feat: add multi-organization and team management

[leoneperdigao]

Description

Add multi-tenancy support with organization hierarchy and role-based access control. This enables the tracker to serve multiple teams within an enterprise, with appropriate data isolation and team-level dashboards.

Tasks

• Implement organization hierarchy model (organization → teams → repositories)
• Add team entity with membership management
• Implement role-based access control (RBAC):
  • Admin: full access, manage users, configure settings
  • Viewer: read-only access to dashboards and findings
  • Scanner: can trigger scans and import results, but not modify settings
• Calculate team-level readiness scores and dashboards
• Build cross-team comparison report (readiness score ranking)
• Add user management endpoints (invite, remove, change role)
• Implement data isolation (users can only see their org/team data)
• Add SSO integration:
  • OAuth 2.0 (GitHub, Google, Azure AD)
  • SAML 2.0 for enterprise IdPs
• Implement audit log for access and configuration changes
• Add team-scoped notification preferences
• Write tests for RBAC enforcement and data isolation

References

• FastAPI security documentation
• OAuth 2.0 specification
• SAML 2.0 overview