fix(edge-fn): replace getClaims with adminClient.auth.getUser(token)

fix(edge-fn): use user.id instead of claims.sub; fixes 500s and false cert_required
fix(migrations): drop broad reservations SELECT policy; add reservation_slots view with security_invoker=false
fix(tests): correct weekSlot() keys from start/end to start_time/end_time
fix(tests): spread overlap test slots across separate ISO weeks
fix(tests): update e2e assertion to match actual authenticated home text
fix(app): hide IonMenu before user is authenticated
feat(dx): add test:all script running unit, integration, and e2e in sequence
docs(claude-md): document SELinux fix, Edge Function auth pattern, security_invoker behaviour

app/types/supabase.ts

@@ -190,6 +190,37 @@ export type Database = {
           created_at?: string
         }
       }
+      booking_config: {
+        Row: {
+          key:         string
+          value:       Json
+          description: string | null
+        }
+        Insert: {
+          key:          string
+          value:        Json
+          description?: string | null
+        }
+        Update: {
+          key?:         string
+          value?:       Json
+          description?: string | null
+        }
+      }
+      holidays: {
+        Row: {
+          date: string
+          name: string
+        }
+        Insert: {
+          date: string
+          name: string
+        }
+        Update: {
+          date?: string
+          name?: string
+        }
+      }
       reference_docs: {
         Row: {
           id: string
@@ -221,7 +252,15 @@ export type Database = {
       }
     }
     Views: {
-      [_ in never]: never
+      reservation_slots: {
+        Row: {
+          id:         string
+          boat_id:    string
+          start_time: string
+          end_time:   string
+          status:     ReservationStatus
+        }
+      }
     }
     Functions: {
       [_ in never]: never