Refactor all backend and frontend API logic to scope resources using session.activeOrganizationId:
- Update authentication/session middleware to inject activeOrganizationId
- Migrate all business data queries to organization-scoped
- Remove legacy userId-based business queries
- Comprehensive QA: ensure no endpoint uses deprecated scoping
- Document all API changes for frontend/backend consumers
Refactor all backend and frontend API logic to scope resources using session.activeOrganizationId: