Add admin roles, user management, and campaign deletion

RpgRoller.Tests/Api/AuthApiTests.cs

@@ -14,6 +14,7 @@ public sealed class AuthApiTests : ApiTestBase
 
         var registerResult = await RegisterAsync(client, "alice", "Password123", "Alice");
         Assert.Equal("alice", registerResult.Username);
+        Assert.Contains(registerResult.Roles, role => string.Equals(role, "admin", StringComparison.OrdinalIgnoreCase));
 
         var duplicate = await client.PostAsJsonAsync("/api/auth/register", new RegisterRequest("alice", "Password123", "Alice 2"));
         Assert.Equal(HttpStatusCode.BadRequest, duplicate.StatusCode);