feat: Permettre au super admin de se connecter et accéder à son dashboard

Le super admin (table super_admins, master DB) ne pouvait pas se connecter
via /api/login car ce firewall n'utilisait que le provider tenant. De même,
le JWT n'était pas enrichi pour les super admins, l'endpoint /api/me/roles
les rejetait, et le frontend redirigeait systématiquement vers /dashboard.

Un chain provider (super_admin + tenant) résout l'authentification,
le JwtPayloadEnricher et MyRolesProvider gèrent désormais les deux types
d'utilisateurs, et le frontend redirige selon le rôle après login.

backend/tests/Unit/SuperAdmin/Infrastructure/Api/Processor/CreateEstablishmentProcessorTest.php

@@ -0,0 +1,60 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Unit\SuperAdmin\Infrastructure\Api\Processor;
+
+use ApiPlatform\Metadata\Post;
+use App\Shared\Domain\Clock;
+use App\SuperAdmin\Application\Command\CreateEstablishment\CreateEstablishmentHandler;
+use App\SuperAdmin\Domain\Model\SuperAdmin\SuperAdminId;
+use App\SuperAdmin\Infrastructure\Api\Processor\CreateEstablishmentProcessor;
+use App\SuperAdmin\Infrastructure\Api\Resource\EstablishmentResource;
+use App\SuperAdmin\Infrastructure\Persistence\InMemory\InMemoryEstablishmentRepository;
+use App\SuperAdmin\Infrastructure\Security\SecuritySuperAdmin;
+use DateTimeImmutable;
+use PHPUnit\Framework\Attributes\Test;
+use PHPUnit\Framework\TestCase;
+use Symfony\Bundle\SecurityBundle\Security;
+
+final class CreateEstablishmentProcessorTest extends TestCase
+{
+    private const string SUPER_ADMIN_ID = '550e8400-e29b-41d4-a716-446655440001';
+
+    #[Test]
+    public function processCreatesEstablishmentAndReturnsResource(): void
+    {
+        $repository = new InMemoryEstablishmentRepository();
+        $clock = new class implements Clock {
+            public function now(): DateTimeImmutable
+            {
+                return new DateTimeImmutable('2026-02-16 10:00:00');
+            }
+        };
+        $handler = new CreateEstablishmentHandler($repository, $clock);
+
+        $securityUser = new SecuritySuperAdmin(
+            SuperAdminId::fromString(self::SUPER_ADMIN_ID),
+            'superadmin@classeo.fr',
+            'hashed',
+        );
+
+        $security = $this->createMock(Security::class);
+        $security->method('getUser')->willReturn($securityUser);
+
+        $processor = new CreateEstablishmentProcessor($handler, $security);
+
+        $input = new EstablishmentResource();
+        $input->name = 'École Gamma';
+        $input->subdomain = 'ecole-gamma';
+        $input->adminEmail = 'admin@ecole-gamma.fr';
+
+        $result = $processor->process($input, new Post());
+
+        self::assertNotNull($result->id);
+        self::assertNotNull($result->tenantId);
+        self::assertSame('École Gamma', $result->name);
+        self::assertSame('ecole-gamma', $result->subdomain);
+        self::assertSame('active', $result->status);
+    }
+}

backend/tests/Unit/SuperAdmin/Infrastructure/Api/Provider/EstablishmentCollectionProviderTest.php

@@ -0,0 +1,54 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Unit\SuperAdmin\Infrastructure\Api\Provider;
+
+use ApiPlatform\Metadata\GetCollection;
+use App\SuperAdmin\Application\Query\GetEstablishments\GetEstablishmentsHandler;
+use App\SuperAdmin\Domain\Model\Establishment\Establishment;
+use App\SuperAdmin\Domain\Model\SuperAdmin\SuperAdminId;
+use App\SuperAdmin\Infrastructure\Api\Provider\EstablishmentCollectionProvider;
+use App\SuperAdmin\Infrastructure\Persistence\InMemory\InMemoryEstablishmentRepository;
+use DateTimeImmutable;
+use PHPUnit\Framework\Attributes\Test;
+use PHPUnit\Framework\TestCase;
+
+final class EstablishmentCollectionProviderTest extends TestCase
+{
+    private const string SUPER_ADMIN_ID = '550e8400-e29b-41d4-a716-446655440001';
+
+    #[Test]
+    public function provideReturnsEmptyArrayWhenNoEstablishments(): void
+    {
+        $repository = new InMemoryEstablishmentRepository();
+        $handler = new GetEstablishmentsHandler($repository);
+        $provider = new EstablishmentCollectionProvider($handler);
+
+        $result = $provider->provide(new GetCollection());
+
+        self::assertSame([], $result);
+    }
+
+    #[Test]
+    public function provideReturnsMappedResources(): void
+    {
+        $repository = new InMemoryEstablishmentRepository();
+        $repository->save(Establishment::creer(
+            name: 'École Alpha',
+            subdomain: 'ecole-alpha',
+            createdBy: SuperAdminId::fromString(self::SUPER_ADMIN_ID),
+            createdAt: new DateTimeImmutable('2026-02-16 10:00:00'),
+        ));
+
+        $handler = new GetEstablishmentsHandler($repository);
+        $provider = new EstablishmentCollectionProvider($handler);
+
+        $result = $provider->provide(new GetCollection());
+
+        self::assertCount(1, $result);
+        self::assertSame('École Alpha', $result[0]->name);
+        self::assertSame('ecole-alpha', $result[0]->subdomain);
+        self::assertSame('active', $result[0]->status);
+    }
+}