Enforce tenant member permissions

resources/js/admin/mobile/__tests__/EventsPage.test.tsx

@@ -3,6 +3,9 @@ import { describe, expect, it, vi } from 'vitest';
 import { render, screen } from '@testing-library/react';
 
 const navigateMock = vi.fn();
+const authState = {
+  user: { role: 'tenant_admin' },
+};
 
 vi.mock('react-router-dom', () => ({
   useNavigate: () => navigateMock,
@@ -38,6 +41,10 @@ vi.mock('../../auth/tokens', () => ({
   isAuthError: () => false,
 }));
 
+vi.mock('../../auth/context', () => ({
+  useAuth: () => authState,
+}));
+
 vi.mock('../../lib/apiError', () => ({
   getApiErrorMessage: () => 'error',
 }));
@@ -133,4 +140,15 @@ describe('MobileEventsPage', () => {
     expect(screen.getByText('Status')).toBeInTheDocument();
     expect(screen.getByText('Demo Event')).toBeInTheDocument();
   });
+
+  it('hides create actions for members', async () => {
+    authState.user = { role: 'member' };
+
+    render(<MobileEventsPage />);
+
+    expect(await screen.findByText('Demo Event')).toBeInTheDocument();
+    expect(screen.queryByText('Create New Event')).not.toBeInTheDocument();
+
+    authState.user = { role: 'tenant_admin' };
+  });
 });