ContentfulStatusCode } from "hono/utils/http-status";
 import { authMiddleware } from "../../middleware/authorization";
 import GenericError from "../../../Errors/GenericError";
+import { processObjectValuePerms } from "../../../modules/permission-utils/processObjectPermissions";
 
 /* /v1/company/companies/[id] */
 export default createRoute(
@@ -42,13 +43,20 @@ export default createRoute(
       }
     }
 
+    const companyData = company.toJson({
+      includeAddress,
+      includePrimaryContact,
+      includeAllContacts,
+    });
+    const gatedData = await processObjectValuePerms(
+      companyData,
+      "obj.company",
+      c.get("user"),
+    );
+
     const response = apiResponse.successful(
       "Company Fetched Successfully!",
-      company.toJson({
-        includeAddress,
-        includePrimaryContact,
-        includeAllContacts,
-      }),
+      gatedData,
     );
     return c.json(response, response.status as ContentfulStatusCode);
   },

src/api/companies/[id]/unifiSites.ts

@@ -4,6 +4,7 @@ import { companies } from "../../../managers/companies";
 import { apiResponse } from "../../../modules/api-utils/apiResponse";
 import { ContentfulStatusCode } from "hono/utils/http-status";
 import { authMiddleware } from "../../middleware/authorization";
+import { processObjectValuePerms } from "../../../modules/permission-utils/processObjectPermissions";
 
 /* GET /v1/company/companies/:identifier/unifi/sites */
 export default createRoute(
@@ -12,9 +13,16 @@ export default createRoute(
   async (c) => {
     const company = await companies.fetch(c.req.param("identifier"));
     const sites = await unifiSites.fetchByCompany(company.id);
+
+    const gatedData = await Promise.all(
+      sites.map((site) =>
+        processObjectValuePerms(site, "obj.unifiSite", c.get("user")),
+      ),
+    );
+
     const response = apiResponse.successful(
       "Company UniFi Sites Fetched Successfully!",
-      sites,
+      gatedData,
     );
     return c.json(response, response.status as ContentfulStatusCode);
   },

src/api/companies/fetchAll.ts

@@ -4,6 +4,7 @@ import { companies } from "../../managers/companies";
 import { apiResponse } from "../../modules/api-utils/apiResponse";
 import { ContentfulStatusCode } from "hono/utils/http-status";
 import { authMiddleware } from "../middleware/authorization";
+import { processObjectValuePerms } from "../../modules/permission-utils/processObjectPermissions";
 
 /* /v1/company/companies */
 export default createRoute(
@@ -22,9 +23,15 @@ export default createRoute(
       ? (await companies.search(search, 1, 999999)).length
       : await companies.count();
 
+    const gatedData = await Promise.all(
+      data.map((item) =>
+        processObjectValuePerms(item, "obj.company", c.get("user")),
+      ),
+    );
+
     let response = apiResponse.successful(
       "Companies Fetched Successfully!",
-      data,
+      gatedData,
       {
         pagination: {
           previousPage: page == 1 ? null : page - 1, // Previous Page