fix: pre-landing review fixes — company_id filter and CW condition injection

- Apply company_id filter in CW search_tickets conditions (was silently ignored)
- Sanitize query string to strip single quotes before CW condition interpolation
- Add psaError state to TicketsPage for permissions error surfacing

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/app/services/psa/connectwise/provider.py

@@ -74,7 +74,9 @@ class ConnectWiseProvider(PSAProvider):
 
         conditions: list[str] = []
         if query:
-            conditions.append(f"summary contains '{query}'")
+            # Sanitize: strip single quotes to prevent CW condition injection
+            safe_query = query.replace("'", "")
+            conditions.append(f"summary contains '{safe_query}'")
         if filters.get("board_id"):
             conditions.append(f"board/id = {filters['board_id']}")
         if filters.get("status_id"):
@@ -89,6 +91,8 @@ class ConnectWiseProvider(PSAProvider):
         if board_ids:
             board_list = ", ".join(str(bid) for bid in board_ids)
             conditions.append(f"board/id in ({board_list})")
+        if filters.get("company_id"):
+            conditions.append(f"company/id = {int(filters['company_id'])}")
 
         condition_str = " and ".join(conditions) if conditions else ""
         if condition_str: