stage 1 of oauth removal, switch to sanctum pat tokens

app/Http/Middleware/TenantIsolation.php

@@ -18,6 +18,12 @@ class TenantIsolation
     {
         $tenantId = $request->attributes->get('tenant_id');
 
+        $abilities = $request->user()?->currentAccessToken()?->abilities ?? [];
+
+        if (! $tenantId && in_array('super-admin', $abilities, true)) {
+            return $next($request);
+        }
+
         if (! $tenantId) {
             return $this->missingTenantIdResponse();
         }