feat: Add mobile responsive layout, open room access, and admin room management

Mobile Responsive Layout:
- Add useMediaQuery, useIsMobile, useIsTablet, useIsDesktop hooks for device detection
- Create MobileHeader component with hamburger menu and action drawer
- Create BottomToolbar for mobile navigation (Files, Members)
- Create SlidePanel component for full-screen mobile sidebars
- Update RoomDetail.tsx with mobile/desktop conditional rendering
- Update RoomList.tsx with single-column grid and touch-friendly buttons
- Add CSS custom properties for safe areas and touch targets (min 44px)
- Add mobile viewport meta tags for notched devices

Open Room Access:
- All authenticated users can view all rooms (not just their own)
- Users can join active rooms they're not members of
- Add is_member field to room responses
- Update room list API to return all rooms by default

Admin Room Management:
- Add permanent delete functionality for system admins
- Add delete confirmation dialog with room title verification
- Broadcast room deletion via WebSocket to connected users
- Add users search API for adding members

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

openspec/specs/chat-room/spec.md

@@ -52,23 +52,18 @@ The system SHALL allow authenticated users to create a new incident room with me
 - **THEN** the system SHALL return status 401 with "Authentication required"
 
 ### Requirement: List and Filter Incident Rooms
-The system SHALL provide endpoints to list incident rooms with filtering capabilities by status, incident type, severity, date range, and user membership.
+The system SHALL provide endpoints to list incident rooms with filtering capabilities by status, incident type, severity, date range, and user membership. The system SHALL automatically exclude rooms with ARCHIVED status from listing results for non-admin users, ensuring archived rooms are only visible to system administrators.
 
 #### Scenario: List all active rooms for current user
 - **WHEN** an authenticated user sends `GET /api/rooms?status=active`
-- **THEN** the system SHALL return all active rooms where the user is a member
+- **THEN** the system SHALL return all active rooms
 - **AND** include room metadata (title, type, severity, member count, last activity)
 - **AND** sort by last_activity_at descending (most recent first)
 
-#### Scenario: Filter rooms by incident type and date range
-- **WHEN** a user sends `GET /api/rooms?incident_type=quality_issue&created_after=2025-01-01&created_before=2025-01-31`
-- **THEN** the system SHALL return rooms matching ALL filter criteria
-- **AND** only include rooms where the user is a member
-
-#### Scenario: Search rooms by title or description
-- **WHEN** a user sends `GET /api/rooms?search=conveyor`
-- **THEN** the system SHALL return rooms where title OR description contains "conveyor" (case-insensitive)
-- **AND** highlight matching terms in the response
+#### Scenario: Non-admin user lists rooms without status filter
+- **WHEN** a non-admin user sends `GET /api/rooms` without status parameter
+- **THEN** the system SHALL return rooms with status "active" or "resolved" only
+- **AND** automatically exclude archived rooms from results
 
 ### Requirement: Manage Room Membership
 The system SHALL allow room owners and members with appropriate permissions to add or remove members and assign roles (owner, editor, viewer). Room owners SHALL be able to transfer ownership to another member. System administrators SHALL have override capabilities for all membership operations.
@@ -218,3 +213,50 @@ The system SHALL support predefined room templates for common incident types to
   - Default values for each template
   - Required additional fields
 
+### Requirement: Admin Permanent Room Deletion
+The system SHALL provide system administrators with the ability to permanently delete rooms, including all associated data (members, messages, files, reports). This operation is irreversible and restricted to system administrators only.
+
+#### Scenario: Admin permanently deletes a room
+- **WHEN** a system administrator sends `DELETE /api/rooms/{room_id}/permanent`
+- **THEN** the system SHALL verify the user is ymirliu@panjit.com.tw
+- **AND** hard delete the room record from incident_rooms table
+- **AND** cascade delete all room_members records
+- **AND** cascade delete all messages and related reactions/edit_history
+- **AND** cascade delete all room_files records
+- **AND** delete associated files from MinIO storage
+- **AND** cascade delete all generated_reports records
+- **AND** delete associated report files from MinIO storage
+- **AND** broadcast disconnect event to any active WebSocket connections in the room
+- **AND** return status 200 with `{"message": "Room permanently deleted"}`
+
+#### Scenario: Non-admin attempts permanent deletion
+- **WHEN** a non-admin user sends `DELETE /api/rooms/{room_id}/permanent`
+- **THEN** the system SHALL return status 403 with "Only system administrators can permanently delete rooms"
+
+#### Scenario: Permanent delete non-existent room
+- **WHEN** a system administrator sends `DELETE /api/rooms/{room_id}/permanent` for a non-existent room
+- **THEN** the system SHALL return status 404 with "Room not found"
+
+### Requirement: Hide Archived Rooms from Non-Admin Users
+The system SHALL hide rooms with ARCHIVED status from non-admin users in all listing operations, ensuring historical/archived data is only visible to system administrators.
+
+#### Scenario: Non-admin lists rooms with any filter
+- **WHEN** a non-admin user sends `GET /api/rooms` with any status filter (including no filter)
+- **THEN** the system SHALL exclude all rooms with status "archived" from the response
+- **AND** only return rooms with status "active" or "resolved"
+
+#### Scenario: Non-admin explicitly requests archived rooms
+- **WHEN** a non-admin user sends `GET /api/rooms?status=archived`
+- **THEN** the system SHALL return an empty list
+- **AND** return total count of 0
+
+#### Scenario: Admin can view archived rooms
+- **WHEN** a system administrator sends `GET /api/rooms?status=archived`
+- **THEN** the system SHALL return all archived rooms
+- **AND** include full room details
+
+#### Scenario: Admin views all rooms including archived
+- **WHEN** a system administrator sends `GET /api/rooms` without status filter
+- **THEN** the system SHALL return all rooms regardless of status
+- **AND** include archived rooms in the response
+