feat: Add 9 new features for enhanced UX and security

Quick Wins:
- Feature 1: Ticket linking in comments (#123456789 auto-links)
- Feature 6: Checkbox click area fix (click anywhere in cell)
- Feature 7: User groups display in settings modal

UI Enhancements:
- Feature 4: Collapsible sidebar with localStorage persistence
- Feature 5: Inline ticket preview popup on hover (300ms delay)
- Feature 2: Mobile responsive improvements (44px touch targets, iOS zoom fix)

Major Features:
- Feature 3: Kanban card view with status columns (toggle with localStorage)
- Feature 9: API key generation admin panel (/admin/api-keys)
- Feature 8: Ticket visibility levels (public/internal/confidential)

New files:
- views/admin/ApiKeysView.php
- api/generate_api_key.php
- api/revoke_api_key.php
- migrations/008_ticket_visibility.sql

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

controllers/TicketController.php

@@ -15,8 +15,10 @@ class TicketController {
     private $workflowModel;
     private $templateModel;
     private $envVars;
+    private $conn;
 
     public function __construct($conn) {
+        $this->conn = $conn;
         $this->ticketModel = new TicketModel($conn);
         $this->commentModel = new CommentModel($conn);
         $this->auditLogModel = new AuditLogModel($conn);
@@ -59,6 +61,13 @@ class TicketController {
             return;
         }
 
+        // Check visibility access
+        if (!$this->ticketModel->canUserAccessTicket($ticket, $currentUser)) {
+            header("HTTP/1.0 403 Forbidden");
+            echo "Access denied: You do not have permission to view this ticket";
+            return;
+        }
+
         // Get comments for this ticket using CommentModel
         $comments = $this->commentModel->getCommentsByTicketId($id);
 
@@ -82,18 +91,27 @@ class TicketController {
 
         // Check if form was submitted
         if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+            // Handle visibility groups (comes as array from checkboxes)
+            $visibilityGroups = null;
+            if (isset($_POST['visibility_groups']) && is_array($_POST['visibility_groups'])) {
+                $visibilityGroups = implode(',', array_map('trim', $_POST['visibility_groups']));
+            }
+
             $ticketData = [
                 'title' => $_POST['title'] ?? '',
                 'description' => $_POST['description'] ?? '',
                 'priority' => $_POST['priority'] ?? '4',
                 'category' => $_POST['category'] ?? 'General',
-                'type' => $_POST['type'] ?? 'Issue'
+                'type' => $_POST['type'] ?? 'Issue',
+                'visibility' => $_POST['visibility'] ?? 'public',
+                'visibility_groups' => $visibilityGroups
             ];
 
             // Validate input
             if (empty($ticketData['title'])) {
                 $error = "Title is required";
                 $templates = $this->templateModel->getAllTemplates();
+                $conn = $this->conn; // Make $conn available to view
                 include dirname(__DIR__) . '/views/CreateTicketView.php';
                 return;
             }
@@ -116,12 +134,14 @@ class TicketController {
             } else {
                 $error = $result['error'];
                 $templates = $this->templateModel->getAllTemplates();
+                $conn = $this->conn; // Make $conn available to view
                 include dirname(__DIR__) . '/views/CreateTicketView.php';
                 return;
             }
         } else {
             // Get all templates for the template selector
             $templates = $this->templateModel->getAllTemplates();
+            $conn = $this->conn; // Make $conn available to view
 
             // Display the create ticket form
             include dirname(__DIR__) . '/views/CreateTicketView.php';