0e4fcc81c7
Task #150: Make `POST /api/roles/:id/permissions` and `DELETE /api/roles/:id/permissions/:permissionId` emit the `role_permissions_changed` socket event in addition to the existing `apps_changed` event, mirroring the bulk `PUT /api/roles/:id/permissions` handler. Changes - artifacts/api-server/src/routes/roles.ts - In the POST add-one handler, after inserting the new role_permissions row and emitting `apps_changed`, also call `emitRolePermissionsChangedToHolders(id)` so role/permission React Query caches and `/api/auth/me` get invalidated for every user holding that role. - In the DELETE remove-one handler, after a successful delete and the existing `apps_changed` emit, also call `emitRolePermissionsChangedToHolders(id)` for the same reason. - Both emits are still gated on a real change occurring (insert actually happened / delete actually returned a row), so a no-op request does not push spurious events. Notes - `emitRolePermissionsChangedToHolders` was already imported at the top of the file (used by the bulk PUT handler), so no new imports were needed. - Pre-existing unrelated TypeScript errors exist in permission-audit.ts, executive-meetings.ts, and groups.ts; my changes did not introduce them and roles.ts itself type-checks. - No follow-up tasks proposed: testing of the live update flow is already covered by the existing "Add automated tests for the live role-permission updates" project task. Replit-Task-Id: f395f75e-4a5e-4614-bee0-8f176a24c717