Use UserRole enum for session role handling

Replace string-based role handling with a typed UserRole enum. Adds src/entities/enums/user_role.dart and exports it from krow_domain. Update SessionHandlerMixin to use List<UserRole> and change fetchUserRole to return UserRole?. V2SessionService now derives the role via UserRole.fromSessionData, and client/staff SessionListener widgets pass const <UserRole>[...] when initializing the auth listener. This centralizes role derivation and eliminates scattered role string literals.

apps/mobile/packages/domain/lib/krow_domain.dart

@@ -20,6 +20,7 @@ export 'src/entities/enums/order_type.dart';
 export 'src/entities/enums/payment_status.dart';
 export 'src/entities/enums/shift_status.dart';
 export 'src/entities/enums/staff_status.dart';
+export 'src/entities/enums/user_role.dart';
 
 // Core
 export 'src/core/services/api_services/api_response.dart';

apps/mobile/packages/domain/lib/src/entities/enums/user_role.dart

@@ -0,0 +1,27 @@
+/// The derived role of an authenticated user based on their session context.
+///
+/// Derived from the presence of `staff` and `business` keys in the
+/// `GET /auth/session` response — the API does not return an explicit role.
+enum UserRole {
+  /// User has a staff profile only.
+  staff,
+
+  /// User has a business membership only.
+  business,
+
+  /// User has both staff and business context.
+  both;
+
+  /// Derives the role from a session response map.
+  ///
+  /// Returns `null` if neither `staff` nor `business` context is present.
+  static UserRole? fromSessionData(Map<String, dynamic> data) {
+    final bool hasStaff = data['staff'] is Map<String, dynamic>;
+    final bool hasBusiness = data['business'] is Map<String, dynamic>;
+
+    if (hasStaff && hasBusiness) return UserRole.both;
+    if (hasStaff) return UserRole.staff;
+    if (hasBusiness) return UserRole.business;
+    return null;
+  }
+}