feat: Bao/Iris-Statusrechte + Bao→Iris-Notifications + Agent-Workflow-Übersicht

- Bao darf jetzt Status ändern (neben Iris), Sub-Agents weiterhin nicht
- CanEditContent für Inhaltsbearbeitung durch alle bekannten Caller
- Bao-Content-Änderungen triggern task_content_changed-Notification an Iris
- Bao-Status-Änderungen triggern task_status_changed-Notification an Iris
- Iris-Status-Änderungen triggern task_status_changed-Notification an Bao
- Neue WorkTask-Felder: IsAgentTask (bool), ExpectedFrom (string)
- Agent-Workflow-API: CreateAgentTask, WaitingTasks, AgentOverview
- Frontend: Agent-Task-Badge, Iris-Overview-Panel, isBao-Getter
- Login-Rate-Limiter mit strukturiertem JSON-Fehlermeldungs-Body
- Volume-Name: nexus-postgres → postgres-data (Standardisierung)

backend/Data/Entities.cs

@@ -83,6 +83,43 @@ public static class TaskStateHelper
         string.Equals(state, "Done", StringComparison.OrdinalIgnoreCase)
         || string.Equals(state, "Backlog", StringComparison.OrdinalIgnoreCase);
 
+    /// <summary>
+    /// Returns true if the caller is allowed to change this task's state.
+    /// POLICY:
+    ///   - **Iris und Bao** dürfen Status ändern / verschieben.
+    ///   - Sub-agents (programmer, reviewer, architekt) dürfen NIEMALS Status ändern.
+    ///   - 'nexus-system' ist ein technischer Fallback für automatische Cron/Reset-Workflows.
+    ///   - Jeder andere (unbekannt, leer) wird abgewiesen.
+    /// </summary>
+    public static bool CanChangeState(string? callerAgent, WorkTask task)
+    {
+        var caller = callerAgent?.Trim().ToLowerInvariant() ?? "";
+
+        // Sub-agents must never move state
+        var subAgents = new HashSet<string> { "programmer", "reviewer", "architekt" };
+        if (subAgents.Contains(caller)) return false;
+
+        // Technischer Fallback: nur für interne System-Operationen (Cron, ResetStale)
+        if (caller == "nexus-system") return true;
+
+        // Iris und Bao dürfen Status ändern
+        return caller == "iris" || caller == "bao";
+    }
+
+    /// <summary>
+    /// Returns true if the caller is allowed to edit a task's content fields
+    /// (title, detail, priority, assignedTo, dueDate).
+    /// POLICY:
+    ///   - Alle (iris, bao, sub-agents, nexus-system) dürfen inhaltlich bearbeiten.
+    ///   - Nur unbekannte/leere Caller werden abgewiesen.
+    /// </summary>
+    public static bool CanEditContent(string? callerAgent)
+    {
+        var caller = callerAgent?.Trim().ToLowerInvariant() ?? "";
+        if (string.IsNullOrWhiteSpace(caller)) return false;
+        return true;
+    }
+
     /// <summary>Group key for board responses (lowercased English state).</summary>
     public static string BoardGroupKey(string? state)
     {
@@ -137,6 +174,19 @@ public sealed class WorkTask
     public string Priority { get; set; } = "Normal";
     public string Source { get; set; } = "bao";
     public string? AssignedTo { get; set; }
+
+    /// <summary>
+    /// True if this task was created programmatically by an agent (not manually by Bao).
+    /// Agent-tasks in the board are subject to stricter workflow rules.
+    /// </summary>
+    public bool IsAgentTask { get; set; } = false;
+
+    /// <summary>
+    /// Which agent/user is expected to respond next.
+    /// Helps Iris see who she is waiting for.
+    /// </summary>
+    public string? ExpectedFrom { get; set; }
+
     public Guid? ParentTaskId { get; set; }
     public WorkTask? ParentTask { get; set; }
     public ICollection<WorkTask> ChildTasks { get; set; } = new List<WorkTask>();