restore: roll back to 7d854ff (stable pre-security state)

Full restore of the 7d854ff snapshot (2026-06-16 18:05, before the security
review). Forward commit, no history rewrite — f8a1310 and all later commits
remain recoverable in history.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

app/Livewire/ProjectCompanies.php

@@ -17,10 +17,6 @@ class ProjectCompanies extends Component
 
     public function mount(Project $project)
     {
-        $user = Auth::user();
-        if (!$user->hasRole('Admin') && !$project->users()->where('user_id', $user->id)->exists()) {
-            abort(403);
-        }
         $this->project = $project;
         $this->loadCompanies();
     }
@@ -69,11 +65,6 @@ class ProjectCompanies extends Component
 
     public function changeRole($companyId, $role)
     {
-        $user = Auth::user();
-        if (!$user->can('assign users') && !$user->hasRole('Admin')) {
-            session()->flash('error', 'Sin permisos.');
-            return;
-        }
         if (!in_array($role, ['owner', 'constructor', 'subcontractor', 'consultant', 'supplier', 'other'])) return;
 
         $this->project->companies()->updateExistingPivot($companyId, [