feat: super admin promote/demote endpoint + admin panel UI

Fix require_engineer_or_admin missing "admin" account_role, add
PUT /admin/users/{id}/super-admin endpoint with audit logging,
and promote/demote button with confirmation modal on UserDetailPage.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend/app/api/deps.py

@@ -133,7 +133,7 @@ async def require_engineer_or_admin(
     """Require engineer, account owner, or super admin role (blocks viewers)."""
     if current_user.is_super_admin:
         return current_user
-    if current_user.account_role in ("owner", "engineer"):
+    if current_user.account_role in ("owner", "admin", "engineer"):
         return current_user
     raise HTTPException(
         status_code=status.HTTP_403_FORBIDDEN,