feat: add SQL query tool, platform debug, loyalty settings, and multi-module improvements

- Add admin SQL query tool with saved queries, schema explorer presets,
  and collapsible category sections (dev_tools module)
- Add platform debug tool for admin diagnostics
- Add loyalty settings page with owner-only access control
- Fix loyalty settings owner check (use currentUser instead of window.__userData)
- Replace HTTPException with AuthorizationException in loyalty routes
- Expand loyalty module with PIN service, Apple Wallet, program management
- Improve store login with platform detection and multi-platform support
- Update billing feature gates and subscription services
- Add store platform sync improvements and remove is_primary column
- Add unit tests for loyalty (PIN, points, stamps, program services)
- Update i18n translations across dev_tools locales

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

app/modules/loyalty/tests/integration/test_store_api.py

@@ -12,12 +12,15 @@ Tests:
 Authentication: Uses real JWT tokens via store login endpoint.
 """
 
+import uuid
 from datetime import UTC, datetime
 
 import pytest
 
-from app.modules.loyalty.models import LoyaltyTransaction
+from app.modules.loyalty.models import LoyaltyCard, LoyaltyProgram, LoyaltyTransaction
+from app.modules.loyalty.models.loyalty_program import LoyaltyType
 from app.modules.loyalty.models.loyalty_transaction import TransactionType
+from app.modules.tenancy.models import User
 
 BASE = "/api/v1/store/loyalty"
 
@@ -217,42 +220,20 @@ class TestEarnPoints:
 
 
 # ============================================================================
-# Store Program CRUD Removed
+# Store Program CRUD
 # ============================================================================
 
 
 @pytest.mark.integration
 @pytest.mark.api
 @pytest.mark.loyalty
-class TestStoreProgramCrudRemoved:
-    """Verify POST/PATCH /program endpoints are removed from store API."""
+class TestStoreProgramCrud:
+    """Tests for store program CRUD endpoints (merchant_owner only)."""
 
-    def test_create_program_removed(
-        self, client, loyalty_store_headers
-    ):
-        """POST /program no longer exists on store API."""
-        response = client.post(
-            f"{BASE}/program",
-            json={"loyalty_type": "points"},
-            headers=loyalty_store_headers,
-        )
-        assert response.status_code == 405  # Method Not Allowed
-
-    def test_update_program_removed(
-        self, client, loyalty_store_headers
-    ):
-        """PATCH /program no longer exists on store API."""
-        response = client.patch(
-            f"{BASE}/program",
-            json={"card_name": "Should Not Work"},
-            headers=loyalty_store_headers,
-        )
-        assert response.status_code == 405  # Method Not Allowed
-
-    def test_get_program_still_works(
+    def test_get_program_works(
         self, client, loyalty_store_headers, loyalty_store_setup
     ):
-        """GET /program still works (read-only)."""
+        """GET /program returns program."""
         response = client.get(
             f"{BASE}/program",
             headers=loyalty_store_headers,
@@ -261,6 +242,19 @@ class TestStoreProgramCrudRemoved:
         data = response.json()
         assert data["id"] == loyalty_store_setup["program"].id
 
