fix: add missing module dependencies to auth presets + add b2b:storage preset

[pyramation]

Summary

Every auth preset (auth:email, auth:email+magic, auth:sso, auth:passkey, auth:hardened) included memberships_module:app but was missing three modules it requires via NOT NULL foreign keys:

• permissions_module:app → grants_table_id
• limits_module:app → caps_table_id
• levels_module:app → levels_table_id

Provisioning a database with any of these presets would fail with:

null value in column "grants_table_id" of relation "memberships_module" violates not-null constraint

This was proven empirically via CI failures in constructive-db PR #1067 when switching tests from {all} to targeted presets.

Also adds a new b2b:storage preset (b2b + storage_module) for B2B apps that need file upload infrastructure.

Review & Testing Checklist for Human

• Verify the NOT NULL FK claim: Confirm that memberships_module rows actually have NOT NULL constraints on grants_table_id, caps_table_id, and levels_table_id in provision_database_modules. The fix is based on empirical CI failures, but the exact column names in includes_notes should be double-checked against the DDL.
• b2b:storage is a strict superset of b2b: Verify the module list in b2b-storage.ts contains every module from b2b.ts plus only storage_module. Module ordering differs between the two files but should be irrelevant per types.ts ("Order doesn't matter — provisioning resolves dependencies").
• Messaging shift in auth:email: The summary now says "with app-level permissions" — previously positioned as "no permissions" (it was in omits_notes). This is technically accurate (the modules are structural dependencies, not feature-level RBAC), but may affect how the preset is presented in CLIs/UIs.

Recommended test plan: Provision a database using the auth:email preset module list in constructive-db and confirm it succeeds without constraint violations. The constructive-db test suite already does this via MODULE_PRESETS.AUTH_EMAIL — a cross-repo CI run or local provision_database_modules call is the real validation.

Notes

• PresetFull (full) is unchanged — renaming it is tracked separately.
• These presets are metadata only (consumed by CLIs/UIs to build a v_modules array). The actual provisioning logic lives in constructive-db's provision_database_modules SQL function.
• No unit tests exist for preset definitions in this repo; they are declarative data. Real validation is provisioning a database with the module list.

Link to Devin session: https://app.devin.ai/sessions/e9b410376491419a8fbc4cf3d6f831bd
Requested by: @pyramation

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring