feat(multi-tenancy): implement critical fixes for orphaned users and permissions

- Simplified HasTenantAccess permission logic to ensure every authenticated user has an account.
- Added fallback to system account for OpenAI settings in AI configuration.
- Allowed any authenticated user to check task progress in IntegrationSettingsViewSet.
- Created a script to identify and fix orphaned users without accounts.
- Updated error response handling in business endpoints for clarity.

backend/igny8_core/modules/system/integration_views.py

@@ -29,6 +29,9 @@ class IntegrationSettingsViewSet(viewsets.ViewSet):
     ViewSet for managing integration settings (OpenAI, Runware, GSC)
     Following reference plugin pattern: WordPress uses update_option() for igny8_api_settings
     We store in IntegrationSettings model with account isolation
+    
+    IMPORTANT: Integration settings are system-wide (configured by super users/developers)
+    Normal users don't configure their own API keys - they use the system account settings via fallback
     """
     permission_classes = [IsAuthenticatedAndActive, HasTenantAccess, IsSystemAccountOrDeveloper]
     
@@ -897,11 +900,14 @@ class IntegrationSettingsViewSet(viewsets.ViewSet):
                 request=request
             )
     
-    @action(detail=False, methods=['get'], url_path='task_progress/(?P<task_id>[^/.]+)', url_name='task-progress')
+    @action(detail=False, methods=['get'], url_path='task_progress/(?P<task_id>[^/.]+)', url_name='task-progress',
+            permission_classes=[IsAuthenticatedAndActive])  # Allow any authenticated user to check task progress
     def task_progress(self, request, task_id=None):
         """
         Get Celery task progress status
         GET /api/v1/system/settings/task_progress/<task_id>/
+        
+        Permission: Any authenticated user can check task progress (not restricted to system accounts)
         """
         if not task_id:
             return error_response(