+    def test_update_program_via_put(
+        self, client, loyalty_store_headers, loyalty_store_setup
+    ):
+        """PUT /program updates the program (merchant_owner)."""
+        response = client.put(
+            f"{BASE}/program",
+            json={"card_name": "Updated Card"},
+            headers=loyalty_store_headers,
+        )
+        assert response.status_code == 200
+        data = response.json()
+        assert data["card_name"] == "Updated Card"
+
     def test_stats_still_works(
         self, client, loyalty_store_headers, loyalty_store_setup
     ):
@@ -270,3 +264,201 @@ class TestStoreProgramCrudRemoved:
             headers=loyalty_store_headers,
         )
         assert response.status_code == 200
+
+    def test_stats_has_new_fields(
+        self, client, loyalty_store_headers, loyalty_store_setup
+    ):
+        """GET /stats returns all new fields."""
+        response = client.get(
+            f"{BASE}/stats",
+            headers=loyalty_store_headers,
+        )
+        assert response.status_code == 200
+        data = response.json()
+        assert "new_this_month" in data
+        assert "total_points_balance" in data
+        assert "avg_points_per_member" in data
+        assert "transactions_30d" in data
+        assert "points_issued_30d" in data
+        assert "points_redeemed_30d" in data
+
+
+# ============================================================================
+# Stamp Earn/Redeem Integration Tests
+# ============================================================================
+
+
+@pytest.fixture
+def stamp_store_setup(db, loyalty_platform):
+    """Setup with a stamps-type program for integration tests."""
+    from app.modules.customers.models.customer import Customer
+    from app.modules.tenancy.models.store import StoreUser
+    from app.modules.tenancy.models.store_platform import StorePlatform
+    from middleware.auth import AuthManager
+
+    auth = AuthManager()
+    uid = uuid.uuid4().hex[:8]
+
+    owner = User(
+        email=f"stampint_{uid}@test.com",
+        username=f"stampint_{uid}",
+        hashed_password=auth.hash_password("storepass123"),
+        role="merchant_owner",
+        is_active=True,
+        is_email_verified=True,
+    )
+    db.add(owner)
+    db.commit()
+    db.refresh(owner)
+
+    from app.modules.tenancy.models import Merchant, Store
+
+    merchant = Merchant(
+        name=f"Stamp Int Merchant {uid}",
+        owner_user_id=owner.id,
+        contact_email=owner.email,
+        is_active=True,
+        is_verified=True,
+    )
+    db.add(merchant)
+    db.commit()
+    db.refresh(merchant)
+
+    store = Store(
+        merchant_id=merchant.id,
+        store_code=f"STINT_{uid.upper()}",
+        subdomain=f"stint{uid}",
+        name=f"Stamp Int Store {uid}",
+        is_active=True,
+        is_verified=True,
+    )
+    db.add(store)
+    db.commit()
+    db.refresh(store)
+
+    store_user = StoreUser(store_id=store.id, user_id=owner.id, is_active=True)
+    db.add(store_user)
+    db.commit()
+
+    sp = StorePlatform(store_id=store.id, platform_id=loyalty_platform.id)
+    db.add(sp)
+    db.commit()
+
+    customer = Customer(
+        email=f"stampcust_{uid}@test.com",
+        first_name="Stamp",
+        last_name="IntCustomer",
+        hashed_password="!unused!",  # noqa: SEC001
+        customer_number=f"SIC-{uid.upper()}",
+        store_id=store.id,
+        is_active=True,
+    )
+    db.add(customer)
+    db.commit()
+    db.refresh(customer)
+
+    program = LoyaltyProgram(
+        merchant_id=merchant.id,
+        loyalty_type=LoyaltyType.HYBRID.value,
+        stamps_target=3,
+        stamps_reward_description="Free item",
+        stamps_reward_value_cents=500,
+        points_per_euro=10,
+        welcome_bonus_points=0,
+        minimum_redemption_points=100,
+        minimum_purchase_cents=0,
+        cooldown_minutes=0,
+        max_daily_stamps=50,
+        require_staff_pin=False,
+        card_name="Int Stamp Card",
+        card_color="#FF0000",
+        is_active=True,
+        points_rewards=[
+            {"id": "r1", "name": "5 EUR off", "points_required": 100, "is_active": True},
+        ],
+    )
+    db.add(program)
+    db.commit()
+    db.refresh(program)
+
+    card = LoyaltyCard(
+        merchant_id=merchant.id,
+        program_id=program.id,
+        customer_id=customer.id,
+        enrolled_at_store_id=store.id,
+        card_number=f"SINTCARD-{uid.upper()}",
+        stamp_count=0,
+        total_stamps_earned=0,
+        stamps_redeemed=0,
+        points_balance=0,
+        total_points_earned=0,
+        points_redeemed=0,
+        is_active=True,
+        last_activity_at=datetime.now(UTC),
+    )
+    db.add(card)
+    db.commit()
+    db.refresh(card)
+
+    return {
+        "owner": owner,
+        "merchant": merchant,
+        "store": store,
+        "platform": loyalty_platform,
+        "customer": customer,
+        "program": program,
+        "card": card,
+    }
+
+
+@pytest.fixture
+def stamp_store_headers(client, stamp_store_setup):
+    """JWT auth headers for stamp store setup."""
+    owner = stamp_store_setup["owner"]
+    response = client.post(
+        "/api/v1/store/auth/login",
+        json={"email_or_username": owner.username, "password": "storepass123"},
+    )
+    assert response.status_code == 200
+    token = response.json()["access_token"]
+    return {"Authorization": f"Bearer {token}"}
+
+
+@pytest.mark.integration
+@pytest.mark.api
+@pytest.mark.loyalty
+class TestStampEarnRedeem:
+    """Integration tests for stamp earn/redeem via store API."""
+
+    def test_stamp_earn(self, client, stamp_store_headers, stamp_store_setup):
+        """POST /stamp adds a stamp."""
+        card = stamp_store_setup["card"]
+        response = client.post(
+            f"{BASE}/stamp",
+            json={"card_id": card.id},
+            headers=stamp_store_headers,
+        )
+        assert response.status_code == 200
+        data = response.json()
+        assert data["success"] is True
+        assert data["stamp_count"] == 1
+
+    def test_stamp_redeem(self, client, stamp_store_headers, stamp_store_setup, db):
+        """POST /stamp/redeem redeems stamps."""
+        card = stamp_store_setup["card"]
+        program = stamp_store_setup["program"]
+
+        # Give enough stamps
+        card.stamp_count = program.stamps_target
+        card.total_stamps_earned = program.stamps_target
+        db.commit()
+
+        response = client.post(
+            f"{BASE}/stamp/redeem",
+            json={"card_id": card.id},
+            headers=stamp_store_headers,
+        )
+        assert response.status_code == 200
+        data = response.json()
+        assert data["success"] is True
+        assert data["stamp_count"] == 0