feat: project colors, timeline filters, sidebar fix, GitLooper agent, and misc improvements

- Fix sidebar double-highlight on /vacations/my (Gitea #6): add isNavItemActive() helper
- Add project color picker (schema + API + modal + timeline rendering)
- Add ProjectCombobox/ResourceCombobox to timeline toolbar
- Show PENDING vacations on timeline with dashed/dimmed style
- Add "show demand projects" preference with localStorage persistence
- Add ProjectAssignmentsTable with total hours/cost columns
- Extend vacation API to accept status arrays
- Add GitLooper formal YAML agent configuration
- Extend user admin with permission overrides UI
- Add delete-assignment use case tests
- Add status-styles.ts shared badge constants
- Centralize formatMoney/formatCents in format.ts

Co-Authored-By: claude-flow <ruv@ruv.net>

packages/api/src/router/user.ts

@@ -65,7 +65,7 @@ export const userRouter = createTRPCRouter({
       const { hash } = await import("@node-rs/argon2");
       const passwordHash = await hash(input.password);
 
-      return ctx.db.user.create({
+      const user = await ctx.db.user.create({
         data: {
           email: input.email,
           name: input.name,
@@ -74,6 +74,20 @@ export const userRouter = createTRPCRouter({
         },
         select: { id: true, name: true, email: true, systemRole: true },
       });
+
+      // Auto-link to a resource with matching email (if one exists and isn't already linked)
+      const matchingResource = await ctx.db.resource.findFirst({
+        where: { email: input.email, userId: null },
+        select: { id: true },
+      });
+      if (matchingResource) {
+        await ctx.db.resource.update({
+          where: { id: matchingResource.id },
+          data: { userId: user.id },
+        });
+      }
+
+      return user;
     }),
 
   updateRole: adminProcedure
@@ -91,6 +105,56 @@ export const userRouter = createTRPCRouter({
       });
     }),
 
+  // ─── Resource Linking ──────────────────────────────────────────────────
+
+  linkResource: adminProcedure
+    .input(z.object({ userId: z.string(), resourceId: z.string().nullable() }))
+    .mutation(async ({ ctx, input }) => {
+      if (input.resourceId) {
+        // Unlink any resource previously linked to this user
+        await ctx.db.resource.updateMany({
+          where: { userId: input.userId },
+          data: { userId: null },
+        });
+        // Link the new resource
+        await ctx.db.resource.update({
+          where: { id: input.resourceId },
+          data: { userId: input.userId },
+        });
+      } else {
+        // Unlink
+        await ctx.db.resource.updateMany({
+          where: { userId: input.userId },
+          data: { userId: null },
+        });
+      }
+      return { success: true };
+    }),
+
+  autoLinkAllByEmail: adminProcedure.mutation(async ({ ctx }) => {
+    // Find all users without a linked resource, then match by email
+    const unlinkedUsers = await ctx.db.user.findMany({
+      where: { resource: null },
+      select: { id: true, email: true },
+    });
+
+    let linked = 0;
+    for (const user of unlinkedUsers) {
+      const resource = await ctx.db.resource.findFirst({
+        where: { email: user.email, userId: null },
+        select: { id: true },
+      });
+      if (resource) {
+        await ctx.db.resource.update({
+          where: { id: resource.id },
+          data: { userId: user.id },
+        });
+        linked++;
+      }
+    }
+    return { linked, checked: unlinkedUsers.length };
+  }),
+
   getDashboardLayout: protectedProcedure.query(async ({ ctx }) => {
     const user = await ctx.db.user.findUnique({
       where: { email: ctx.session.user?.email ?? "" },