Direct-path admin authorization helpers for exports, mutations, and queries.
These helpers operate on a resolved Sigra.Admin.Scope so code outside the
router and LiveView entry points can still enforce the same global-vs-org
contract.
Summary
Functions
@spec authorize_global!(Sigra.Admin.Scope.t()) :: :ok
@spec authorize_impersonation_target!(Sigra.Admin.Scope.t(), map() | struct()) :: :ok
@spec authorize_organization!(Sigra.Admin.Scope.t(), map() | binary()) :: :ok
@spec scope_query(Ecto.Queryable.t(), Sigra.Admin.Scope.t()) :: Ecto.Query.t()